CyberHoot Newsletter – Volume XVI

Prevention Absent: Congress Cybersecurity Bill

Highly publicized ransomware breaches at Colonial Pipeline and JBS meats has congress seeking new federal legislation aimed at forcing government agencies, subcontractors, and suppliers to report breaches within 24 hours to DHS’s Cybersecurity and Infrastructure Security Agency (CISA). The claim is they need this data but CyberHoot believes the legislation needs prescriptions for prevention. Learn what you should be doing to protect yourself in this article.

FBI Recovers Colonial Bitcoin Payment

Colonial Pipeline halted operations in May due to a ransomware attack. They carry 45% of the fuel used on the U.S. East Coast and the shutdown lead to long lines at gas pumps. The hacking group named ‘Darkside’ carried out the attack. They exported 100GB of data and threatened to release it online to the public if a bitcoin ransom wasn’t paid. Colonial obliged and the rest was history until the FBI recovered ‘unrecoverable Bitcoin’ funds. Learn what may have happened to allow the FBI to recover 95% of the ransom.

JBS Pays Ransomware Despite Strong Backups

Initially, during the JBS Ransomware event, backups and a strong disaster recovery plan seemed responsible for a quick ransomware recovery story. However, CyberHoot later learned that JBS quickly paid an 11 million bitcoin ransom to avoid meat supply shortages. Andre Nogueira, Chief Executive of JBS stated, “It was very painful to pay the criminals, but we did the right thing for our customers”.

FBI: Watch Out For Fake Job Listings

The FBI released a statement in April 2021, warning of cybercriminals using fake job listings to target applicants’ Personally Identifiable Information (PII). In the COVID-19 era, over 16,000 people were reported to the FBI as scammed through fake job listings with losses totaling more than $59 million. Over 2,000 interview scams have been reported to the FBI in 2021 already! Read all about how to protect yourself from this scam on CyberHoot.

Decentralized Finance (DeFi) In A Nutshell

A phrase that is making waves in the financial world is Decentralized Finance or DeFi for short. DeFi uses cryptocurrency and blockchain technology to manage financial transactions outside the control of traditional financial institutions such as banks, brokerage firms, and government-run exchanges. DeFi aims to parallel traditional, centralized institutions (mediators), with direct peer-to-peer financial relationships for loans, mortgages, and asset trading. DeFi is upsetting traditional financial markets. Buckle your seatbelt as there will be turbulence ahead!

Pipeline Breach Prompts Texas To Require Cybersecurity Training

Following the Ransomware Attack on the Colonial Pipeline, Texas Governor Greg Abbott took action and announced that he was signing a new cybersecurity law that penalizes those who don’t comply with previously enacted cybersecurity training requirements (HB3834). The pipeline attack left 100GB of data ‘locked’ and caused the shutdown of the U.S.’ largest pipeline leading to gas station shortages not seen since the 70s.

What Was 2020’s Most Expensive Cyber Crime?

If you follow cybersecurity news headlines, you might worry only about ransomware attacks. However, there is always a new approach that catches the hacker community’s eye and is exploited to the detriment of Small and Medium businesses. In 2020, that threat was Business Email Compromise (BEC) that often led to Wire Transfer fraud and the loss of 10’s of thousands of dollars per incident (sometimes 100’s of thousands). But is it bigger than Ransomware? The answer depends on who you ask, but is likely no; read on to find out.

Customer Spotlight

"The CyberHoot team have been great to deal with from day one, always helpful and responsive. We have particularly appreciated the flexibility of the platform and, and Cyberhoots' willingness to work with us to find solutions to best suit our needs. The quality of the training material is excellent and well suited to our non-technical audience."

Gartner Reviews

Anonymous CEO

CyberHoot Press Release

Cybrary Term of the Month

Business Email Compromise (BEC)

Business Email Compromise (BEC) is when an email account, often in a company’s finance department, is broken into and controlled by a hacker. This is often accomplished through a phishing attack that leads to credential theft as outlined in CyberHoot’s article titled the ‘Domino Attack’. Credentials are stolen when a victim clicks on a fraudulent phishing email link or opens a fake invoice. Doing this brings the victim to a malicious but believable website identical to the real vendor’s website, that prompts the user to enter their email and password. BEC attacks often come from someone your CFO already knows, meaning the sending email address is actually correct and expected.