CSTI
    industryThe Ransomware & AI Era (2020–2023) Daily Briefing

    March 13, 2020: Cybersecurity Briefing Amid COVID-19 Threats

    Friday, March 13, 2020

    # Lead Story: Surge in Cyber Threats Amid COVID-19

    As the COVID-19 pandemic escalated on March 13, 2020, cybercriminals intensified their attacks, particularly against healthcare and government organizations. Phishing schemes leveraging pandemic-related information surged, exploiting widespread fear and disorganization. Notably, the Dutch government reported the loss of hard drives containing sensitive information of 6.9 million organ donors, highlighting vulnerabilities in data protection practices. Additionally, a significant DDoS attack on the U.S. Department of Health and Human Services showcased the critical need for robust cybersecurity measures during a public health crisis. These incidents reflect a troubling trend where attackers capitalize on global chaos for malicious gain.

    Secondary Items:

    1. Marriott International Breach In a significant breach, Marriott International disclosed that over 5.2 million guests had their personal data compromised due to credential theft from two employees. This incident underscores ongoing vulnerabilities in employee access controls and the importance of training and monitoring staff to prevent insider threats. (MetaCompliance)

    2. DDoS Attack on HHS The U.S. Department of Health and Human Services experienced a DDoS attack, although it did not result in a data breach. This highlighted the increasing risks faced by government agencies during the pandemic and the necessity for enhanced cybersecurity infrastructure to protect critical public services. (Arctic Wolf)

    3. SolarWinds Vulnerabilities Revealed Reports emerged regarding vulnerabilities in the SolarWinds software supply chain, foreshadowing the widespread government data breaches that would follow later in 2020. This incident raised alarms about third-party risks and the importance of securing supply chains against potential exploits. (CISA)

    Analyst Perspective

    The events of March 13, 2020, underscore a pivotal moment in cybersecurity as the onset of the COVID-19 pandemic transformed the threat landscape. Cybercriminals exploited the chaos, directing their attacks toward sectors critical to public health and safety. The breach of Marriott and the vulnerabilities associated with SolarWinds exemplify the ongoing challenges organizations face in securing their data and infrastructure. As remote operations became the norm, the need for comprehensive cybersecurity strategies to safeguard sensitive information has never been more crucial. Organizations must prioritize employee training, robust access controls, and supply chain security to mitigate these evolving threats.