Components of DOT Security’s Services
Explore each of the core elements that combine to form DOT Security’s complete offering
See how it all comes together
DOT Security’s holistic service- A plan to get back up and running if a problem occurs
- Comply with data security laws and industry regulations
- Expert planning and training to improve overall security
- Protection for a controlled internal environment
- Coverage for individual systems and devices
- Control who can get into your networks
- Improved insight into data and communications
- Extra fortification for your most sensitive data
Risk Assessment
InsightsCybersecurity insights and analyses
Dive into the world of modern cybersecurity with explanations, predictions, and expert opinions
Find blogs, infographics, videos, and more
DOT Security insights- Definitions for industry terms and acronyms
- The complete beginner’s guide to everything cybersecurity
Cybersecurity Consulting
Cybersecurity News, Trends, and Tips: May 2023
May 30, 2023
5 minute read
May was the month of ransomware with huge attacks impacting large companies like DISH, Luxottica, and even the city government of Dallas, Texas.
Below are those stories as well as a few others to recap all the cybersecurity-related happenings around the country in May 2023.
Sign up for our newsletter!
Taking precautions now and setting up a strong cybersecurity posture for your organization can help you avoid becoming the victim of a large-scale cyberattack. Find out what your company needs to stay protected using our checklist, How Covered is Your Business?.
Cybersecurity News Headlines for May 2023
-
Chinese authorities have banned US-based microchip manufacturer Micron's products from being used in critical infrastructure products, citing cybersecurity concerns.
-
5.8 million patients of pharmacy services provider PharMerica had their medical records exposed by a group of ransomware attackers.
-
Eyewear company Luxottica (owner of Ray-Ban, Oakley, Chanel, Prada, Versace, and other high-end brands) confirmed that it had suffered a data breach in 2021 which exposed the personal data of nearly 70 million customers.
Top Cybersecurity News Stories from May 2023
Ransomware Attack Tumbles DISH Stock Price; Causes Multiple Lawsuits
In late February, DISH Network (a satellite television provider) was the victim of a ransomware attack that caused a multi-day network outage, including affecting DISH’s internal communication, customer service centers, and company website.
The attack impacted nearly 300,000 people, resulting in the leaking of personal information. The attack began on February 23rd when the company realized the attack had already compromised their internal servers and IT systems.
They were able to shut things down and notify law enforcement (and cybersecurity experts) quickly enough to limit the damage, but the attackers were already able to access the personal information of 300,000 employees and former employees.
The result of the attack for company was multiple lawsuits on behalf of those whose information was stolen, a steep drop in stock price (tumbling down to around $6, down from the 2023 high of just over $15), plus additional lawsuits from shareholders to recover losses occurred thanks to DISH’s “deficient” cybersecurity and IT Infrastructure.
Additionally, it was found that DISH potentially decided to pay the ransom demanded by the cybercriminals due to it announcing that it had confirmation that the stolen data had been deleted.
Related Blog: What to Know About Ransomware Protection and Recovery
GDPR Violation Leads to $1.3 Billion Fine for Meta
Meta was fined $1.3 billion for transferring EU user data to the US after data security experts argued that the framework for transferring the data didn’t protect Europeans from US surveillance. The Irish Data Protection Commission oversees Meta’s EU operations and alleged that Meta didn’t follow the General Data Protection Regulation (GDPR)regulations when transferring the data.
The reason that EU data can’t be transferred to the US is because in America data protection regulations vary by state, which has been deemed not good enough to protect the EU’s data. Article 46(1) (which Meta is accused of violating) of the GDPR forbids transfers of data to countries that lack adequate safeguards.
Critical Infrastructure Security Spending to Rise by 83% by 2027
The threat against critical infrastructure is growing from cyberattacks, which has led to efforts to address it by growing cybersecurity spend in these key areas. In 2022, critical infrastructure providers spent $129 billion on security, by 2027 they’re estimated to spend 13% more and reach $236 billion in security spending.
Organizations in communications, information technology, finance, and defense make up 60% of that spending, the largest chunk by far.
Cybersecurity spending going upward is something Americans will have to get used to as the Biden administration continues to push critical infrastructure industries to adopt more advanced cybersecurity protocols which will require higher security budgets as time goes on.
Related Blog: 5 Examples of Cyberattacks on Critical Infrastructure
Dallas Courts Shut Down Due to Ransomware Attack
On May 3rd, the City of Dallas announced that it had become a victim of a ransomware attack, though no data had yet to be leaked. Now, in late May, the Royal Ransomware Group’s attack on Dallas is escalating as the group threatens to start leaking data.
Dallas admitted that certain systems have been compromised—including criminal records, medical information, court cases, and government documents—causing them to shut down services to attempt to stop the spread of the attack. The city’s court system has had to cancel all hearings, trials, and jury duty assignments until further notice due to its inability to access certain systems.
The Royal Ransomware Group is now threatening to release more information, indicating that it would be releasing information soon if the ransom is not paid. This threat is still ongoing.
In Conclusion
Cyberattacks are more prevalent and dangerous than ever. If the world’s largest eyewear manufacturer or the government of one of America’s largest cities are not immune to attacks, then nobody is. This is especially true for organizations that lack any kind of cybersecurity foundation.
See what you need to protect yourself from ransomware and other large-scale attacks. Download our checklist, How Covered is Your Business?, right now.