Breaking NewsVulnerabilities

Key Findings: GTIC – Monthly Intelligence Report

A new report published this month by NTT’s Global Threat Intelligence Center (GTIC) is shedding new light on the Colonial pipeline ransomware attack, dives into President Biden’s Executive Order on cybersecurity signed by President Biden and more.

Here’s a recap of the report’s key findings:

Pipeline Ransomware Attack
In May of this year, Colonial Pipeline experienced a ransomware attack and responded by shutting down their pipeline operating inside their operational technology (OT) network, resulting in a public panic driven by speculation on possible fuel shortages and increased gas prices at pumps across the greater east coast. OT networks that are actively under attack, or in a state of significant vulnerability, can lead to extended downtimes for the pipeline, potentially taking months to recover.

Attacks against systems that run critical pieces of the nation’s infrastructure—like the Colonial Pipeline ransomware attack claimed by the DarkSide group— are on the rise, with no signs of slowing down. To adapt, organizations with OT assets need to prioritize updating their systems and take a more holistic approach towards their security.

Read the GTIC report for details on the Colonial Pipeline attack.

Remote Learning Vulnerabilities
Ransomware attacks on educational institutions have also seen a significant increase in the wake of the shift to remote learning during the COVID-19 pandemic. In 2020, education was the fifth-most targeted industry for cyberattacks—an increase of nearly 400% compared to the previous year. These ransomware attacks, in addition to breaching vulnerable system data, have even forced some schools to pay enormous ransoms or cancel their remote learning programs altogether.

Interestingly, the report points out that 72% of all malware incidents within the education sector are (allegedly) executed by cryptocurrency miners; possibly students looking to amplify their mining efforts by tapping into their school’s powerful network.

Recent Cybersecurity Advisory assessments have revealed that the education sector’s digital infrastructure ranks lower on the cybersecurity maturity scale than a handful of other industries, including finance and technology. Last year, the FBI issued a warning about the increase in ransomware attacks to organizations using remote desktop protocol (RDP) systems and urged them to be vigilant with their security practices, including updating and patching IT resources, encrypting stored data, and offering employees support and education on cyberthreat intelligence best practices.

For more educational information, cybersecurity breaches read the GTIC report.

Improving the Nation’s Cybersecurity

“Many breaches – across all industries – occur due to failure to comply with, at a minimum, good security practices.”
—Danika Blessman, Senior Threat Intelligence Analyst.

On the 12th of May 2021, President Biden signed an Executive Order to commit Federal resources to address “persistent and increasingly sophisticated malicious cyber campaigns” against cyberattacks on the nation’s infrastructure. The EO’s highlights include removing barriers for sharing information across the public and private sectors, modernizing the government’s cybersecurity standards, enhancing supply chain security, improving remediation capabilities and more.

Get the GTIC report to read the new EO on national cybersecurity.

For continued readings on threat reports, visit https://www.whitehatsec.com/resources-category/threat-reports/ today to download your copy.