As I scroll through the numerous cybersecurity e-newsletters I receive, review the unsolicited vendor and PR pitches offering solutions and commentary related to breaches (some due to third-party vendor issues, as well), and peruse LinkedIn and Twitter, it is abundantly clear that the bad actors don't care which industries they affect.
They just want to disrupt, and if they can get some ransom money in the process or make it difficult for organizations to function normally—especially if they are friendly to their political foes—they are more than happy to do it.
Just in the last few days, here are some companies from varying industries targeted by cyberattacks.
The shipping company, like many across Europe, was the target of a DDoS attack that crippled websites and has IT teams working triple-time to get systems back online. Just another hit to supply chain companies, which are susceptible, and the ramifications of attacks reach far and wide, affecting businesses far down the chain. The Cyber Express provided more details in an Oct. 20 news post, adding:
"A recent news report quoting a research conducted by law firm HFW said that the shipping industry is an 'easy target' for cybercriminals. The same report claimed that there has been an increase in ransomware attacks and a whopping 350% hike in ransom demands on these companies in the past one year.
'Our findings show that while maritime cyber security has improved, the industry remains an easy target. Shipping organisations are being subject to more cyberattacks than ever before, and the cost of attacks and demand for ransom payments have skyrocketed. And as the use of technology continues to increase across all aspects of shipping–from ship networks to offshore installations and shoreside control centres–so does the potential for cybersecurity breaches,' reported Heavylift PFI, quoting Tom Walters, partner at the Hollman Fenwick Willan law firm."
City of Philadelphia:
Municipalities are favorite targets of hackers looking to take down systems and make it tough on cities and the people they serve through a myriad of services and programs. The City of Brotherly Love discovered an incident on May 24 after noting suspicious activity on city email accounts; but the City just reported the breach days ago.
A Notice of Privacy Incident issued Oct. 20 said: "On May 24, 2023, the City initially became aware of suspicious activity in its email environment. We launched an investigation, with the assistance of third-party cybersecurity specialists, to determine the nature and scope of the event. The investigation is ongoing. However, to date, the investigation determined that between May 26, 2023 and July 28, 2023, an unauthorized actor may have gained access to certain City email accounts and certain information contained therein. Also, on August 22, 2023, we became aware that the at-issue email accounts include email accounts that may contain protected health information."
The City revealed that the types of information exposed for impacted individuals include a combination of:
- demographic information, such as name, address, date of birth,
Social Security number, and other contact information;
- medical information, such as diagnosis and other treatment-related information;
- limited financial information, such as claims information.
"In an abundance of caution, we are conducting a comprehensive, programmatic and manual review of the potentially impacted email accounts to determine whether personal information or protected health information was potentially affected," the notice says.
"If so, the City will work to confirm the identities and contact information for potentially impacted individuals and provide notice via written letter."
Jake 58 Casino:
The New York State Gaming Commission reported its systems were the victim of a cybersecurity attack that forced the Jake 58 Casino in Suffolk County to shutter for several days. The incident occurred Oct. 17 and is still under investigation, though the commission says no PII was compromised.
Health Alliance Hospital and Margaretville Hospital:
The hospitals had to send patients to other medical facilities after a cyberattack over the weekend of Oct. 21-22. The healthcare facilities remained open and accepted some walk-in patients, who were treated and released. Ambulance services were also disrupted but returned to normal operations by the evening of Saturday, Oct. 21.
The HIPAA Journal filed this report on Oct. 25, detailing the incident:
"Westchester Medical Center Health Network (WMCHealth) said the New York State Department of Health and Ulster and Delaware County officials were notified about the attack and it has been working with law enforcement, including the FBI, and has engaged a third-party cybersecurity firm to assist with the investigation. The first priority was ensuring patient safety, which is why ambulances were diverted. The hospitals remained open throughout and continued to accept walk-in patients, who were assessed, treated, and released, or transferred to alternative WMCHealth facilities.
The investigation of the attack is ongoing, and it has not yet been determined if any patient data was compromised. Should that turn out to be the case, notifications will be issued as soon as possible."
Any industry can be affected by cybersecurity attacks, but some industries are more at risk than others. Here are some of the most targeted industries.
Financial Services: Financial institutions hold a lot of sensitive data, such as customer names, addresses, and Social Security numbers, making them a prime target for cybercriminals, who can use this data to commit identity theft or fraud.
Healthcare: Healthcare organizations also hold a lot of sensitive data, such as patient medical records. This data is valuable to cybercriminals, who can sell it on the black market or use it to extort money from victims.
Retail: Retailers store a lot of customer data, such as credit card numbers and shipping addresses. This data can be used by cybercriminals to commit fraud or identity theft.
Technology: Technology companies are often targeted by cybercriminals because they develop and sell products and services that are used by millions of people. Cybercriminals can exploit vulnerabilities in these products and services to gain access to users' devices and data.
Government: Government agencies hold a lot of sensitive data, such as national security secrets and citizen information. This data is valuable to cybercriminals, who can use it to spy on governments or blackmail individuals.
Manufacturing: Manufacturing companies often rely on complex industrial control systems (ICS) to operate their machinery. Cybercriminals can target these ICS systems to disrupt production or cause physical damage.
Education: Educational institutions store a lot of student data, such as grades, financial aid information, and Social Security numbers. This data can be used by criminals to commit identity theft or fraud.
Energy and Utilities: Energy and utilities companies provide essential services to millions of people. Cybercriminals can target these companies to disrupt their services or cause physical damage.