A warning to SQL Server admins, a logistics company hit by a cyberattack and more.
Welcome to Cyber Security Today. It’s Wednesday, February 23rd, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Administrators who oversee Microsoft SQL Server databases are being warned to lock down those servers. This comes after security researchers at a South Korean company called ASEC discovered a threat actor is targeting SQL Servers to install the Cobalt Strike beacon. That beacon reports back to hackers that a server has been penetrated and is ready for surveillance and downloading malware. The researchers say the threat actors are looking for SQL Servers open to the internet. Then they use brute force or dictionary attacks to crack administrator passwords. With that opening they can install Cobalt Strike on the network. Administrators are urged to better protect passwords with multifactor authentication and to disconnect SQL Server from the internet if remote access isn’t needed.
Expeditors International, a U.S. logistics and freight forwarding company, had to shut most of its worldwide operations over the weekend after a cyber attack. According to the Bleeping Computer news site, a tipster said the company was hit by ransomware. However, that has not been confirmed.
On Tuesday afternoon the company said it is operating under a business continuity plan, using backup procedures and alternative solutions to support customers.
The top three countries whose internet users suffered data breaches in 2020 were the United Kingdom, the United States and Canada. That’s according to an analysis of data by researchers at Surfshark. Roughly 3,400 internet users per million were hacked in the U.K., 1,724 per million in the U.S. and 163 per million in Canada. Belgium, Australia, South Africa and France were the next on the list. By the researchers’ estimates, every third online crime victim fell for a phishing attack.
Possibly some good news for everyone with a smartphone: Researchers at Kaspersky saw the number of malware packages installed on mobile phones protected by the company dropped compared to 2020. However, the past four years have been up and down. In 2018 attacks were up, then down in 2019 and back up in 2020. Overall, though, not only did the number of attacks on smartphones dropped last year, it was at its lowest point in four years. But while the overall number of attacks are down, Kaspersky warns the sophistication of malware is going up. That means the impact of a successful attack on the user of a mobile device – such as the theft of a bank account or stolen data – may be greater than before.
That’s it for now. Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.