11 Jul Breaking the Record-breaking Vulnerability in Google Chrome in May Underscores the need to Move Away from reactive-based IT Solutions

Hello from SOS|Support! I’m a few days late for July’s newsletter having spent last week in Lake Powell with family and friends… I’ll put a fun 4th of July picture below for all my SOS friends. 

🙂 NOTE: READ ALL THE WAY THROUGH, PAY ATTENTION TO THE DETAILS…  FIND THE POP QUIZ AND THE FIRST ONE TO EMAIL ME BACK THE ANSWER WILL GET A $25 AMAZON GIFT CARD! 🙂

We anticipate unveiling some awesome upgrades from our team in the next few weeks! In the meantime, I wanted to share some statistics about the 2024 year to date. My right-hand man Scott Gentry was in Denver for “Pax8 Beyond” in June… which is an I.T. conference quickly becoming the Gold Standard tech conference of the year with execs from Microsoft, Amazon AWS, Google, Apple, and dozens of the other largest Tech companies in the world. 

A few notable highlights (or, lowlights.. as this is kind of sad):

• Ransomware Attacks in 2024 are up 96%
• Year to date, there have been more successful attacks in 2024 than all of 2023 alone
• NVidia passed Apple as the 2nd largest Tech company. Only Microsoft is bigger. 
• Microsoft 365 continues to dominate Google Workspace 

What do we think about this?

• This exceeded expectations – in the wrong way. I expected things to get worse, but not this bad. 
• We are ahead of the curve – and were already eliminating all our “Reactive” support plans… It’s bad I.T. business at this point to be reactive. There is far too dominant a need for proactive remediation and monitoring for all I.T. assets … Not just for our client’s sake, but also to protect ourselves. 
• We eliminated our Hybrid plan for this very reason – and replaced it with our “IT Unleashed Lite” plan… which is the same thing, other than we are pro-actively patching operating systems and 3rd party applications (such as Chrome, if you recall my email last month) from vulnerabilities. 
• At this point, not doing this is more like running a new car into the ground… waiting for it to break, and not doing oil changes and maintenance proactively. Yes, you can skip waxes and leave seats with stains… but mission-critical things to keep your car running smoothly and safely should never be skipped. 

SOME SUCCESS STORIES:

I was notified by our lead engineer about a handful of incidences this past month… Here are a couple examples:

Scenario 1

The client was looking on Amazon when a popup came on the screen. This popup led to an executable that was malware. Our proactive agents FROZE the internet, and the client called us not realizing they had been hacked and that our protection agents had blocked access to the malware as well as the user. We were able to remediate and get the client back online. 

Scenario 2

The client was interacting with a (unknowingly) malicious incident of the popular remote agent called ScreenConnect (this issue is on the rise!). Our proactive agents analyzed the executable and found that it was not a legitimate instance and was, on the contrary, a mimic file that looked every bit like the real program but it was hacked code. The agents then isolated the computer and removed its network access to prevent spreading. We then finalized remediation and got the client back online. 

These are just two examples of things we are seeing every day. To summarize, here is a quick update on the status of 2024 CyberSecurity:

In 2024, the United States has experienced a notable increase in cybersecurity breaches compared to 2023. Here are some key statistics:

1. Ransomware Attacks: In 2023, 66% of organizations reported being targeted by ransomware, with the average ransom payout rising significantly from $812,380 in 2022 to $1,542,333. In the first half of 2023 alone, ransomware extortion totaled $176 million more than in the same period of 2022. Despite a slight decrease in the percentage of incidents involving ransomware from 21% in 2021 to 17% in 2023, the overall impact and financial cost have increased dramatically? (Cobalt: Offensive Security Services)?? (The White House)?.
2. Data Breaches: The number of data breaches in the United States was high in 2023, with 3,205 incidents affecting over 353 million individuals. In 2024, the trend of large-scale breaches continues, with several high-profile attacks exposing millions of records? (Norton)?? (The White House)?.
3. Phishing and Email Attacks: Phishing remains the most common type of cyberattack, accounting for 39.6% of all email threats. Email is the primary vector for 94% of malware deliveries. The reliance on phishing for cyberattacks continues to be a significant issue in 2024? (Cobalt: Offensive Security Services)?.
4. Cost of Cybercrime: The financial impact of cybercrime is growing. The average cost of a ransomware attack in 2023 was $4.54 million. This high cost reflects the increased sophistication and financial demands of modern cybercriminals? (Cobalt: Offensive Security Services)?? (The White House)?.
5. Sector-specific Impacts: Critical infrastructure, such as healthcare and energy sectors, remains a prime target for cyberattacks. The construction industry was notably impacted by ransomware in 2023, and attacks on critical infrastructure by state and non-state actors have continued to grow in 2024? (Cobalt: Offensive Security Services)?? (The White House)?.

Overall, the cybersecurity landscape in the United States has seen a continuous rise in both the frequency and severity of breaches, with significant financial and operational impacts across various sectors.

To end on a fun note – Happy Independence Day. We are blessed to be in a great country. These kids were ultra-patriotic! 

POP QUIZ: What are the teens saying in this picture? The winner gets a $25 Amazon gift card!

Carter showing off but he is the most patriotic kid I know!