T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360
This year alone, there have been some of the biggest and most damaging ransomware attacks to date. In the space of just five days in May, there were two major cyber-attacks that rattled governments and private sector organizations around the world. The first, on Colonial Pipeline, forced a week-long shutdown of a major petrol supply line and pushed U.S. petrol prices to their highest since 2014. The second attack, on the Irish healthcare system, resulted in thousands of appointments, cancer treatments, and surgeries being canceled or delayed and patient data shared online.
Most recently, IT company Kaseya was targeted with ‘the biggest ransomware attack on record’, with cyber criminals demanding over $70 million to restore systems and unlock data. In this case, the attackers targeted a well-established but little-known software firm that would give them access to hundreds of other environments and the full extent of the damage is yet to be determined.
As the scope, severity, and frequency of cyberattacks increases, organizations are searching for new ways to shore up their cyber defenses. One of the easiest places to start is by eliminating the use of insecure protocols in the environment. Yet, insecure protocols, including those associated with some of the costliest cyber attacks in history, remain surprisingly common.
Old, risky protocols leave businesses vulnerable
In 2017, EternalBlue, the zero-day exploit of a protocol known as Server Message Block version 1 (SMBv1), was used to perpetrate two devastating ransomware attacks in the span of six weeks — WannaCry and NotPetya. The WannaCry and NotPetya attacks infected millions of computers in over 150 countries, crippling healthcare systems, critical infrastructure, and global shipping. The WannaCry attack alone cost £92 million for the UK and £4 billion worldwide.
But four years after EternalBlue was first disclosed, new research found that 67 percent of enterprise environments still have at least 10 devices running SMBv1. While 10 devices might seem like a relatively small number, the remote code execution enabled by Eternal(x) exploits makes any device running SMBv1 an easy pivot point from which to launch a…