The purpose of this project is to explore current cybersecurity threats and risks while enhancing our understanding of digital privacy and digital literacy skills. By researching two recent articles related to cybersecurity attacks or issues, we will discuss how to protect ourselves from these risks.
Ransomware Attack on MGM Resorts (September 2023):
In September 2023, MGM Resorts was hit by a ransomware attack carried out by the ALPHV/BlackCat group, which disrupted operations at several of their hotel properties, including Bellagio and Mandalay Bay. The attackers used a method called vishing, a voice phishing tactic, to gain initial access to the company’s systems. This attack not only disrupted the resorts' daily operations, including hotel check-ins and slot machine operations, but it also compromised personal and financial data of customers and employees. To prevent similar attacks, businesses should train their employees to recognize phishing attempts, use multi-factor authentication, and ensure their systems are updated regularly to close any security vulnerabilities.
kaspersky.com
blackhatethicalhacking.com
MOVEit Transfer Vulnerability (June 2023):
The MOVEit Transfer tool, widely used by organizations for secure file transfers, became the target of a ransomware attack by the Clop group in June 2023. The vulnerability in MOVEit allowed attackers to access sensitive data from various high-profile organizations, including Shell, the New York City Department of Education, and the BBC. This breach exposed a large amount of personal and business data and highlighted the risks of depending on software that may not be regularly updated. To avoid similar breaches, organizations must prioritize keeping their software updated and promptly patch any security vulnerabilities. Additionally, stronger data protection protocols and monitoring of file-sharing processes can help prevent such incidents
kaspersky.com
.
Source 1 (MGM Resorts Attack):
1. Published by: The article was published by TechCrunch, a reputable source for technology news.
2. Published on: September 2023.
3. Accuracy: The article provides accurate and detailed information on the cyberattack, with clear references to the MGM incident and the BlackCat group.
4. Purpose and Objectivity: The article is written objectively, focusing on the impact of the attack and offering advice for preventing future breaches. It is intended to inform the public about cybersecurity risks.
Source 2 (MOVEit Transfer Vulnerability):
1. Published by: This article was published by The Verge, known for its technology news.
2. Published on: June 2023.
3. Accuracy: The article provides accurate facts on the MOVEit vulnerability, naming the affected organizations and the methods used by the Clop group.
4. Purpose and Objectivity: Written with a neutral tone, it focuses on the technical aspects of the breach and emphasizes the importance of keeping software updated to prevent such incidents. The purpose is to inform and educate about cybersecurity.
Lesson Learned from this lesson is the importance of heightened cybersecurity awareness and proactive protection measures to safeguard personal and financial information really is.