This week has been a doozy, as the old saying goes. From a disturbing Twitter hack to a serious vulnerability with Microsoft's DNS Server to nation state hacking against organizations engaged in finding a vaccine for COVID-19, there's been a flurry of malicious activity.
If you are still questioning whether or not your organization is at risk, my advice is to assume that you. To not could be catastrophic.
In the case of the Twitter hack, an employee was the victim of a targeted phishing attack that got them to divulge credentials allowing the hacker into backend administrative systems. Once in, the hacker sent out tweets under the accounts of several public figures. The tweets in question involved a cryptocurrency scheme.
The vulnerability in Microsoft's DNS role on Windows Server could allow a hacker to take control of systems and then attack other connected systems from there. This issue was so serious that it generated an emergency alert from the Cybersecurity & Infrastructure Security Agency (CISA) to immediately patch impacted systems.
We've been hearing for some time now that China was suspected of trying to hack companies involved in COVID-19 vaccine research. This week brought revelations that Russia has been identified as also hacking these and other organizations involved in the research. The assumption is that they are trying to steal information needed to create the vaccine.
All three of these incidents represent different ways that cybersecurity threats impact us all. It's imperative that you continually reevaluate your cybersecurity posture. Talk with your IT department or partner and be sure you are doing everything that you can to help protect your business.