Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label resilience. Show all posts
Security Vendors
Cyber Attacks Cyber attacks on Industrial leaders IBM research ransomware attacks Ransomwares resilience Security Vendors

Cyberattacks on Single Points of Failure Are Driving Major Industry Disruptions


Cybercriminals are increasingly targeting single points of failure within companies, causing widespread disruptions across industries. According to cybersecurity firm Resilience, attackers have shifted their focus toward exploiting key vulnerabilities in highly interconnected organizations, triggering a “cascading effect of disruption and chaos downstream.” This strategy allows cybercriminals to maximize the impact of their attacks, affecting not just the initial target but also its partners, clients, and entire industries. 


The financial consequences of these attacks have been severe. According to IBM research, the global average cost of a data breach in 2024 was nearly $4.9 million. However, some breaches were far more expensive. One of the most significant incidents involved a ransomware attack on Change Healthcare, a subsidiary of UnitedHealth that processes billions of medical claims annually. UnitedHealth reported that the attack cost the company $3.1 billion in response efforts, making it one of the most financially damaging cyber incidents in recent history. 

The attack caused major disruptions across the healthcare sector, impacting hospitals, insurance providers, and pharmacies. John Riggi, national cybersecurity advisor for the American Hospital Association, described the incident as “the most significant and consequential cyberattack in the history of U.S. health care.” Another major ransomware attack targeted CDK Global, a software provider for car dealerships across the U.S. The breach resulted in over $1 billion in collective losses for affected dealerships, according to estimates from Anderson Economic Group. 

This attack further demonstrated how cybercriminals can cripple entire industries by targeting critical service providers that businesses rely on for daily operations. Resilience’s analysis indicates that third-party risk has become a dominant driver of cyber insurance claims. In 2024, third-party breaches accounted for 31% of all claims filed by its clients. While the number was slightly higher in 2023 at 37%, none of those incidents resulted in material financial losses. The report also found that ransomware targeting vendors has become a significant concern, contributing to 18% of all incurred claims.  

Ransomware remained the top cause of financial loss in cyber incidents last year, responsible for 62% of claims involving monetary damages. However, Resilience’s research suggests that while ransomware remains a major threat, its frequency may be declining in broader markets. This trend is attributed to cybercriminals shifting their focus from random, large-scale attacks to more strategic operations against high-value targets that offer larger payouts. 

The evolving threat landscape underscores the need for organizations to strengthen cybersecurity measures, particularly in highly interconnected industries. With cyberattacks becoming more sophisticated and financially motivated, businesses must prioritize risk management, enhance third-party security assessments, and invest in cyber resilience to prevent large-scale disruptions.
Read more »
Vendors
Breaches Clean Energy Cyber Security Energy IT Security Ransomware resilience Risks Supply Chain Vendors

Energy Sector Faces Heightened Supply Chain Risks Amid Growing Dependence on IT and Software Vendors

 

The energy industry is experiencing a sharp increase in supply chain risks, largely driven by its growing reliance on external vendors. According to a recent report, two-thirds of security breaches in this sector now originate from software and IT vendors.

The study, conducted by SecurityScorecard and KPMG, titled "A Quantitative Analysis of Cyber Risks in the U.S. Energy Supply Chain," draws attention to frequent threats, including ransomware attacks targeting traditional IT systems.

Researchers have emphasized that as the transition to cleaner energy picks up pace, and as the grid becomes more interconnected and software-reliant, vulnerabilities in the energy sector are expected to increase.

Ryan Sherstobitoff, senior vice president of threat research and intelligence at SecurityScorecard, stated, “The energy sector's rising dependence on third-party vendors exposes a significant vulnerability—its security is only as robust as its weakest link."

He added that this growing reliance on external vendors introduces considerable risks, urging the industry to strengthen cybersecurity defenses before a breach escalates into a national crisis.

The report highlighted that third-party risks account for nearly half of all breaches in the energy sector—significantly higher than the global average of 29%. Over 90% of organizations that experienced multiple breaches were attacked through third-party vendors.

Additionally, the report found that software and IT vendors were responsible for 67% of third-party breaches, while only a small number were linked to other energy companies. A notable portion of these incidents stemmed from the MOVEit file transfer software vulnerability, which was exploited by the Clop ransomware group last year.

The report also pointed out application security, DNS health, and network security as some of the most significant weaknesses in the sector.

The findings come at a time when the U.S. Department of Energy is convening with energy sector leaders to promote the Supply Chain Cybersecurity Principles, urging companies to focus on reducing risks posed by software and IT vendors, which represent the highest third-party threats.

As part of this effort, energy operators are encouraged to ensure new technology purchases are secure by incorporating initiatives like CISA’s "Secure by Design" and following the Department of Energy’s Supply Chain Cybersecurity Principles. The industry must also bolster security programs to defend against supply chain risks and geopolitical threats, especially from nation-state actors, and analyze ransomware attacks affecting foreign counterparts to improve resilience.

“The energy sector is a complex system undergoing a significant generational shift, heavily reliant on a stable supply chain," said Prasanna Govindankutty, KPMG's principal and cybersecurity leader for the U.S. sector.

He further explained that with rising geopolitical and technology-based threats, the industry is facing a level of risk exposure that could negatively impact both businesses and citizens. Organizations that can quantify these risks and implement mitigation strategies will be better equipped to navigate the energy transition.
Read more »
UK
attacks Businesses Cyber Crime CyberCrime global cooperation guidance insurance Ransomware resilience Security UK

Global Effort Unites Against Ransomware: New Guidance to Strengthen Business Defenses

  

Ransomware attacks continue to pose significant challenges for businesses worldwide, with incidents on the rise. 

In response, the UK, along with 38 other nations and international cyber insurance organizations, has collaborated to release updated guidance aimed at supporting victims and enhancing resilience. This guidance advises against making immediate ransom payments, as recovery of data or malware removal is not guaranteed, and paying ransoms often encourages further criminal activity.

Instead, businesses are urged to create a comprehensive response plan, with policies and contingency measures in place. Organizations that fall victim to ransomware should report the incident to law enforcement and consult security professionals for expert guidance.

Ransomware has become a lucrative venture for cybercriminals, causing an estimated $1 billion in losses in 2023. By removing the incentive for criminals, these new policies aim to weaken the ransomware business model and reduce future attacks.

"International cooperation is crucial in fighting ransomware as cybercrime knows no borders," stated Security Minister Dan Jarvis. He emphasized that this collective effort will hit cybercriminals financially and better protect businesses in the UK and beyond.

The UK is taking a leading role, collaborating with three major insurance organizations—the Association of British Insurers, the British Insurance Brokers' Association, and the International Underwriting Association—to issue co-sponsored guidance. Meanwhile, the UK National Crime Agency has taken steps by sanctioning 16 individuals from the 'Evil Corp' cybercrime group, responsible for over $300 million in theft from critical infrastructure, healthcare, and government sectors.

Jonathon Ellison, Director for National Resilience at the NCSC, highlighted the urgency of addressing ransomware threats: "This guidance, backed by both international bodies and cyber insurance organizations, represents a united front in bolstering defenses and increasing cyber readiness."
Read more »
Subscribe to: Posts (Atom)