Chris Krebs’ Firing by Trump Increases Risk of U.S. Cyberattacks

… brings cybersecurity into the media spotlight.

Untangle’s Heather Paunet

“We continue to see an increase in malicious attempts this year as cybercriminals continue to take advantage of businesses transitioning to working from home quickly, overloaded hospitals, or school districts implementing distance learning,” she said. “Bringing cybersecurity to the spotlight again today will hopefully keep it as a focus for all business and organization leaders.”

Vaccine Makers Targeted

Also in the news, COVID-19 vaccine makers are facing Russian and North Korean cyberattacks. Microsoft said it’s detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19.

Quentin Rhoads-Herrera is CriticalStart‘s director of professional services. He said cybercriminals are leveraging various methods. Those include phishing, externally exposed vulnerabilities, weak passwords or zero-day attacks.

The attacks could have wider implications if successful, he said. Attackers could successfully delay research, or alter or destroy sensitive data and information.

These companies should ensure their user passwords are complex, Rhoads-Herrera said. They should leverage multifactor authentication and patch their systems. Furthermore, they should consult with external security experts for either penetration testing or other security work to evaluate their standing.

Tablets, Smartphones a Threat

Hank Schless is senior product marketing manager at Lookout. He said tablets and smartphones now have access to corporate infrastructure and sensitive intellectual property (IP). While this increases efficiency, it also exposes these organizations to new risks.

“In our latest industry threat report, we found that 77% of mobile phishing attempts on pharmaceutical organizations through the third quarter of 2020 intended on delivering malware,” he said. “This is an indication that cyberattackers are looking for ways outside of credential harvesting to compromise pharmaceutical organizations.”

Nation states and cybercriminals are seeking pharmaceutical IP, Schless said. In 2020, cybersecurity authorities in the United States and the United Kingdom warned pharma companies of potential attacks related to COVID-19 research.

Out-of-date operating systems, mobile app threats and network threats consistently target employees in every part of an organization, he said.