Components of DOT Security’s Services
Explore each of the core elements that combine to form DOT Security’s complete offering
See how it all comes together
DOT Security’s holistic service- A plan to get back up and running if a problem occurs
- Comply with data security laws and industry regulations
- Expert planning and training to improve overall security
- Protection for a controlled internal environment
- Coverage for individual systems and devices
- Control who can get into your networks
- Improved insight into data and communications
- Extra fortification for your most sensitive data
Risk Assessment
InsightsCybersecurity insights and analyses
Dive into the world of modern cybersecurity with explanations, predictions, and expert opinions
Find blogs, infographics, videos, and more
DOT Security insights- Definitions for industry terms and acronyms
- The complete beginner’s guide to everything cybersecurity
Cybersecurity Consulting
Cybersecurity News: April 2023
April 25, 2023
5 Minutes
Organizations and individuals in different sectors were affected by numerous cyberattacks in April of 2023.
Discarded routers with sensitive data, a taxes e-filing site hacked, cybercrime targeting healthcare insurance providers, and more were some of the top headlines this month.
Read more about them below, as well as some recommendations on how to avoid these cyber threats.
Sign up for our newsletter!
If you’d first like to learn about the different factors affecting an organization’s cybersecurity, download The State of Cybersecurity for Small Businesses eBook.
Sensitive Company Information Found on Discarded Routers
When your organization disposes of hardware such as hard drives or routers, do you ensure all data is wiped out of them?
Discarded routers were found to contain sensitive company information in an analysis performed by cybersecurity firm ESET. The firm analyzed 18 used routers and discovered that only five had been wiped of all critical data.
Some of the information stored in the routers—which previously was accessible to authorized personnel only—included:
- VPN credentials
- Customer data
- Data allowing third-party connection into the network
- Information to access cloud applications
- Data to identify the previous owner or operator
“Impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.” - How I (could’ve) stolen your corporate secrets for $100, ESET
ESET also discovered that multiple devices had been decommissioned for clients by a managed IT provider. In this cases, the victim organizations were not made aware that by their IT provider that routers containing sensitive information had been exposed.
If your organization partners with an MSP, inquiring about their cybersecurity precautions should be a priority. Even if your own company has high cybersecurity standards, partners who have access to your data may not always do so.
Tax E-Filing Site Serves Malware
eFile.com, an IRS-authorized web application that allows users to submit their taxes electronically, suffered a cyberattack, BleepingComputer reports.
At first, cybercriminals hacked the site and had its homepage show an error message. Later, eFile.com was altered to serve malicious code that would attempt to load malware into victim devices.
Researchers noted that the malicious file, named popper.js, was being loaded by almost every page of eFile.com. Several users had posted about the hack on social media site Reddit.
“Pretty alarming stuff, hopefully it's just the website that's compromised and not the underlying user data,” one Reddit user said, discussing the error message appearing in on the home page of eFile.com.
Additionally, a backdoor malware payload discovered by Bleeping Computer in the malicious code inserted into eFile.com would allow threat actors to remotely access infected devices, giving them initial access to a corporate network.
Although the malware was removed, it remains unclear if it successfully infected any eFile.com visitors and customers. To prevent attacks in their web applications and portals, organizations can consult with a cybersecurity provider who will add layers of protection for each of the layers within your network.
Related Blog: 5 Qualities of a Reliable Cybersecurity Company
Ransomware Attack Targets Health Insurance Companies
Customers of two major health insurance companies in Massachusetts received a warning from their providers alerting them of a ransomware attack affecting their systems.
Point32Health—a merger of Harvard Pilgrim Health Care and Tufts Health Plan—told its members that attacked systems served customers, accounts, brokers, and providers.
They also reported having disconnected parts of their network to contain the cyberattack as much as possible, in order to reassure their customers. The insurance companies reached out to law enforcement and cybersecurity professionals to investigate the attack.
While Point32Health reassured its members that they would be informed were any sensitive data released illegally, the provider has most likely lost its customers’ trust due to this cyberattack.
Healthcare organizations, which are under strict customer data regulations such as HIPAA, need a complex cybersecurity strategy to protect all sensitive data.
Private patient information is very valuable to cybercriminals, which means they often target health providers and insurance companies.
Related Blog: What are the Consequences of a HIPAA Violation?
Nintendo Sues Bowser, Hacker Group PR Manager
A member of hacker gang Xecuter—known for stealing video game companies’ proprietary codes to create illegal mod chips and for selling hacking tools for profit—will likely have to pay Nintendo fines for the rest of his life.
Gary Bowser, Xecuter member, was sentenced to 40 months in prison and fined $4.5million. Bowser pleaded guilty to two of the 11 charges against him, including plans to commit money laundering.
In a podcast interview conducted while he was awaiting release from prison, Bowser claimed he was not a leader of the Xecuter organization, but its marketing and PR manager.
Bowser has agreed to pay Nintendo 25% to 30% of his salary to pay his fines, which means the payments will last for many years.
Online users have debated the severity of Bowser’s sentence. However, Nintendo has historically dealt harshly with hackers and copyright violators.
Investors’ Crypto Wallets Targeted
The last cybersecurity incident we will discuss in this blog concerns cryptocurrency investments. A $10 million hack targeting sophisticated crypto users left top security experts baffled.
The reason why cybersecurity professionals are confused by this attack is that they are still uncertain of its nature. The victim crypto users used “reasonably secure” methods of protecting their accounts. Therefore, easily avoidable attacks such as phishing were not the gateway into their accounts.
Investigations suggest that the investors’ private keys used to secure their crypto wallets were compromised at some point.
Taylor Monahan, former CEO and founder MyCrypto, an Ethereum wallet manager, tells investors to regularly check the security of their wallets and to not secure them under one single key.
Bottom Line
Prevention and a layered cybersecurity approach are the best weapons against cyberattacks. Partnering with a cybersecurity provider with experience can help organizations minimize the risk of such attacks and breaches.
For individuals, regularly changing their passwords, using passphrases to secure accounts, and continuously managing their security should be a priority.
To discover cybersecurity trends affecting organizations, download The State of Cybersecurity for Small Businesses eBook.