Examining Recent Cyberattacks on Major Businesses

The last few months have been filled with severe cyberattacks, particularly those taking advantage of major businesses that might not initially be considered targets for these kinds of attacks. For example, McDonald’s Restaurants was recently breached. We examine the situation below, and how it plays into the recent trends we’ve witnessed. 

What Happened in this Breach?

McDonald’s Corp recently announced that some of their data had been pilfered by hackers, after systems in South Korea, Taiwan, and the United States were breached. According to the organization, they had identified unauthorized activity via their internal security, managing to cut it off a week after its discovery. With the assistance of hired consultants, it was discovered that some of the organization’s data had been exfiltrated.

McDonald’s informed their employees in the United States that the breach had involved contact information for franchisees and employees, in addition to some infrastructural data about its locations. Luckily, it seems that no sensitive data regarding any employees was breached, with no customer data absconded with. On the other hand, the restaurant chain has advised its franchises and employees to keep an eye out for any potential phishing emails they could receive.

In its Asian markets, customer emails, phone numbers, and delivery addresses were stolen. Regulators were quickly informed, with the company also reaching out to employees in South Africa and Russia to follow up on possible breaches there.

Cybercrime Targeting Businesses Has Been Prevalent

While this breach didn’t involve the use of ransomware, it is still hard not to group it amongst other attacks we’ve seen recently. In addition to the frequent attacks we’ve seen over the past few years against the healthcare industry and local government bodies, the past few months have given us two major ransomware attacks: one against a global meat distributor, the other against a major pipeline in the United States. Volkswagen has also had its data lifted from a third-party vendor, putting data regarding prospective buyers and existing customers in the wild.

Clearly, No Business is Safe… So What Can Be Done?

With the way that ransomware has developed (focusing on stealing its targets’ data before encrypting it, so that they can sell it after the fact) along with other varieties of cyberattacks, businesses are only under increased threats… and because many such infections are spread through means like phishing, protecting your business will require you to do a bit more than keeping an antivirus up to date. 

Instead, your team members need to be able to not only recognize potential phishing threats as they come in, they need to know how to handle them appropriately. This will require ongoing employee education and training as the threats facing businesses continue to develop, in addition to diligent monitoring of your IT solutions. Macro Systems can help with all this, and more.

Reach out to us at 703-359-9211 to learn more.