Back to top

Hacks, Attacks and Breaches: 2/5/2020 to 2/11/2020

Suzanne Gassman

Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update. The Logically team provides top cyber security stories every week to keep you up-to-date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.

United States - TV Eyes 
Exploit: Ransomware
TV Eyes: Media monitoring service

Risk to Small Business: An unidentified ransomware strain has disabled the network’s core servers and engineering workstations. As a result, clients have been unable to access any information, which could have broad and long-lasting financial consequences for the media monitoring company. TV Eyes has declined to pay the ransom. Still, brand erosion and opportunity costs will make this an expensive attack at a critical time for the company, whose services are widely used by news outlets and PR agencies to access media content for reporting purposes.

How it Could Affect Your Business: In addition to academic and government institutions, cybercriminals are increasingly targeting businesses that store customer data. Many are now willing to compromise customer data if ransom demands aren’t met, a new reality that significantly increases the potential damage of a ransomware attack. Since ransomware attacks always require a vulnerability to gain network access, companies should regularly assess their defensive postures to ensure that they are prepared for this nefarious attack methodology.

United States - Electronic Warfare Associates (EWA)
Exploit: Ransomware
Electronic Warfare Associates (EWA): Electronic product and services company

Risk to Small Business: Cybercriminals encrypted the company’s web servers, leaving customer-facing signs of a cyberattack even several days after the event. In response, the company took down the affected servers, and it’s unclear how much of the company’s internal IT is impacted by the attack. More than a week after the attack was discovered by security researchers, EWA still hasn’t issued a statement to the public. This lack of transparency could complicate their recovery process, which already promises to be an arduous journey due to the complicated nature of their business.

How it Could Affect Your Business: Cybercriminals encrypted the company’s web servers, leaving customer-facing signs of a cyberattack even several days after the event. In response, the company took down the affected servers, and it’s unclear how much of the company’s internal IT is impacted by the attack. More than a week after the attack was discovered by security researchers, EWA still hasn’t issued a statement to the public. This lack of transparency could complicate their recovery process, which already promises to be an arduous journey due to the complicated nature of their business.

United States - Fondren Orthopedic Group 
Exploit: Malware attack
Fondren Orthopedic Group: Orthopedic healthcare services provider

Risk to Small Business: A malware attack destroyed several the medical provider’s patient records. The incident was first discovered in November 2019, but IT administrators only recently identified the permanent damage to their digital records. As a result, patients have to complete new patient information forms that include detailed medical histories. Given the sensitive and incredibly important nature of this information, this attack could negatively impact patient care, and it will undoubtedly invite regulatory oversight.

How it Could Affect Your Business: After this devastating malware attack, Fondren Orthopedic Group announced an update to their cybersecurity practices, a move that is too little, too late for the thousands of patients impacted by the breach. There are many steps companies can take to mitigate the risk of a data breach, but those steps need to be taken before an incident occurs. Otherwise, these measures serve as vanity metrics as opposed to a defensive strategy.