CSTI
    ransomwareThe Ransomware Era (2016-Present) Daily Briefing Landmark Event

    March 18, 2020: Major Cybersecurity Incidents Amid COVID-19 Surge

    Wednesday, March 18, 2020

    # Lead Story: Finastra Ransomware Attack

    On March 18, 2020, Finastra, a prominent financial software provider, was hit by a serious ransomware attack that forced the company to take several servers offline. The attack was linked to unpatched vulnerabilities in their systems, particularly with Pulse Secure VPNs. While Finastra reassured customers that no data was exfiltrated, the incident underscores the ongoing risks associated with inadequate cybersecurity measures. As organizations adapt to a rapidly changing threat landscape, the importance of regular updates and patches has never been clearer. This attack is a stark reminder of how quickly vulnerabilities can be exploited in today's interconnected world.

    # Secondary Item 1: U.S. Federal Government Data Breach

    Reports surfaced regarding a significant cybersecurity breach within the U.S. federal government, linked to advanced persistent threat (APT) actors likely associated with Russian state-sponsored groups. This breach, part of a larger campaign utilizing vulnerabilities in SolarWinds software, was recognized as one of the most severe espionage incidents in recent history, as it granted attackers extensive access to sensitive government data and systems, raising alarms across the cybersecurity community.

    # Secondary Item 2: Increase in Cyber Attacks Due to COVID-19

    The transition to remote work amid the COVID-19 pandemic has led to a surge in cyber threats. March 2020 saw a notable increase in phishing schemes, ransomware attacks, and DDoS attacks particularly targeting essential sectors like healthcare and government. Cybercriminals exploited the chaos and uncertainty, emphasizing the urgent need for organizations to enhance their security protocols and employee awareness regarding cyber hygiene.

    # Secondary Item 3: Ongoing Vulnerabilities and Exploits

    A concerning trend throughout March 2020 was the high number of organizations still vulnerable to attacks due to outdated software and unpatched systems. Continuous exploitation of known vulnerabilities highlighted the necessity for businesses to implement strict cybersecurity measures. The cybersecurity community urged organizations to adopt proactive strategies to identify and remediate vulnerabilities before they could be exploited by threat actors.

    # Analyst Perspective

    The events of March 18, 2020, reflect a broader context of heightened cybersecurity risks exacerbated by the global pandemic. As organizations rapidly transitioned to remote work, they inadvertently opened doors to increased cyber threats. This period, characterized by significant ransomware incidents and critical data breaches, serves as a crucial reminder of the importance of rigorous cybersecurity practices, continuous monitoring, and timely updates to safeguard sensitive information against evolving threats. The necessity for robust cybersecurity frameworks remains paramount, especially as attackers capitalize on vulnerabilities during times of crisis.

    Sources

    Finastra SolarWinds COVID-19 cyber attacks ransomware