As September comes to an end, many companies and organizations are returning to full speed after the summer. However, it’s clear that malicious actors and hackers never took any time off, as there have been a variety of developments in the cybersecurity landscape this past month. From one of the largest hotel and casino chains in the world being targeted alongside a public school district, to a dangerous vulnerability discovered in an extremely common internet browser, September has shown that the need for proper cybersecurity measures never decreases. Here are a few of the most important cybersecurity events that have occurred over the last month.
Hackers Target MGM Resorts
Earlier this month MGM, which owns some of America’s most notable casinos and hotels, has been the target of a large-scale ransomware attack by the ALPHV hacker group. Due to the security breach, guests were forced to wait hours to check in, electronic payments were crippled, digital key cards no longer worked, slot machines were down, and ATMs went offline. All critical functions for a hotel or casino to maintain an enjoyable experience for the guests. MGM has declined to comment on the attack after being questioned by multiple news outlets, leaving only speculation for the financial damage they suffered. However, there will certainly be a hit to their reputation as the attack was successfully executed after only a ten-minute-long phone call with their help desk. ALPHV used social engineering to identify on LinkedIn an MGM employee who worked in IT support and used this publicly available information to gain credentials necessary to infiltrate their internal systems. ALPHV is a well-known black hat actor in the cybersecurity industry, and the FBI has noted that they may have compromised at least 60 entities worldwide. While MGM will almost certainly recover from this breach, small to medium-sized businesses targeted by cybercriminals may not be so lucky, showing the necessity of security awareness training and for these organizations.
Security Breach Affects Chrome, Firefox, and Edge
A recent security flaw has been exposed to affect some of the most common internet browsers, including Google Chrome, Mozilla Firefox, and Microsoft Edge. The vulnerability, which is being tracked as CVE-2023-4863, is caused by a heap buffer overflow in the WebP code library (libwebp) and can lead to your system crashing or arbitrary code execution when exploited. A heap buffer overflow allows an attacker to flood an area of a system’s memory with malicious activity, in turn allowing them to take control of a device, obtain data, or spread malware. It should also be noted that the flaw has effected more than just browsers as has since put out a patch that also addresses the same security flaw, and failure to update could result in either damage being done to your machine or even the loss of personal data. Security flaws like this are always being discovered, so it’s crucial to stay on top of the latest updates to your devices as soon as possible to prevent hackers from exploiting any vulnerabilities and attacking your data.
Schools Need Cybersecurity
Earlier this year, the Minneapolis Public Schools district was the target of a large-scale ransomware attack that led to thousands of confidential documents being dumped online. The contents of these documents included student mental health records, sexual assault incidents, suspensions and truancy reports, child abuse allegations, and special education plans. Unfortunately, this is not an isolated incident as cyberattacks have become a growing threat to school districts across the nation in recent years. Schools often do not have the same level of cybersecurity and threat prevention plans as larger organizations such as banks or businesses, leaving them prime targets for malicious actors. School districts that have been hit by an attack have stated that they are now taking new safety precautions, such as the Atlanta Public School district now performing penetration testing to find blind spots in their networks. They have also backed up sensitive school data offsite, invested in cybersecurity insurance, and added on school devices. The Federal government has also stepped in and announced several new initiatives for school districts on how to tackle cyber threats, including what to do if they are hit by an attack. Cyber threats are not going away any time soon, so the need for proper training and preparation in vulnerable industries is crucial to maintaining smooth operations and online safety.
Contact SWK Today
Hackers will never skip an opportunity to discover new techniques and strategies to attack your data, so why should you? Knowledge is often half the battle, so make sure to contact SWK today to learn how to protect your network and maintain operations from our team of IT experts.