Keytronic loses $17 million, What is MXDR?, 2.9 billion SSN records stolen

Keytronic loses $17 million, What is MXDR?, 2.9 billion SSN records stolen

By John Bruggeman, virtual Chief Information Security Officer


Keytronic loses $17 million dollars in ransomware attack

What does a ransomware attack cost?

For Keytronic, the cost is over $17,000,000. Think about that for a minute. Seventeen million dollars. Where did these numbers come from? Keytronic had to file a report with the SEC detailing the cost of the ransomware attack.

Most of the losses are related to lost sales ($15M), $2.3M was in additional expenses (i.e., recovery efforts). Keytronic hopes to make up the lost sales in the future, but how many companies can afford to take that kind of hit? Which of you can take a hit that size and survive? While we don't know the details of the attack yet, it is fair to guess that a few things were not in place:

1. Multi-factor authentication for account access (MFA).

2. Good network segmentation (to limit the blast radius).

3. Managed detection and response (MDR) to quickly detect the threat.

They probably thought it wouldn't happen to them. They probably thought they had substantial protections in place. Needless to say, they were wrong. Don't let it happen to you!

What to do?

1. Require MFA to access your VPN, company e-mail, and any other service.

2. Segment your network to limit the blast radius.

3. Implement MDR and get eyes on glass 24x7.

OnX has security services that can help you reduce your risk and be more cyber resilient.

You can find more about the attack details here.

What is MXDR?

For early Internet users, AI and cybersecurity weren’t even topics of discussion. The only complication on many users’ radars was a tedious dial-up connection.

Three decades later, cybersecurity has become a critical part of being online. According to a February 2024 article in Security Week, the Microsoft Threat Intelligence team announced that cyber criminals were exploiting several vulnerabilities in Windows OS for social engineering, phishing, and malware attacks.

It isn’t just your home computer either that is a target of criminals. Spyware such as Pegasus can infect iPhones, and Android phones are at risk from malware called PhoneSpy. 

Why defense in depth and next-gen firewalls matter

Morgan Stanley’s September 2023 wealth management report, “AI and Cybersecurity: A New Era” stated that “cybercriminals are using AI to carry out a variety of sophisticated attacks, from data poisoning to deepfakes.”

So, what’s the solution? If bad actors are always one step ahead, is it even possible to mitigate risk?

Defense in depth is a strategy to protect your valuable assets from attack, and it should be a feature of every organization’s cybersecurity program. This multi-layered system of security measures is like the moats, gates, walls, and guard towers used to fortify ancient cities and castles.

Managed extended detection and response (MXDR) is a more advanced cybersecurity service than your typical managed detection and response (MDR) or endpoint detection and response (EDR).

MXDR provides a comprehensive suite of services that protects against advanced and persistent cyber threats. MXDR is designed to extend beyond traditional endpoint detection by incorporating threat intelligence feeds from more than just the end-user device.

Here is what you can expect from an MXDR solution managed by OnX:

  • 24x7 threat monitoring and detection: MXDR is a managed service that operates continuously, taking that burden off your team. We offer around-the-clock, eyes-on-glass response to potential cyber threats.

  • Rapid response and remediation: In the event of a security incident, our MXDR team can swiftly respond to the incident and contain and mitigate threats to your company.

  • Experienced cybersecurity talent: Our MXDR service is staffed by seasoned security professionals who bring their expertise in threat hunting and incident response to your environment.

  • Proactive threat hunting: We will actively search for and identify potential threats to your environment before they can cause harm.

  • Operational efficiency: By partnering with you and consolidating multiple security functions, MXDR can streamline security operations for you and reduce the complexity of managing disparate tools.

You can read more about MXDR here.

2.9 billion personal records stolen from National Public Data in U.S.

Ugh... You think you have done a good job protecting your personally identifiable information (PII), and then a breach like this happens.

Two-point-nine billion records with sensitive PII information—like SSN, name, address, previous addresses, family members, etc.—were exposed. Personally, I think the CEO and CIO of companies like National Public Data should face jail time if they didn’t take appropriate cybersecurity precautions, but I digress.

This story broke at the start of August, and we learned about it from Bloomberg via a report released in August from a lawsuit out of Florida. A background check company called National Public Data was compromised and billions of records were potentially stolen and put up for sale on the dark web. Not good! With all the data that is out there it will be easy for criminals to steal identities, compromise accounts, etc.

What to do? 

Make sure you have MFA turned on for all your accounts (e-mail, banking, Facebook, Instagram, etc.) and use passphrases, not just passwords, to make it harder for criminals to steal from you!

You can also check to see if your personal data was involved in the breach by checking out this free site. 

There is an updated article here on MSN.com

Stay secure!


About the author

John Bruggeman is a veteran technologist, CTO, and CISO with nearly 30 years of experience building and running enterprise IT and shepherding information security programs toward maturity. He helps companies, boards, and C-level committees improve and develop their cybersecurity programs, create risk registers, and implement compliance controls using industry-standard frameworks like CIS, NIST, and ISO

Hamed Soltanimehr

Senior Network Engineer / Analyst at Banking Systems | Network Infrastructure Designing & Optimization | Cisco CCNP | Microsoft Azure

3mo

This serves as a strong reminder that no company is immune to cyberattacks, no matter how secure they think they are. It's crucial to implement basic but effective security measures like MFA, network segmentation, and a comprehensive solution like MXDR. The $17 million hit is a harsh lesson, but the real cost of not prioritizing cybersecurity could be much worse. How many companies are prepared to recover from a breach of this scale? Investing in prevention seems like a much better strategy than facing such devastating losses

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics