Weekly Email Security News Recap #2 [June 2022]
This week’s cybersecurity and email security breach news include attacks on the Russian government website, the ransomware attack that cancelled final exams in New Jersey, and the potent Emotet malware comeback.
Cybersecurity incidents and email security breaches hit businesses every day.
Read on for top email security breach news and cybersecurity news headlines of the past week.
The second week of June started with hacking news linked to the Russian-Ukrainian conflict.
As we know, the Russian-Ukrainian war is not only about bombs and gunfire, but also about cyber warfare.
A Russian government website was hacked, which caused an Internet search for the site to lead to a “Glory to Ukraine” sign in Ukrainian.
From the beginning of this conflict, many Russian state-owned companies and news organizations suffered hacking attempts, the latest being Russia’s Ministry of Construction, Housing, and Utilities website
RIA News Agency cited a ministry spokesperson declaring that users’ personal information was protected even though the site was down for a while.
Unconfirmed reports also state that the hackers threatened to disclose the user’s data if they didn’t get their requested ransom.
On Thursday, Tenafly Public Schools returned to the basics after a ransomware attack disabled the New Jersey district’s computer system.
The Bergen County school district also lost access to its system, which caused the cancellation of the final exams for all high school students.
The identity of the cybercriminals aren’t yet clear, nor is the ransom they requested.
District communications manager, Christine Corliss, stated that the cyberattack involved data encryption by ransomware on some computers in the district’s network.
The district’s technology department isolated devices, turned off the network, and hired cybersecurity experts to carry on an investigation.
In recent years, many school districts, universities, big and small companies, and even entire countries have been affected by ransomware incidents.
This New Jersey District incident had students revert to old-fashioned school practices, like using paper and pencils, participating in hands-on classroom activities, and having a lot more face-to-face interactions and a lot less email.
There’s no definitive timeline for when the repair process will be complete.
Emotet’s resurgence in April seems to be the signal of a full comeback for what was once dubbed “the most dangerous malware in the world,” with researchers spotting new versions of the malicious software.
The cybercrime group known as TA542 or Mummy Spider reportedly unleashed a new variant of their Emotet malware that steals credit card information from Google Chrome browsers.
Originally deployed as a banking trojan back in 2014, Emotet has since evolved into a botnet, infecting victim’s systems with second-stage payloads. Threat actors use it to steal data, spy on victims, deliver ransomware, and spread malware to other vulnerable devices.
Security firm Proofpoint discovered the variant on June 6th, when they observed a new module dropped by the botnet.
These attacks—which are leveraged to deliver ransomware—come after attacks in February and March hit Japanese victims using hijacked email threads and then “using those accounts as a launch point to trick victims into enabling macros of attached malicious office documents,” Deep Instinct’s Charles Everette wrote.
If this new Emotet variant is anything to go by, the responsible cybercriminals are gearing up to unleash further attacks.
Companies hold massive amounts of confidential and personally identifiable data. From billing invoices and financial records to names, addresses, and social security numbers, businesses are responsible for securing their data effectively.
Cyberattacks are rampant now more than ever, and they’re here to stay. The cyberworld isn’t just about social media and cat videos, it’s a dangerous place too.
Make sure to secure your organization so much that your clients can completely trust you with their data.