Tag: cyberattacks

  • In 2023 some of the biggest cyber-attacks were orchestrated with “low tech” methods

    In 2023 some of the biggest cyber-attacks were orchestrated with “low tech” methods

    Whether you’re “tech aware” or not, most of us know that the human element is one of the riskiest elements of our business when it comes to our data being compromised.

    2023 proved that in spades with many of the largest attacks of the year being orchestrated with “low tech” methods – whether that be social engineering as we saw with MGM or literally low tech as with the attack on Rockstar that was conducted with a cellphone, TV and an Amazon Firestick.

    Attacks such as the one on MGM are conducted with social engineering and the attacker doesn’t need to possess any particularly strong tech skills to pull an attack of that nature off. These attacks are usually accomplished through persistence – the attacker sometimes researches their target and reaches out to decision makers or those close to decision makers to try and gain access through Vishing, Phishing, and other methods (see our chart below for examples).

    They may also “bruteforce” their way in though not in the typical way you might think, compromised credentials are often found very cheaply on the web and many people use the same password for everything. The bad actor will again look for specific targets and then try to purchase credentials that will match their target.

    A common social engineering attack is orchestrated as follows:

    1. The attacker will research their target. This includes trying to figure out who is a decision maker or close to a decision maker. They may also look for details about you found on social media (such as family and friends names they can use to make their attack appear more legitimate).
    2. The attacker will reach out to the victim using what they have learned or try any credentials they’ve managed to find. They may pose as someone you trust and can even spoof that person’s email.
    3. They will use their access to infiltrate your systems or use your account to continue pursuing their target. They may not immediately make themselves known – many attacks are orchestrated over months or years to produce a bigger payout.
    4. Once they have successfully infiltrated your systems the attack may proceed in a variety of ways, whether that be trying to ransom back your compromised data or systems, threatening to release stolen data online if they don’t receive a payout, posing as you to your clients to expand their reach and more.
    5. The attack only ends when you can successfully remediate/remove their access.

    This attack is the end game for many attackers but not all attacks have this level of energy put towards them, phone scams and simple email phishing scams can look to steal your credit card or banking info for a quick payout and these sorts of attacks are conducted en masse often by attackers located overseas. Scams like these are still a variety of social engineering and quite effective – and again any data they manage to get in the process can also be sold on the dark web allowing these attackers to “double dip” on the profits they receive from their nefarious efforts.

    As we mentioned above many attackers are not conducted on a quick timeline, attackers know they can receive a bigger payout the more enmeshed they are in with the victim’s systems and data. Your system could be compromised right now, and you may not even know it.

    Data loss remediation and protection is just two of the cyber security offerings Valley Techlogic provides to help us protect our clients from social engineering and other cyber based attacks. Reach out today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • College shuttered after 157 years due to ransomware attack

    College shuttered after 157 years due to ransomware attack

    While ransomware wasn’t the only thing behind the decision to close Lincoln College, located in rural Illinois and established in 1865, it was the final blow after taking substantial financial losses due to the COVID-19 pandemic.

    The school, which had survived through the Spanish Flu, the Great Depression, two world wars and even a fire in 1912 will close its doors for good on May 13th, 2022.

    The ransomware attack which occurred in December 2021 crippled their recruiting and fundraising efforts for two months, not being resolved until March 2022 as a statement on the school’s website reads.

    “Furthermore, Lincoln College was a victim of a cyberattack in December 2021 that thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections. All systems required for recruitment, retention, and fundraising efforts were inoperable.

    Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester.”

    The school made attempts to avoid the closure, but the efforts came too late, and we’re sorry to say they’re far from unique in being a school that was targeted by a cyberattack. According to this report over 1043 schools suffered ransomware attacks in 2021.

    Cyber criminals don’t think twice when targeting schools, hospitals, and infrastructure that’s needed by the community. We reported on the on Colonial Pipeline hack that created a major disruption at gas stations across eastern US last May.

    Schools and hospitals are appealing targets because investing in cyber security measures is not generally a priority and they often store large amounts of PII (Personal Identifying Information) in their systems.

    Many senators have taken note of this and have called on the Department of Homeland Security to instate measures that would bolster the security of our schools, especially K-12.

    A ransomware payment isn’t the only thing attackers stand to gain when they successfully infiltrate a network, here’s a chart with the way hackers “double dip” from during their attacks:

    Hacker Motivations Infographic

    In the end Lincoln College did choose to pay the ransom to gain control of their systems again, but it sadly made no difference in saving the college.

    60% of businesses close within 6 months following a ransomware attack, and only half businesses have a cyber response plan available to quickly respond to an attack. The slow response time will only add insult to injury as you try to get back on your feet and as we’ve seen in this case, it can be fatal to your business.

    Valley Techlogic can help you not only have a contingency plan in place, but also help you enact cyber security measures in your business that will prevent an attack from occurring in the first place. Learn more today through a quick consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.