Page 41 - Cyber Defense eMagazine April 2021 Edition
P. 41
5. Telegram Hijack – Hackers with access to the Signaling System 7 (SS7) used for
connecting mobile networks across the world were able to gain access to Telegram messenger and email
data of high-profile individuals in the cryptocurrency business. In what is believed to be a
targeted attack, the hackers were after two-factor authentication (2FA) login codes delivered over the short
messaging system of the victim’s mobile phone provider.
6. BlackBaud: Ransomware Attack - Blackbaud, a cloud technology company, was hit by a data-steal-
ing ransomware attack earlier this year. The attack was one of the biggest of the year in terms of the number
of organizations affected, with nearly 200 organizations and millions of
individuals potentially impacted.
Lessons Learned
The most common causes of data breaches are weak or stolen credentials, back
doors/vulnerabilities, malware, social engineering, excessive permissions, insider threats and
improper configuration/user error, so businesses need to be diligent. Cybersecurity needs to be top of mind
and systems and setups need to be routinely assessed. Any organization can become the victim of phishing
schemes, ransomware, DDoS, malware, and other attacks leading to data breaches. Stress to customers
that taking all necessary precautions is the best chance they have at staying secure. Along with detection
and response tools, authentication protocols and ongoing employee security awareness training can make
the biggest difference.
Because the reality is challenging and the future is not promising to be better in terms of
cybersecurity threats and malicious attacks, cybersecurity pros must be prepared in the defense of their or-
ganization. Going deeper into 2021, organizations are more prepared than ever to address these challenges
and improve overall security readiness with technologies such as next-generation XDR (EPP, NGAV, EDR,
NDR, UBA), SOAR and advanced MDR services.
About the Author
Eyal Gruner is the co-founder and CEO of Cynet. He is also
co-founder and former CEO of BugSec, Israel’s leading cyber
consultancy, and Versafe, acquired by F5 Networks. Gruner
began his career at age 15 by hacking into his bank’s ATM
to show the weakness of their security, and has since been
recognized in Google’s security Hall of Fame. Eyal can be
reached online at @Cynet360 and at our company website
http://www.cynet.com.
41 Cyber Defense eMagazine – April 2021 Edition
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.