5.     Telegram Hijack – Hackers with access to the Signaling System 7 (SS7) used for
          connecting mobile networks across the world were able to gain access to Telegram messenger and email
          data of high-profile individuals in the cryptocurrency business. In what is believed to be a
          targeted attack, the hackers were after two-factor authentication (2FA) login codes delivered over the short
          messaging system of the victim’s mobile phone provider.

          6.     BlackBaud: Ransomware Attack - Blackbaud, a cloud technology company, was hit by a data-steal-
          ing ransomware attack earlier this year. The attack was one of the biggest of the year in terms of the number
          of organizations affected, with nearly 200 organizations and millions of
          individuals potentially impacted.

          Lessons Learned

          The most common causes of data breaches are weak or stolen credentials, back
          doors/vulnerabilities, malware, social engineering, excessive permissions, insider threats and
          improper configuration/user error, so businesses need to be diligent. Cybersecurity needs to be top of mind
          and systems and setups need to be routinely assessed. Any organization can become the victim of phishing
          schemes, ransomware, DDoS, malware, and other attacks leading to data breaches. Stress to customers
          that taking all necessary precautions is the best chance they have at staying secure. Along with detection
          and response tools, authentication protocols and ongoing employee security awareness training can make
          the biggest difference.


          Because the reality is challenging and the future is not promising to be better in terms of
          cybersecurity threats and malicious attacks, cybersecurity pros must be prepared in the defense of their or-
          ganization. Going deeper into 2021, organizations are more prepared than ever to address these challenges
          and improve overall security readiness with technologies such as next-generation XDR (EPP, NGAV, EDR,
          NDR, UBA), SOAR and advanced MDR services.

















          About the Author

          Eyal Gruner is the co-founder and CEO of Cynet.  He is also
          co-founder and former CEO of BugSec, Israel’s leading cyber
          consultancy, and Versafe, acquired by F5 Networks. Gruner
          began his career at age 15 by hacking into his bank’s ATM
          to show the weakness of their security, and has since been
          recognized  in Google’s security Hall  of Fame. Eyal can be
          reached online at @Cynet360 and at our company website
          http://www.cynet.com.












             41    Cyber Defense eMagazine – April 2021 Edition
                   Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.