The U.S. presidential elections are less than a week away and a number of cybersecurity companies are taking the opportunity to talk about election security and threat actors’ efforts to disrupt, whether it’s through disinformation, DDOS attacks, or something else.
SonicWall released its latest threat brief focused exclusively on governments, reporting a staggering 236% year-over-year increase in malware-related attacks against government organizations globally during the first quarter of 2024. What’s more, there’s been a 27% rise in attacks in the month leading up to the upcoming election, which SonicWall says underscores the urgent need for enhanced security measures. DDoS (Distributed Denial of Service) attacks are on track to surpass last year’s figures by 32%, and SonicWall said this escalates risks to critical infrastructure as election day approaches.
“As attackers continue to attack critical government services and election-related systems, the importance of multi-layered cybersecurity measures cannot be overstated,” said SonicWall Executive Director of Threat Research Doug McKee. “In a rapidly evolving threat landscape, the stakes have never been higher. We must embrace cross-industry collaboration and threat intelligence information sharing to ensure the integrity of our electoral processes and protect our vital infrastructure from those seeking to exploit these systems.”
Got news or tips to share with us? Please send them to [email protected].
Today’s MSSP Update
1. OpenAI fake - Barracuda threat researchers recently uncovered a large-scale OpenAI impersonation campaign targeting businesses worldwide. Attackers impersonated OpenAI with an urgent message requesting updated payment information to process a monthly subscription. The phishing attack included a suspicious sender domain, an email address designed to mimic legitimacy, and a sense of urgency in the message. The email closely resembled legitimate communication from OpenAI.
2. Protecting the backups - Because 94% of ransomware victims have had their backups targeted by attackers (according to Sophos), N‑able, Inc. adding immutability to its Cove Data Protection. This adds another layer of protection for servers, workstations, and Microsoft 365 backups with no additional management or cost impact. Fortified Copies are automatically created hourly across all backups and devices and retained for 30 days with no manual intervention needed.
3. Fortune’s Cyber 60 list - Fortune has released its second annual Cyber 60 list, recognizing up and coming companies in the cybersecurity market. MSSP Alert noticed some familiar names there including Torq, Coro, and Huntress. Check out the full list here.
4. Cyber resilience is misunderstood - LevelBlue’s 2024 Futures Report: Cyber Resilience in Energy and Utilities shows that 61% of respondents reveal there’s a lack of understanding about cybersecurity at the board level. In addition, 63% believe cybersecurity is an afterthought in their organizations, with another 68% stating efforts are often siloed.
5. Cybersecurity partnership - VulnCheck is partnering with Carahsoft to expand access to enhanced vulnerability, threat, and exploit intelligence solutions in the Public Sector.
6. Top critical threat actors - A ReliaQuest threat report names the following “5 critical threat actors you need to know about” as RansomHub, IntelBroker, APT41, APT29 and KillSec.
