Dark web armies are drilling down the economic hole by paralyzing businesses

On June 9, 2020, the US Securities and Exchange Commission determined that AVON Products, Inc. suffered a cyber attack on its IT infrastructure, interrupting the business. The first to raise concerns were AVON representatives, who were unable to place or receive their orders. Up to 6 million women around the world have been stripped of additional income they make from selling the cosmetics to support themselves and their families.

ZDNet’s source revealed that the incident is a ransomware attack carried out by the DoppelPaymer ransomware operators. The same group attacked NASA’s IT contractors and Boyce Technologies, a company producing 300 units of bridge ventilators per day and shipping them to NYC hospitals. DoppelPaymer also had several successful attempts to disrupt Fortune 500 companies.

The ultimate victim of any cyber attack is the end user, employee, representative or a patient.

The weak spots are created by users

As a rule, attacks happen due to postponed updates: vendors provide fixes, but users are not in a rush to install them. This creates weak spots hackers never fail to take advantage of. The timing couldn’t be more perfect for attacks now that most employees are working from home and are even less concerned with updating the systems.

Both enterprises and consumers must update software and operating systems on a regular basis. Updates usually include critical fixes that repair security flaws and vulnerabilities which hackers might have already exploited to target others. The latest software version is also the most secure.

The cost of the attacks

The attackers gather sensitive documents in order to demand a ransom. The attack itself targets the CVE-2019-19781 vulnerability.

The average ransom victims pay (when they pay) has increased by 60% this year, going from $111,605 to $178,254.

It might be tempting to obey ransom demands in order to avoid substantial corporate loss. Even the FBI admitted that when businesses face the probability of freezing their operations, they may decide to pay up. Besides, history proved that a singular payment does not solve the problem, and companies may expect to pay more. The same applies to people.

Hackers sell hacked Facebook accounts, US driver’s licenses, and online banking logins for as much as $70 on average.

We repeat the same rules of precaution. Use unique and complex passwords, store them in a password manager, and never click on suspicious links. It is also highly recommended to use protective software like a VPN to browse safely and avoid viruses. Last but not least, do not share your private data with anyone.

ABOUT NORDVPN

NordVPN is the world’s most advanced VPN service provider that is more security-oriented than most VPN services. It offers double VPN encryption, malware blocking, and Onion Over VPN. The product is very user-friendly, offers one of the best prices on the market, has over 5,000 servers worldwide, and is P2P-friendly. One of the key features of NordVPN is the zero-log policy. For more information: nordvpn.com.