Cyberthreat update from Acronis CPOCs: Week of October 19, 2020

Cyberthreat update from Acronis CPOCs: Week of October 19, 2020

Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats.

Part of this work includes video updates to inform you of modern hazards in the digital landscape — such as emerging cyberthreat patterns and topical events that can impact your data security. Here’s a look at some of the most recent breaking news and analyses:

SunCrypt ransomware gang adds DDoS to threat tactics

A new tactic for extorting money from victims has been observed recently from the SunCrypt ransomware group.

When attempts at negotiating a $100,000 ransom stalled, the group leveraged a distributed denial of service (DDoS) attack to intensify the situation. The attackers repeatedly overwhelmed the small business’ network with more traffic than it could accommodate, making the victim’s services unavailable and ultimately coercing them to pay up.

We continue to see a trend of escalations in cyberattacks — data is no longer simply encrypted, but increasingly also exfiltrated and leaked publicly if ransoms are not paid. Now, DDoS attacks are amplifying the pressure on victims. Acronis Cyber Protect, with its advanced behavioral heuristics, helps you avoid attacks like this by stopping both known and unknown ransomware variants in their tracks.

Thousands of DNC volunteers targeted in Emotet attack

A spear-phishing campaign associated with the threat actors behind the Emotet trojan has targeted hundreds of U.S. organizations, under the guise of the Democratic National Committee (DNC) attempting to recruit volunteers.

Spear phishing campaigns use emails tailored specifically to their target victims, in an effort to ensure that the message is read and interacted with. As the U.S. election draws near, political messaging is becoming more common in these operations. Thousands of emails with Emotet-infected Word documents attached are reported to have been sent in this particular campaign.

Spear phishing attacks can be tough to guard against, because the content often appears legitimate and is specifically intended to grab the victims’ interest. Still, Acronis Cyber Protect blocks Emotet and other malware attachments through its multi-layered detection systems, preventing the threat from executing and downloading further payloads to your systems.

Fortune 500 insurance firm Gallagher takes systems offline after ransomware attack

Fortune 500 insurance broker Gallagher — a global firm with over 30,000 employees across 150 countries — was the victim of a ransomware attack earlier this month. As a precaution, Gallagher pulled most of their services temporarily offline.

Unconfirmed reports from independent researchers suggest that the attackers may have exploited a known vulnerability in an unpatched F5 BIG-IP server. It’s not yet clear whether sensitive data was exfiltrated from Gallagher’s systems — though with over 20 ransomware groups now known to steal data, the likelihood is reasonably high.

Insurance firms are high-value targets for data theft, due to the considerable amount of sensitive financial information they possess about large numbers of clients. Acronis Cyber Protect blocks ransomware attacks before they can cause harm, ensuring that your data is protected and that costly service downtime is avoided.

Ensure your digital protection during this year’s Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month, with each week having a theme to help provide guidance in securing the digital world. Weeks One and Two go hand-in-hand, with the themes of If You Connect It, Protect It and Securing Devices at Home and Work, respectively.

One reason for cybersecurity’s importance is the cost of data breaches. IBM’s 2020 Cost of a Data Breach Report shows that these events can exceed $8.5 million in damages, and may take an average of 280 days to identify and contain. Of the breaches studied, around 80% included personally-identifiable information (PII) of customers in the stolen records, and over half of breaches were caused by malicious cyberattacks.

Cybercrime often follows current events, as pointed out by Microsoft’s Digital Defense Report. This year has seen a large number of phishing and malspam campaigns revolving around COVID-19. Acronis Cyber Protect warns you of current threats with Smart Alerts, blocks known malicious URLs with URL filtering capabilities, and uses multiple advanced detection engines to protect your systems from ransomware and other malware variants.

2020 hurricane season nears record number of storms

2020 is already one of the busiest storm seasons on record, with only two more named storms needed in the Atlantic to tie the 2005 season. Meteorologists recently put the Gulf Coast of the United States on high alert as multiple tropical storms graduated to hurricane status and battered Cuba and the Yucatán Peninsula of Mexico before making landfall in Louisiana.

Among their many other damages, hurricanes and other natural disasters can lead to power disruptions or floods that impact data centers. This, in turn, has the potential to cause data loss and business continuity interruptions for huge numbers of organizations.

Acronis Cyber Protect makes disaster recovery as painless as possible, by providing Smart Alerts in advance of dangerous weather events, along with simple cloud-based backups and integrated disaster recovery options for your data.

# # #

For the latest reports on emerging cyberthreats from Acronis’ cyber protection experts, subscribe to the Acronis YouTube channel and receive our CPOC updates as they’re posted.