Blume Global Cyber Attack – What’s Going On?

Blume Global Cyber Attack – What’s Going On?

The big cyber-attack that is going on right now is, Blume Global. The company is saying their platform is down after a cyber-attack. There is also have about three or four other cyber-attacks that will be touched on briefly to bring you up to date on what's going on out there and what you need to start doing to protecting yourself from cyber criminals. So, let's get into this information today.

So, there are a lot of cyber-attacks happening right now that are in the news and then some that aren't in the news. You might know somebody who's dealing with a cyber-attack and a ransomware attack. Cyber experts want you to know what you need to do and what these types of businesses need to start doing in order to protect themselves.

What happened with Blume Global? They're saying that their platform is down. Now, they're a supply chain tech provider. So why this is interesting that this company got attacked is because experts know that supply chain disruptions are a very sensitive thing right now with the pandemic and with other things that are happening in the world, mainly around things like inflation and supply chain issues driven by the pandemic.

Many companies are having supply chain issues. Specifically, with this one, an asset management company basically saying that they're trying to restore functionality because of a cyber incident this week that rendered specific systems and data inaccessible to customers. In the video, an article on this incident said they recently experienced a cyber incident that resulted in a disruption of certain Blume systems and data, a Blume spokesman said Friday. This has thus affected our asset management platform, making the application inaccessible. As soon as they learned of the incident, they promptly commenced an internal investigation with the assistance of leading cyber forensic firms and their job was to assess the scope and mitigate any potential impacts. They said they're moving as fast as they can to fix the problem and get the platform back to full operational capacity. They also mentioned that their customers trust us to provide these solutions without interruption.

The company said they take that seriously. This comes on the back of the Expeditors International cyber-attack, another supply chain logistics company that's out there. Taking them a while to get back up and running. Lessons learned here from companies like Kronos who were cyber attacked and ransomware attacked, had a very long haul before they were able to get back up and running. So that leads us to believe that these companies don't have strong enough incident response plans and disaster recovery plans and they're not fully thinking through what can happen in a cyber-attack. At this point in 2022, that if you're a business and you have gotten this far without doing these types of things, your time is really running out. I hope you hear these messages that companies like Xact IT Solutions and other cybersecurity professionals and cybersecurity experts are bringing out to the forefront to make sure you're aware that you need to start doing things now.

If you don't know what those things are, start getting educated on what a cyber security framework is and what are the elements within a cyber security framework that you need to do in order to protect yourself from cyber criminals. If you follow Xact IT Solutions favorite frameworks that is out there, which was created by the United States government, it's known as the NIST cyber security framework. If you follow this, you'll be pretty well ahead of the game when it comes to dealing with cyber criminals and dealing with things like floods, fires, natural disasters. Anything that can put your business out of commission will help you in these situations, if you put a framework in place. It takes time to do this though. You can't just call somebody up and have a framework tomorrow or next week. There's a lot of things that you're probably going to find in your business that are missing, like policies and procedures and how you do things.

Also, to call when something happens negatively or what your cyber security training and awareness program looks like for your employees. These are all things that experts throw out there because when we go in and ask businesses what they're doing around this stuff, they don't have an answer or they're not doing anything at all, or what we do see that they're doing just isn't good enough to combat today's threats.

Moving right along, there are ransomware attacks at Kellogg Community College, and Austin Peay University. These are two universities that are dealing with cyber-attacks right now. I'm not going to go into too much detail about this stuff other than we know colleges and universities and K through 12 schools are favorite targets of cyber criminals because A, they know that they're not budgeting and doing the things that need to be done around patching, patch management, vulnerability management, meaning is you looking for the things that we know are bad out there?

If you don’t know what this all means, watch the video Xact IT just released on the top 15 ways that hackers are hacking businesses right now. There was a bulletin put out by CISA that describes the multiple cyber-attacks that them and the FBI get involved with. They are seeing the same repeated things over and over. So if you start to take care of these 15 things, the chances are that cyber criminals who are very much running businesses themselves, won't bother you, right? They're looking for these vulnerabilities because they know they can make money quickly if they exist in the environment. A lot of times, they're not going to sit there and look and look and look and keep looking for vulnerabilities in your environment, when they can just move on to another network that's probably going to have one of these vulnerabilities that's in the video. If you want to learn more on this go watch that video.

Xact IT Solutions also mentioned the American Dental Association was hacked. Well, we just want to kind of bring it to everybody's attention, again, that the American Dental Association was hacked. Which there's a lot of cause for concern here. It says that the ADA found itself in the news after hackers broke into its networks and unleashed ransomware. Hackers triggered the malware this weekend, forcing ADA to certain critical systems offline. Their web-based chat, email and telephone services were all impacted as the ADA investigated the situation.

What this means is that there are indicates that a banner linked directly to a Gmail address indicated that the organization, it's not indicated, it's not convinced yet that it's safe to utilize its own mailboxes, its own email system. They don't think it's right now safe to use it. Bleeping computer has viewed an email that was reportedly sent out to the ADA members, like most of the messaging sent at early stages of a ransomware, that it tries to paint somewhat of an optimistic picture of events, this is the ADA is. In particular it states that their investigation has so far not revealed that any member data was stolen. What cyber experts always know, if you listen to my podcast Security Squawk, we always talk about these things that these companies come out late on a Friday afternoon and tell everybody, oh, we actually had millions of records that were found. So, ultimately the ADA is saying that no data was stolen.

Lastly, there is a new ransomware group out there called the Black Basta crew, B-A-S-T-A, and they've already leaked 2.8 gigabytes of data that says it was stolen from the ADA servers, and there's more where that came from too. Also, they've claimed to have stolen around nine gigabytes of data. The information appears to include W-2, other tax forms, financial spreadsheets, and information about private medical practices which is a big deal. A lot of these companies, again, data is the new gold. Companies have to understand that the data that they have is very valuable. It's valuable to people, if it falls in the hands of people that shouldn't have it and that is what is being sold to the world, cyber criminals, and foreign government.

It’s what is being sold potentially to your competitors as well. So, this is what's going on out there. This article is more about Blume Global and the issues that they're dealing with. But more importantly, May 2nd, 2022, we have a ton of cyber-attacks in the news and it's a big problem for businesses. It's a big problem for governments. It's a big problem for universities. Cyber experts see it all over the place. There was a little bit of a lull there for the last couple months, but we're starting to see a massive uptake in ransomware attacks and these are the ones we know about. So that shows that there's way, way more that we don't know about those businesses that are dealing with cyber-attacks. So Xact IT Solutions implores you, reach out to our company, reach out to another cybersecurity professional, get help with this stuff, get your company secure, make sure you're not the next victim.