CSTI
    ransomwareThe Ransomware Era (2018-Present) Daily Briefing

    March 2, 2020: Cybersecurity Briefing on Ransomware and Vulnerabilities

    Monday, March 2, 2020

    # Lead Story: Finastra Ransomware Attack On March 20, 2020, it was disclosed that Finastra, a leading financial services software provider, suffered a ransomware attack, affecting operations for North American clients. The attack was exacerbated by the use of outdated software, which made the organization particularly vulnerable. This incident highlights the critical need for timely software updates and robust cybersecurity measures in the financial sector.

    # Secondary Items

    DDoS Attacks Targeting U.S. Government

    Throughout March 2020, multiple U.S. government agencies faced Distributed Denial-of-Service (DDoS) attacks. Notably, the Department of Health and Human Services experienced an attack on March 15, though their systems managed to remain operational. This wave of attacks underscores the increasing targeting of government entities amid rising global tensions.

    SolarWinds Supply Chain Compromise

    While details would emerge later, investigations hinted at a significant breach concerning SolarWinds in March 2020. Advanced persistent threat actors reportedly exploited vulnerabilities in software utilized by various U.S. government agencies, leading to a massive supply chain compromise. The potential implications of this breach continue to reverberate through the cybersecurity landscape.

    Outdated Software Vulnerabilities

    Reports have surfaced regarding organizations that continue to run outdated software, significantly heightening their risk exposure. This mismanagement of security protocols and failure to patch vulnerabilities have been identified as key factors contributing to several breaches during this period. A proactive approach to software updates is essential in mitigating these risks.

    # Analyst Perspective The cybersecurity landscape as of March 2020 is marked by an alarming trend: organizations are increasingly falling victim to ransomware and other sophisticated attack vectors due to outdated systems and insufficient security measures. The Finastra attack serves as a reminder of the vulnerabilities that can arise when organizations neglect to update their software. Additionally, the ongoing DDoS attacks on government entities and the looming threat of supply chain compromises signal a critical need for enhanced defensive strategies. As cyber threats continue to evolve, it is imperative for organizations to remain vigilant and proactive in their cybersecurity efforts.

    Sources

    Finastra ransomware DDoS SolarWinds vulnerabilities