Another wave of cyberattacks on IT organizations that are already under pressure due to the ongoing COVID-19 pandemic.
Top firms attacked
In the duration of a few weeks, several IT organizations witnessed direct cyberattacks, impacting both their business and reputation.
- Sopra Steria, the European IT services and consultancy company was hit by a ransomware attack that could have a financial impact ranging between $48 to $60 million.
- Employees of GoDaddy were manipulated by attackers during attacks on multiple cryptocurrency services, including Liquid and NiceHash.
- Managed.com, the managed web hosting solutions provider, was targeted by a ransomware attack, which had taken down its entire web hosting infrastructure, including WordPress and DotNetNuke managed hosting solutions, online databases, email servers, DNS and FTP servers, and RDP access points.
Tech tools and services on the target
Further, cybercriminals have been targeting popular IT products used by a massive population, and could potentially have a global impact.
- Mount Locker ransomware has been observed specifically targeting the users of TurboTax tax preparation software, developed by Intuit Inc.
- Attackers were seen using Google's free services, namely Google Forms, Google Firebase, Google Sites, and Google Docs to create convincing phishing campaigns.
- Millions of users who tried to use video platforms to virtually be together during Thanksgiving were targeted with a Thanksgiving-specific hook dubbed TurkeyBombing (similar to ZoomBoming).
IT organizations typically have a large attack surface to protect and are usually on the radar of cybercriminals. Thus, experts recommend managing VPN access, employing domain monitoring, actively scanning and monitoring web applications, and employing the zero trust architecture.