Jan 02, 2020
New Details Show Cloud Hopper Attack Was Much Bigger Than Originally Known
A new report indicates a recent Cloud Hopper attack was much bigger than originally thought.
The June 2019 attack originally hit companies such as HPE, IBM, and Fujitsu but the impact seems to be even greater. According to a new report from the Wall Street Journal, the attack hit at least a dozen cloud providers when the attackers were able to ‘hop’ into client networks after attacking service providers and attempt to steal sensitive corporate and government information.
As we outlined after the initial attack in June 2019, reusing passwords across multiple platforms greatly increases the risk from threats like Cloud Hopper. To mitigate this risk, it’s imperative to use a password manager separate from the browser built-in functionality and generating unique passwords. In addition, 2FA should be in place for all platforms, especially remote management tools.
In response to the recent increase in ransomware attacks, the FBI released some cyber-defense best practices:
- Regularly back up data and verify its integrity. Ensure backups are not connected to the computers and networks they are backing up. For example, physically store them offline. Backups are critical in ransomware; if you are infected, backups may be the best way to recover your critical data.
- Focus on awareness and training. Since end-users are targeted, employees should be made aware of the threat of ransomware and how it is delivered and trained on information security principles and techniques.
- Patch the operating system, software, and firmware on devices. All endpoints should be patched as vulnerabilities are discovered. This can be made easier through a centralized patch management system.
- Ensure antivirus and anti-malware solutions are set to automatically update and that regular scans are conducted.
To learn more about the current landscape of ransomware and how you can avoid falling victim, check out Datto's State of the Channel Ransomware Report.