The Navy Exchange Service‘s sale of Lenovo laptops at steep discounts and duty-free rates has raised concerns among U.S. lawmakers due to the manufacturer’s ties to the People’s Republic of China. There are apprehensions that these laptops could potentially contain pre-installed malware aimed at spying on users in Western countries. While currently, this is only an alert generating media attention, it has the potential to gain momentum rapidly, as any connection to China and data security tends to trend on Google within days.
Microsoft recently conducted a study that led to the conclusion that the trend of BYOD (Bring Your Own Device) should be renamed “bring your own disaster.” The study found that a significant percentage of these devices were responsible for causing issues within corporate computer networks. Microsoft’s research revealed that 80-90% of ransomware attacks in the past year originated from unmanaged devices. These findings were detailed in Microsoft’s Digital Defense Report for 2023, and it anticipates a global increase of such attacks by 200%.
According to a threat report released by SecureWorks, ransomware groups have become more efficient in deploying file-encrypting malware within just 24 hours of hacking their targets. This marks a significant reduction from the previously estimated period of 6-7 days, and it’s attributed to the increased sophistication of malware developed by cybercriminals.
BlackBaud, a South Carolina-based cloud computing company, has agreed to pay $49.6 million to approximately 13,000 customers across 49 states and the District of Columbia to settle litigation stemming from a 2020 ransomware attack. During this breach, hackers managed to access customer data, including social security numbers and bank account information. Notably, this settlement includes a $3 million payment to the Security Exchange Services (SEC) and $900,000 to Massachusetts.
In an alarming revelation, the United States Department of State has admitted to being unaware of the extent of its in-house cybersecurity risks. The federal agency attributes this lack of awareness to outdated hardware and software systems. It also raises concerns about Chinese vendors supplying equipment through cross-linked trade treaties with countries like Malaysia and Singapore. This means that Chinese products could enter the American market with different labels, linking them to companies in Singapore and Malaysia but ultimately part of China’s trade consortium.
According to a report by internet security company WatchGuard Technologies, there has been a decline in malware infections despite an increase in campaigns aimed at spreading malware. The report emphasizes that while malware distribution has decreased, the sophistication of attacks has risen to new heights.
In June of this year, Sony systems fell victim to a Clop Ransomware cyber attack, impacting 6,791 former employees. As a response, the company has initiated remediation efforts, offering credit monitoring and identity restoration services to those affected.
MGM Resorts, the casino giant, has confirmed that the ransomware attack disrupting its operations may result in a $100 million loss for the current year. This hefty sum includes $50 million in remediation and operational shutdown costs, with an additional expected expenditure of $30 million in the coming weeks for recovery expenses and hiring expertise.