Recent data from the Ponemon Institute and DTEX found that 53% of companies find it impossible or very difficult to prevent an insider attack when data is being aggregated, a key indicator of intent of an attack.
The vast majority of security threats follow a pattern or sequence of activity leading up to an attack, and insider threats are no exception. To fully understand any insider incident, visibility into the entire kill chain of an attack is imperative to preventing the exfiltration of critical data.
Another Accellion breach victim has been named nine months after threat actors exploited zero-day vulnerabilities in the company’s File Transfer Application.
Beaumont Health has notified approximately 1500 patients that their personal data may have been compromised in the December attack on Accellion software.
Goodwin Procter LLP, which was hired by Beaumont to provide legal services, used Accellion’s File Transfer software to carry out large transfers on behalf of its clients. On February 5, Goodwin advised the healthcare provider that patient data may have been compromised.
External attackers can penetrate the corporate network in all of these organizations, and once inside, can obtain user credentials and complete control over the infrastructure in 100% of cases. In over two-thirds (69%) of these cases, external attackers can steal sensitive data from the organization, including information about partners, company employees and internal documentation.
The number of ransomware attacks surged by 288% between the first and second quarters of 2021 as double extortion attempts grew, according to the latest data from NCC Group.
Analyzing incidents dealt with by its own Research Intelligence and Fusion Team (RIFT) throughout 2021, the firm claimed nearly a quarter (22%) of data leaks in the second quarter came from the Conti group.
DuPage Medical Group (DMG) said that patient data could have been compromised when its computer network was hacked last month.
Patient information that may have been accessed by the hackers includes names, addresses, dates of birth, diagnosis codes, information on medical procedures, and treatment dates. For some patients, there is a chance that their Social Security number may also have been compromised.
NITAM is an annual, month-long campaign during September to educate government and industry about the risks posed by insider threats and the role of insider threat programs. Federal insider threat programs are composed of multi-disciplinary teams that address insider threats while protecting privacy and civil liberties of the workforce; maximizing organizational trust and ensuring positive work cultures that foster diversity and inclusion.