“Small Lapses” Lead To Ransomware Attacks, WordPress Hack

By   ISBuzz Team
Writer , Information Security Buzz | Nov 17, 2021 03:32 am PST

BACKGROUND:

The House Oversight and Reform Committee today released a staff memo on investigations into ransomware attacks including the Colonial Pipeline attack and JBS meat producer. The memo, a result of a committee panel investigation, conclude that “small lapses” contributed to successful ransomware attacks, including lacking point of contacts with the federal government and pressures to pay attackers to restore systems.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Saumitra Das
Saumitra Das , CTO and Co-founder
November 17, 2021 11:35 am

<p>Many security attacks happen because of small lapses. However, requiring organizations to contact the federal government for response and not having an in-house IR is not going to scale. Ransomware attacks are no longer low and slow but more smash and grab. They happen quickly on a long weekend or before an important deadline. What is needed is not to focus only on hygiene and hardening, which everyone keeps talking about but never gets done. Small lapses will happen.</p>
<p>Organizations must invest in detection and response with AI to find these attacks in the earlier stages. You want to kill an infection before it gets too deep into your network.</p>
<p>Additionally, cybersecurity firm Sucuri has <a href=\"https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUQypE-2BKzFTtbagXh1zq732xaf65ma1FNUuJa-2FvAu67lAqoc8-2F-2Bjn7WCZKrxMhMmfBRs2jXO54npG7Qye-2BLZxSSWS1YZJOwuHLr4H7cLt5Xh6IIjA_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGbACtpGEOUo9gKA7RdPV7CHYnRZ1BgjoepqPsAq5T4X7OPHmw4iuricWSmMEgE-2BxhSxk1GUrFx28GMyN29SX-2F0BI0WFhy-2FaSQJXhChUz1EUrb4lJ5vQogUxwHZh6MygbUNUQwkHhE5XHuzb9CjZrdvXWqUKY5O-2FJCCUWqACDBLbW4fN85qkaJPPQR8XZ74b26-2B7zYyhuBLZ57fxZ57Dvie0rtHe8OOY5QA8Le4xeRljcd0eiRtcC-2FwwCQZZszu5tm8FDHWTz1oFrydrplAEoRtdLyowxk09y6PWKyumHB1ax\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://u7061146.ct.sendgrid.net/ls/click?upn4tNED-2FM8iDZJQyQ53jATUQypE-2BKzFTtbagXh1zq732xaf65ma1FNUuJa-2FvAu67lAqoc8-2F-2Bjn7WCZKrxMhMmfBRs2jXO54npG7Qye-2BLZxSSWS1YZJOwuHLr4H7cLt5Xh6IIjA_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGbACtpGEOUo9gKA7RdPV7CHYnRZ1BgjoepqPsAq5T4X7OPHmw4iuricWSmMEgE-2BxhSxk1GUrFx28GMyN29SX-2F0BI0WFhy-2FaSQJXhChUz1EUrb4lJ5vQogUxwHZh6MygbUNUQwkHhE5XHuzb9CjZrdvXWqUKY5O-2FJCCUWqACDBLbW4fN85qkaJPPQR8XZ74b26-2B7zYyhuBLZ57fxZ57Dvie0rtHe8OOY5QA8Le4xeRljcd0eiRtcC-2FwwCQZZszu5tm8FDHWTz1oFrydrplAEoRtdLyowxk09y6PWKyumHB1ax&source=gmail&ust=1637234911658000&usg=AOvVaw09ZUK-pHYMfmpX74WLA0fC\">discovered</a> WordPress sites are being hacked in fake ransomware attacks. Researchers discovered the attacks on unencrypted WordPress pages where the threat actor modified an installed WordPress plugin to display a ransom note and countdown. The plugin also modified all WordPress blog posts and set their ‘post_status’ to ‘null’, causing them to go into an unpublished state.</p>

Last edited 2 years ago by Saumitra Das

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x