The Ivanti Threat Thursday Update for August 3, 2017: Hackers Hack Anti-Hackers
Greetings. This week’s news includes cybersecurity attacks on a leading cybersecurity company (not Ivanti, thankfully!) and “Game of Thrones.” Read on, and feel free to write with your opinions, tips, or suggestions. Thanks in advance.
Hackers Go After Cybersecurity Analysts
Hackers compromised the social media accounts and other online information belonging to an analyst at U.S. cybersecurity firm Mandiant. “An anonymous message posted online claimed that the analyst's passwords, billing address, Amazon account and LinkedIn profile had been compromised,” CNN reported. “The hackers also claimed to have accessed Mandiant's internal systems, but provided no evidence.” Officials at Mandiant confirmed the attack, and added that neither Mandiant nor its parent company FireEye found any evidence of infiltration of corporate systems.
“‘Let's go after everything they've got, let's go after their countries, let's trash their reputation in the field,’ the [hackers’ anonymous post] said of cybersecurity analysts. It called on other hackers to join its #LeakTheAnalyst operation.”
What We Say: Cybersecurity defense strategies must evolve continuously, because cybersecurity threats and attacks will continue to do so. As this successful attack on an analyst at a leading cybersecurity defense solution provider demonstrates, no person or company is immune. To maximize protection, your enterprise must pursue defense in depth – beginning with effective patch, application, device, and admin rights management. (See “Your Threats Are Evolving. Are Your Defenses?”)
The Lingering Effects of Successful Ransomware Attacks
On June 27, pharmaceuticals giant Merck fell victim to a cyberattack. As Dark Reading reported, while Merck has not confirmed any technical details publicly, “many security experts believe the company was among the many caught up in the NotPetya ransomware outbreak last month.” And as of Merck’s July 28 earnings report, “certain operations at Merck, continue to be impacted and the company still does not know the full magnitude of the disruption. Merck so far only been able to fully restore its packaging operations since the attack. Manufacturing and formulation operations are still only in the process of being restored…. Bulk product production, which was halted after the attack, has not yet resumed.”
“Merck is the second major organization in recent weeks to publicly disclose a major disruption after a ransomware attack. In June, automaker Honda disclosed that it had to shutter a manufacturing plant in Sayama Japan for a couple of days after WannaCry infected plant floor systems at the facility. Production on some 1,000 vehicles was disrupted as a result of the shutdown.”
What We Say: As ransomware and malware attacks become more sophisticated and challenging, the focus of many appears to be shifting away from extortion and toward business disruption. Your enterprise’s cybersecurity solutions and processes must not only be multi-layered, but must also strive to minimize business disruption and recovery times. (See “Petya and Weaponized Malware: Is Ransomware the New DDoS Attack?”)
HBO Hacked – “Game of Thrones” Script Leaked Online
Entertainment juggernaut HBO admitted that it was hacked, and that “proprietary information” was stolen. The network offered no more specifics, but not-yet-broadcast episodes of HBO series have found their way online, as has a script from an upcoming episode of Game of Thrones, according to The Independent.
The hackers appear to be more interested in generating attention than in extortion, according to a separate Independent article. “The [hackers] sent an email to reporters offering an interview to anyone who ‘spread the word’ about the cyber attack,” and claim to have stolen 1.5 terabytes of data from HBO.
“’Ever since the infamous attack on Sony Pictures [in 2014], there is evidently an appreciation on the part of hackers for stealing high value content such as movies (Pirates of the Caribbean) and TV shows (Orange is The New Black),’ said Richard Stiennon, chief strategy officer at Blancco Technology Group. ‘Final production videos are a class of information and the theft of such information poses extraordinary losses, if stolen.’”
What We Say: Where cybersecurity is concerned, your enterprise’s specific line of business matters less and less. Whether your company deals with entertainment content, personal or private customer information, or internal financial data, if it has value to your organization, hackers somewhere are interested in it. Effective protection of that data requires both multi-layered cybersecurity and modern service management. (See “Is GDPR More About PR Than Data Protection? Ivanti Chief Technologist EMEA Simon Townsend Responds.”)
Protect and Defend Your Enterprise with Ivanti
Ivanti offers effective solutions for patch management, and for control of user applications, devices, and admin rights. Ivanti solutions can also help you fight ransomware and other malware, and modernize IT service management.
Through September, combinations of select Ivanti cybersecurity solutions are available at discounts of up to 30 percent. Check out the offer details. And keep reading our Patch Tuesday and Threat Thursday updates, to keep abreast of the latest cybersecurity threats and your best responses to them.