Big business is not immune from security breaches. In fact, they are favored targets as the pot of gold at the end of the rainbow may be significant. Certainly, taking over a small business network gives the bad actors a small win, but the yield typically does not bring gold. Think about it. If Jane Doe’s small business of making widgets is circumvented, it’s still a bad day, but the gold is rarely found as there is typically little to no gold to be found. Ransomware tactics usually bring gold in the open with large businesses, but it is likely not going to happen with Jane Doe’s small business. The likelihood of business closure becomes the damage; however, the bad actors go home nearly empty handed.
In big business, it is generally a phishing scheme that exposes the network where an employee receives a phishing attempt, responds, and further opens the doors to other nefarious actions. Other access methods include circumventing known hardware and software vulnerabilities that have not been patched. Below are a few recent cyber security breaches that have taken place and you may not have heard about it.
McLaren Health Care in Michigan recently had a bout with a cyber security incident. The ALPHV/BlackCat ransomware group breached the network and was setting up shop over the following month to plan their information heist. This group also posted its success on the dark web after not receiving the ransomware requested. Nearly 2.2M health care records were put up for sale as a complete data information list. This goes for big money on the dark web as other bad actors have all the information needed to launch many attack vectors against the individuals. Information obtained was:
- Names
- SSNs
- Diagnosis
- Birth Dates
- Physicians
- Medical cases
- Prescriptions
- And the list goes on
This kind of data breach generally means Medicare, Medicaid and identity theft are forth coming.
The State of Maine was also hit by a notorious group by the Russian linked CI0p ransomware gang via the MOVEit Transfer hack, which confirmed to expose roughly 40% of all Maine residents including some medical data. The software provider of MOVEit issued a Zero-Day Common Vulnerabilities and Exposure (CVE) in May and June of ’23. What was collected?
- Names
- SSNs
- Driver’s License Information
- Birth Dates
- Taxpayer IDs
The value on the dark web is $165 per record and that adds up to $88.1M in known dark web sales.
Lastly, even our perceived United States enemies are vulnerable. The Industrial and Commercial Bank of China (ICBC) was recently attacked, and it sent ripples across the world and further to the US Treasury market. Securities Trades had to be rerouted. Some trades worked, some did not. This attack is very recent and development on status is still ongoing at the time of this writing. Even China, who is very well locked down regarding data transfer in and out of the country, is susceptible. In all the big business cases above, the gold at the end of the rainbow was plentiful and further spurs more bad actor activities, perpetuating the already bad news into horrible news.
Circling back to small businesses – are you prepared? Can you recover from a malware or ransomware incident? Will you close your doors for good or will you deny the bad actors their money and recover from backups and reimaging your computer systems? Its not rocket science nor is it difficult to have a recovery plan in place. Do you know what your first steps will be?
Contact ION Technology Group in Voorhees, NJ, for a consultation to determine if you are ready to recover from bad actor incidents. ION Technology Group has been helping businesses be more prepared through planning and recovery techniques that may save you from shutting your doors for good.