A recent study from telecommunications company Telus, has revealed that not every company that pays a ransom gets their data back. In fact, the study indicates that under half of the companies that reported paying ransoms actually got their data back.
The study also noted that 67 percent of respondents said their company had been hit by ransomware. Of those, 44 percent said their organization had paid a ransom. But much less than half – only 42 percent of the companies who paid – got full access to their data. While some reported that they got ‘partial’ access to their data, 7 percent who paid said they did not get any of their data back.
The study includes a number of other findings and can be downloaded at telus.com/RansomwareStudy
Sourced from an article on ITWorldCanada.com
Companies in US and Canada are warned of possible Russian cyberattacks
U.S. President Joe Biden warned American infrastructure providers including financial and energy companies that the Russian government is “exploring options for potential cyberattacks.”
The government is recommending things firms should do. The list includes some essential steps, including the use of multi-factor authentication, ensuring data is backed up off-line, and encrypting your data.
Further recommendations include training your employees to recognize the common tactics attackers will use, and encouraging them to report any new or suspicious behaviour on their computers or phones.
A complete list of tips is provided in the fact sheet issued by the White House.
Sourced from an article in ITWorldCanada which has links to Canadian guidance on cybersecurity.
Security firm says “they should have moved faster” to disclose breach of client data.
Chief security officer for Okta – a security software vendor – has admitted that they should have moved more quickly to inform customers about an attack by the Lapsus$ extortion gang.
The attackers were able to compromise the computer of a contract employee working as a support engineer. Fortunately, the attacker was detected when they tried to set up a multi-factor authentication account.
The company maintained that the attacker never gained access to the Okta service platform and only 366 accounts were possibly accessed. The company also noted that they will notify the affected customers.
Lapsus$ has gained a lot of attention as it also has recently reported attacks on Microsoft and Nvidia. They are a new and unusual group. So far, they don’t encrypt data but steal it and hold it for ransom, threatening to release the data if their demands are not met. The demands can also be unusual, including demanding that Nvidia remove restrictions that impede crypto-currency miners.
Sourced from an article in ITWorldCanada with additional sourcing from Bleeping Computer