Each month, RCM&D’s Cyber Practice highlights key issues in the world of cybersecurity. In this month’s edition of Cyber News Bytes, we discuss a recent ransomware attack and the aftermath, T-Mobile’s recent data breach, updates to guidance regarding cyber resilience, and more.
Ransomware Update: Scripps Health Breach
San Diego-based Scripps Health is the latest organization to be hit by a large-scale ransomware attack. The breach disrupted IT systems and patient care for over a month, costing the organization $113 million in losses, including $91 million in lost revenue. The fallout from the attack is already being felt. Several class-action lawsuits have already been filed against the organization, and notification to regulators indicates that nearly 150,000 individuals’ personal and health information was compromised in the attack. As we continue to see the severe financial toll ransomware attacks have on all organizations, Scripps Health is, unfortunately, just another prime example of this.
T-Mobile Reeling From Massive Data Breach
T-Mobile, the third-largest U.S. wireless carrier, recently experienced a data breach in which the hacker claimed exposed the personal data of over 100 million customers. After investigating the breach, the company determined that the attack impacted approximately 53 million prospective, current and former accounts. The FCC has also opened an investigation into the breach. Some T-Mobile customers are also filing a suit for damages against the company. T-Mobile advises that they are confident there are no remaining risks to user data stemming from the attack. In a recent blog post, T-Mobile CEO Mike Sievert outlined what occurred, the results of T-Mobile’s internal investigation, and changes the company has made moving forward.
NIST Updates Guidelines for Creating Cyber-Resilient Systems
The National Institute of Standards and Technology (NIST), creator of several widely accepted cybersecurity frameworks, recently updated its guidance for building cyber-resilient systems. The update moves towards a zero-trust model and aims to prevent lateral movement by attackers within a network, which can ultimately lead to significantly more severe damage. The piece and subsequent NIST documentation show that cybersecurity is a moving, not stationary target.
You’ve Been Hacked: Now What?
For those that have not experienced a cyberattack, a recent piece from Risk & Insurance provides a valuable look into what the incident response process should look like. The “day-by-day” approach offers general insights into the different decision points companies are faced with and what concepts they should consider if they encounter an incident of their own. The piece shows how valuable the comprehensive incident response resources found within a cyber insurance policy are and urges companies to continually prepare and refine their individual incident response plan. As claims activity continues to rise, this type of guidance becomes increasingly more critical.
Help Wanted: Disgruntled Employees to Deploy Ransomware
Brian Krebs recently released a piece that exemplifies just how far cybersecurity risk can stretch. Amid “the great resignation,” where there appears to be significant tension within the employer/employee relationship, cybercriminals are looking to capitalize and engage with these disgruntled employees. This engagement aims to execute a cyberattack from the inside with the help of these employees against their employer. This is a concerning trend to monitor and further pushes the need for appropriate cybersecurity controls like access management and logging.
Questions?
RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond.