Enterprises vulnerable to third-party vendor data breaches

In today’s digitized operating environment, a business is only as good as its cyber defenses.

And with Change healthcare allegedly facing a a new ransomware attack after the previous one massive breach in February, while A year notified its customers on Friday (April 12) that 591,000 accounts were affected two separate cyber attackssecuring their cyber perimeters and locking down vulnerable attack vectors is increasingly important to modern businesses.

How the US government announced that a past data breaches at Microsoft “poses a serious and unacceptable risk” to an undisclosed number of federal agencies.

Per year emergency directive issued by the US Cybersecurity and Infrastructure Security Agency (CISA), “A threat actor uses information originally exfiltrated from corporate email systems, including authentication details shared between Microsoft and Microsoft customers via email, to gain or attempt to gain additional access . to Microsoft customer systems … and increased the volume of some aspects of the breach campaign, such as password spraying, by up to 10 times.”

CISA directed all affected federal agencies and those whose authentication processes were potentially compromised to identify the full content of the agency’s correspondence with compromised Microsoft accounts and conduct a cybersecurity impact analysis that includes immediate corrective actions for tokens, passwords, API keys, or other authentication data ; as well as resetting credentials in associated applications and deactivating those associated applications.

After all, as the Microsoft incident shows, an organization’s cyber defenses extend far beyond its own firewalls. Attack vectors in today’s landscape are increasingly compromised by penetration across B2B sellers and third partiesmaking supply chain cyber risk mitigation a must for modern businesses.

Read more: Attack Vectors 2024: Scaling Effective Cyber ​​Hygiene Across Your Business

A proactive defense strategy for today’s enterprise threat landscape

Cyberattacks targeting businesses are constantly evolving, so it’s critical for organizations to stay on top of the latest risks in the threat landscape. In a password spraying attack, such as those from the Microsoft breach, bad actors deploy a list of previously stolen passwords or attempt to use certain commonly used passwords to gain unauthorized access to multiple accounts.

Unlike traditional brute-force attacks, where cybercriminals try multiple passwords for a single account, password spraying involves trying multiple passwords across many accounts to reduce the risk of triggering an account lockout or detection by security systems.

In a credential stuffing attack like the one suffered by Roku, bad actors use previously stolen username and password combinations to gain unauthorized access to user accounts on various online services. Cybercriminals typically obtain these credentials from data breaches on other websites and then try them on several other platforms, taking advantage of users’ tendency to reuse passwords across different accounts.

They have initiations repeatedly said PYMNTS that modern technologies like artificial intelligence (AI) could increase abilities bad actors by providing turnkey and scalable cyber tools, including AI-generated voice clones and other techniques that can be used for nefarious purposes.

“We always have. social engineering attacksbut with the advent of artificial intelligence, it’s much easier to create a bot that can have a credible conversation with a victim while convincing many victims to share their credentials, transfer money, and do other things they wouldn’t normally do. do,” Maciej Pituchavice president of product and data at Mangopaysaid PYMNTS.

Cyber ​​tactics such as phishing attacks, which can be highly targeted (spear phishing) or broad based (mass phishing), often use psychological manipulation techniques to increase the likelihood of success.

And ransomware attacks like those suffered by Change Healthcare can have devastating consequences for businesses, leading to data loss, financial damage and operational disruption.

With these kinds of threats in mind, the bilateral “Ransomware and the Financial Stability Act” was reintroduced last week by House Financial Services Committee Chairman Patrick McHenry (RN.C.) and Rep. Brittany Pettersen (D-Colo.)

On Tuesday (April 16), the House Financial Services Committee will hold a hearing titled “Hold for Ransom: How Ransomware Threatens Our Financial System,” which aims to help policymakers understand the growing cyber threat landscape as well as inform policy development to mitigate and prevent attacks.

See also: Cybercriminals are breaking into corporate inboxes: What small businesses can do

To mitigate the risk of cyber attacks, businesses should consider approaches such as implementing robust security measures, including regular software updates and patches, training employees on cybersecurity best practices, incorporating multi-factor authentication as well as encrypting sensitive data, and integrating the use of advanced threat detection and prevention technologies.

“The fraud industry is moving to real-time learning because fraudsters are now in real-time. In cyberspace you have something called a zero-day attack, which basically means you will be attacked on day zero, and you’ll be attacked before you know what the solution is. Because the bad actors are way ahead of you,” Simon SteinmetzCFO for Risk Assessment and Fraud Prevention Solutions Vestsaid PYMNTS.

PYMNTS Intelligence found that 82% of e-commerce merchants withstood cyber or data breaches in the last year. 47 percent say breaches have resulted in both lost revenue and lost customers.

“Tea No. 1 thing which I would start with is good cyber hygiene,” Rosa Ramos-KwokCEO and Business Information Security Manager for Commercial Banking at the company JP Morganhe told PYMNTS in a December interview.

Leave a Comment