Ransomware attacks have increased dramatically in recent years, and remote workers are at least partially responsible. Working outside the workplace can weaken cybersecurity measures. Infiltrators are also targeting companies higher up in supply chains to reach more businesses at once.
Earlier this year, Hawaii Payroll Services learned that unauthorized users had gained access to its computers and information. The company believes that the attack was by a criminal gang who gained access to a client’s account in any way.
Ransomware is a kind of malicious software or virus that restricts you from accessing your computer’s data. Malware can infiltrate a company’s computer system in a variety of ways. Among the most prevalent strategies are:
• Phishing emails target organizations by including malware in an incoming message. Malware makes its way if the receiver opens or clicks the provided link. Cybercriminals now have access to the system’s data and can take it hostage.
• The Remote Desktop Protocol (RDP) is a network protocol that connects PCs. Hackers get unauthorized RDP access to exploit systems and download ransomware by applying a trial-and-error to obtain user credentials or purchase them on the dark web.
• Software vulnerabilities enable cybercriminals to access a company’s system by exploiting security flaws in software programs.
A ransomware attack revealed Social Security numbers, dates of birth, clients’ full names, and bank account information to around 4,500 customers of a Honolulu payroll processing company. According to the company, the unauthorized access to the servers containing company information occurred between Feb. 15 and 16, most likely by someone.
In response, the company stated that it had ceased all remote client access and had asked its third-party vendor in charge of information technology operations to estimate the level of the incident.
There has been no evidence or any report, so far, that the personal data is available on the dark web or has been wrongly used, according to the company’s owner.
Moreover, the company recruited some “professional forensic help” so that to furtherly analyze and repair the situation, as well as to recommend security improvements. The Honolulu Police Department’s Financial Crimes Detail has started an investigation into first-degree unauthorized computer access. There’ve been no arrests in this case.
Data security should be the topmost priority for your company. Some of the preventive actions that companies might consider are as follows:
Rogue Logics provides in-depth security services for the assessment and protection of your application, data, and infrastructure against potential threats on-prem or in the cloud.
Want a consultation with the professionals at Rogue Logics, contact us and get a free quote.