Bitglass Security Spotlight: Microsoft Users Attacked via Phishing

Here are the top stories of recent weeks:  

• Thousands of Domains and Phishing Attacks Used to Target Microsoft Users’ Data. 
• Network Solutions, the World’s First Internet Domain Provider, Suffers Data Breach
• Asia-Pacific Ports Could Face Losing $110 Billion in the Event of a Cyber Attack
• Utah Wind & Solar Energy Provider Suffers a Cyber Attack – the First on a Renewable Energy Company in the United States
• Italian Bank, UniCredit, Suffered a Breach and Leakage of 3 Million Customers’ Information

Thousands of Domains and Phishing Attacks Used to Target Microsoft Users’ Data. 

According to Akamai’s 2019 State of the Internet / Security Report, 6035 domains were specifically created and used to primarily target users and employees of high tech companies and obtain their credentials with phishing kit variants. After technology, financial services employees were targeted with 3,658 domains and 83 kit variants. Following financial services was e-commerce and media. Among the many companies targeted, Microsoft was the highest with 22% of the phishing domains, followed by Paypal (9%), DHL (8%), and Dropbox (2.5%). Additionally, Linkedin and DocuSign were also targeted, demonstrating how invasive and effective phishing is and the importance of having a strong security provider to protect your organization’s data.

Sponsorships Available

Sponsorships Available

Sponsorships Available

Network Solutions, the World’s First Internet Domain Provider, Suffers Data Breach

Network Solutions, the world’s first internet domain provider and winner of the 1991 National Science Foundation (NSF) grant, became the sole name registrar for the .com, .net, and .org domains in 1992. According to DomainState, Networks Solutions is now the fifth-largest domain name registrar with nearly seven million domains. On October 30th, it was confirmed that the domain provider was hacked when a third party gained access to computers – leaving account information vulnerable and accessible. 

Asia-Pacific Ports Could Face Losing $110 Billion in the Event of a Cyber Attack

A potential cyber attack on 15 major ports in Asia-Pacific could result in $110 Billion loss – half the total loss incurred for natural disasters last year. A study led by Singapore’s Nanyang Technological University’s Insurance Risk and Finance Centre explained that a targeted attack on the cargo database could scramble the cargo logs and cause mass disruption and financial loss. Singapore’s cybersecurity bill is a measure to protect local infrastructure and industries by enforcing necessary cybersecurity regulations. 

Utah Wind & Solar Energy Provider Suffers a Cyberattack – the First on a Renewable Energy Company in the United States.

A Utah-based renewable energy provider named sPower is now the first-ever US renewable energy provider to have been targeted by a cyberattack. As a result of this attack, the company is also the first US power grid operator that to have lost connection with its power generation installations as a result of a cyberattack. The hacker took advantage of an unstable Cisco firewall – using that instability to crash it and break connections between sPower’s main communication center and its wind & solar energy generators.

Italian Bank, UniCredit, Suffered a Breach and Leakage of 3 Million Customers’ Information

UniCredit has revealed a data breach which resulted in the leak of personally identifiable information (PII). Three million customers were revealed to have their data exposed by UniCredit’s recent data breach. The financial services organization said that the breach was caused by a compromised file generated in 2015. All kinds of personal data was exposed, including the names of clients, telephone numbers, email addresses, and cities where clients were registered.