While ransomware activity and systemic third-party risk have garnered Cyber headlines in recent years, the use of pixel tracking technology embedded within an organization’s website is a more recent Cyber trend effecting organizations. Contrary to the former threats, which are often carried out by threat actor groups, pixel related matters stem from data privacy allegations brought by the plaintiffs’ bar. A recent Advisen article summarizes the subject well, providing an overview of the risk, legal implications and includes measures organizations can implement to mitigate their exposure.
To date, these circumstances have been largely focused on the healthcare sector, primarily impacting hospitals and health systems. However, it’s only a matter of time before these trends cross into other industry segments, as evidenced within the allegations recently made against Costco.
In this article, Artic Wolf discusses the ransomware landscape seen in the first half of 2023. According to Artic Wolfs Incident dark web data collection report, Lockpit, a ransomware attack group, had the top postings in the threat actors’ group, showing an increase over 17% compared last year. Coming close behind is C10p, the threat actor group behind the large MOVEit Transfer exploitations. Threat actor groups maintain web shame sites as major tools to negotiate ransoms and to leak victim’s data as punishment for not paying. Artic Wolf states the median ransom demand across all ransomware incidents responded to in the first half of the year was $600,000 (USD), which is an increase of 43%, compared to last year. English–speaking countries (US, UK, and Canada) account for the top three victim countries.
Third-Party Vendor Risk
Over the years, this newsletter has reviewed the risks associated with the connectivity and reliance upon third party vendors. As connectivity and dependence have increased, so, too, have the exposures to third party risk. An alarming report was recently released by Zywave, focusing on the claims trends across the Education sector. Reviewing their loss data from 2009-2023, Zywave reports that over 50% of Cyber losses impacting the sector have originated from a third-party vendor, rather than a direct attack on the institution. These trends are significant and exemplify why it is so critical for all organizations to properly vet third party vendors.
Largest DDoS Attack in History
As outlined in a recent Business Insurance post, in late August, Google, Amazon, and Cloudflare internet companies experienced the internet’s largest-known denial of service attack. This type of attack “works by overwhelming targeting services with a firehose of bogus requests for data, making it impossible for legitimate web traffic to get through.” The attacks were enabled in a weakness in HTTP/2. HTTP/2 is a newer version of the HTTP network protocol. If this type of attack is not successfully countered, depending on how they are aimed, they can cause widespread disruption. In a Security Week article, Google warned that “any enterprise or individual that is serving an HTTP-based workload to the Internet may be at risk from this attack.” Google recommends that “organizations should verify that any servers they run that support HTTP/2 are not vulnerable or apply vendor patches for CVE-2023-44487 to limit impact from this attack vector.”
As we continue to see various insurance companies address catastrophic exposures in their Cyber policy wording, this is a circumstance that should be monitored closely.
To subscribe to the Cyber News Bytes newsletter, please click here.