2024: A Year of Eye-Opening Cybersecurity Challenges

This year has been a whirlwind for cybersecurity, with some of the most devastating and eye-opening cyberattacks making headlines. From ransomware shutting down healthcare systems to espionage campaigns targeting critical infrastructure, these incidents have sent shockwaves through industries worldwide.

Why do these attacks matter to your organization and everyday life? Understanding what happened, why it matters, and the lessons we can take away is key in a world where cyber threats are only getting more sophisticated.

We need to learn from our mistakes, it’s that simple.


1. Change Healthcare Ransomware Attack

What Happened
The Alphv/BlackCat ransomware attack on Change Healthcare and its parent company UnitedHealth sent shockwaves through the healthcare industry, impacting over 100 million individuals. According to reports, the attackers exploited vulnerabilities in the company’s infrastructure to encrypt data and exfiltrate private health information, including diagnoses, treatment records, and financial details. The breach disrupted critical healthcare operations across the United States, forcing some facilities to delay treatments and even cancel appointments. Investigations revealed that the attackers used advanced tactics to maintain persistence in the network, escalating the damage over time before their demands surfaced.

Why It Matters
This attack isn’t just about numbers—it’s about lives. The stolen data is not only highly sensitive but also incredibly valuable on the black market, where medical records can fetch significantly higher prices than credit card information. The attackers not only encrypted critical files but also demanded a hefty ransom of $22 million. With Change Healthcare serving as a linchpin in healthcare operations for hospitals, clinics, and insurers nationwide, the attack demonstrated just how crippling a breach at such scale can be. It also exposed the healthcare sector’s ongoing struggles with outdated cybersecurity measures, making it a prime target for sophisticated ransomware groups.

The Takeaway
The Change Healthcare ransomware attack is a stark reminder of the stakes involved when cybercriminals target the healthcare sector. Beyond the immediate operational and financial fallout, the long-term consequences for affected individuals—identity theft, fraud, or even compromised patient care—are immense.

Watch an Exclusive Interview: Learn from James Case, CISO of a major healthcare system, as he discusses the impact of this attack. Watch Here.


2. China’s Cyber Espionage Campaign Targeting U.S. Telecommunications

What Happened
China’s Salt Typhoon group has ramped up its cyber espionage operations, targeting U.S. telecommunications networks to steal sensitive communications data. These attacks have been ongoing for months, starting well before the U.S. election, and have involved highly sophisticated techniques, including the exploitation of vulnerabilities in key systems such as Cisco routers and Microsoft Exchange servers. The breach affected major telecoms like T-Mobile, Verizon, and AT&T. While T-Mobile assured that no sensitive customer data was compromised, the campaign’s larger focus was clearly on high-value government and political targets, showcasing its national security implications​

Why It Matters
Senator Mark Warner, speaking to The Washington Post, emphasized the severity of the attacks, stating, “My hair is on fire” because of the sustained nature of these intrusions. These attacks are far more advanced than previous incidents like the SolarWinds supply chain attack or the Colonial Pipeline ransomware attack. The Salt Typhoon campaign has given Chinese operatives a persistent foothold in U.S. telecom networks, potentially requiring the replacement of “thousands and thousands” of switches and routers. This shows just how vulnerable our most critical infrastructure has become. With these networks integral to national defense and public communications, an attack of this scale not only affects business but could disrupt entire government operations and defense strategies​.

The Takeaway
Senator Warner’s comparison of China’s cyber actions to Russia’s cyber incidents, calling them “child’s play,” highlights the growing complexity and scale of cyber warfare from nation-states. This attack is a wake-up call for the private sector and government alike to seriously address vulnerabilities in telecommunications infrastructure.

Discover OnDefend services: Learn how OnDefend simulates real-world threat actors on an organizations environment in real-time using in-house breach & attack simulation capabilities with BlindSPOT.


3. AT&T’s Data Breach Affects Nearly All Customers

What Happened
Hackers breached AT&T’s systems, stealing 50 billion call and text records. The stolen data included call logs, text message metadata, and who communicated with whom—but not the content of messages. AT&T publicly confirmed the breach in July, acknowledging that “nearly all” its cellular and landline customers were affected, with approximately 110 million individuals being notified.

Why It Matters
The breach highlights the risks of third-party data storage and the value of metadata, even without message content. It also underscores the importance of third-party risk management.

The Takeaway
Ensure continuous monitoring and simulation of potential third-party risks. Comprehensive tabletop exercises can uncover vulnerabilities in your supply chain.

Take the Next Step: How OnDefend can help your company prepare for these challenges by running comprehensive tabletop exercises designed to uncover vulnerabilities in your supply chain. Learn More.


4. Ticketmaster and Snowflake Attack

What Happened
While the Ticketmaster and AT&T attack may be tied, they we’re both impactful enough to generate their own headlines.In May, cybercriminal group ShinyHunters stole the personal data of 560 million Ticketmaster customers worldwide by exploiting stolen login credentials for Snowflake, the company Ticketmaster uses for cloud storage. The breach included names, contact details, and encrypted credit card information. The hackers reportedly attempted to sell the stolen data for $500,000 on a dark web forum. Ticketmaster delayed notifying customers, citing ongoing police investigations, and recently began sending warning emails to customers in North America.

Why It Matters
The scale of the attack—impacting over half a billion users—raises serious concerns about the security of sensitive customer data stored on cloud platforms. The delay in notifying customers further compounds the issue, as it leaves individuals exposed to potential identity theft and fraud for an extended period.

The Takeaway
Same as above. Love the cloud? Then love regular audits and rock-solid configuration controls even more.


5. Synnovis Ransomware Attack on London Hospitals

What Happened
The Synnovis ransomware group targeted London’s healthcare infrastructure, leading to widespread disruption. Synnovis, which provides laboratory and diagnostic services to hospitals, became a prime target for the Qilin ransomware gang, who successfully encrypted critical data using a combination of phishing and exploitation of vulnerabilities. This attack left hospitals struggling to process medical results, impacting patient care and hospital operations. The breach also forced the affected hospitals to switch to manual processes, delaying diagnostic services and causing significant operational chaos.

Why It Matters
Ransomware gangs are increasingly targeting the backbone of healthcare—laboratory services and diagnostic systems. These operations are integral to patient care, and a disruption of such services can have a ripple effect throughout the healthcare ecosystem, potentially putting lives at risk.

The Takeaway
Implement stringent vendor management, comprehensive cybersecurity protocols, and continuity plans to mitigate such attacks.

Discover How: Prepare and defend your organization from ransomware with OnDefend’s Ransomware Defense Validation. Learn More.


The Final Word

These attacks are more than headlines—they’re impacting our everyday lives. No industry is safe, and the general public is becoming more aware of the impact these cyberattacks can cause on our critical healthcare services to the daily use of our cell phones. While we can prevent all risk associated with an attack, we can reduce it. Let’s learn from our past.

Contact Us Today: Learn how OnDefend helps companies prepare for and defend against real-world threats. Get Started.


About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit http://www.ondefend.com/

OnDefend Media Contact:

Lauren Verno, Media@ondefend.com

904-299-3669

 

Sources:

UnitedHealth says Change Healthcare hack affects over 100 million, the largest-ever US healthcare data breach, TechCrunch

Qilin ransomware gang linked to attack on London hospitals, Bleeping Computer

Snowflake hackers identified and charged with stealing 50 billion AT&T records

Ticketmaster warns customers to take action after hack, BBC News

China has utterly pwned ‘thousands and thousands’ of devices at US telcos, The Register

JACKSONVILLE, Fla. (October 29,2024) – OnDefend, a leader in preventative cybersecurity solutions, has been selected as an honoree in the 14th Annual GrowFL Florida Companies to Watch Awards. Selected from over 500 nominees, OnDefend joins a select group of second-stage companies celebrated for their contributions to Florida’s economic growth, innovation, and resilience.

The GrowFL Florida Companies to Watch awards, presented by Nperspective CFO & Strategic Services in partnership with the Edward Lowe Foundation, highlights businesses that showcase impressive growth potential, strong leadership, and community impact.

Recognizing OnDefend’s Commitment to Cybersecurity Innovation and Community Impact

OnDefend’s dedication to cybersecurity excellence is exemplified by its role as an Independent Security Inspector for TikTok USDS and its proprietary Breach and Attack Simulation (BAS) platform, BlindSPOT, which is implemented by Fortune 500 companies worldwide. Judged on employment growth, job creation, financial performance, and innovation, OnDefend’s commitment to safeguarding Florida businesses from real-world cyber threats was a key factor in this year’s selection.

Companies were evaluated on a comprehensive set of criteria including:

  • Growth in employment
  • Impact on job creation
  • Sales growth
  • Financial performance
  • Innovation in products or services
  • Response to adversity
  • Community Involvement

“Being recognized by GrowFL as a Company to Watch is a testament to our team’s dedication to advancing cybersecurity, supporting economic growth, and making a positive impact on our state” said Chris Freedman, CEO of OnDefend. “At OnDefend, we are committed to developing innovative solutions that empower businesses to defend against real-world cyber threats. We’re proud to be part of Florida’s thriving ecosystem and look forward to continuing our mission to ensure that the security resources organizations invest in are well-utilized, effective and provide tangible results.”

“GrowFL Florida Companies to Watch is dedicated to recognizing the invaluable contributions of second-stage businesses,” said Pete Previte, Chair of GrowFL Board of Directors and Broker Associate, CRES CORP. “These companies are the driving force behind Florida’s economic vitality, fostering job creation, innovation and sustainable growth.”

About the GrowFL Florida Companies to Watch Awards Program

For eligibility, companies must be headquartered in Florida with 6-150 employees and revenue between $750,000 and $100 million. Over the past four years (2020-2023), these honorees collectively generated close to $2 billion in revenue and created 1,462 jobs, reflecting a remarkable 180% revenue increase and 127% job growth. This translates to an average annual revenue growth of 45% and 32% employee growth.

Continued Growth Projected for Honorees

These companies projected consistent growth, with a projected 31% revenue increase and 19% employee growth in 2024. If their projections hold true, these companies will have generated more than $2.9 billion in revenue and added 1,951 employees over the last five years — a staggering 266% increase in revenue and 169% increase in jobs since 2020.

The official recognition of the 50 Honorees will take place on February 27, 2025, at the Hard Rock Live in Universal CityWalk, Orlando, FL.


About GrowFL: GrowFL is Florida’s premier organization dedicated to accelerating the success of second-stage companies.  We equip these high-growth businesses (with at least 6 employees and $750,000 in revenue) with the tools and connections they need to overcome unique challenges and achieve their full potential. Through our diverse programs and proven methods, GrowFL empowers Florida’s second-stage companies to drive economic prosperity throughout the state.

About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit www.OnDefend.com.

Contact

 

As Cybersecurity Awareness Month draws to a close and Halloween approaches, we thought it would be fitting to share some spine-chilling “horror” stories from our OnDefend experts.

These tales are a reminder of the lurking dangers from sometimes the most obvious sources. From phishing attacks to data center nightmares, here are five real-life cybersecurity stories that will give you goosebumps! 

1. A Heist from Inside the Data Center 

Wayne Loveless, OnDefend Managing Director of Strategic Services 

Several years ago, I led a large team tasked with designing and implementing security controls for a massive, newly built hospital. The facility had already opened, even though it was still being built from an IT perspective. My primary concern was the lack of physical security controls. For instance, the hospital’s main data center, which served not only the local hospital but the entire Washington D.C. region, had doors propped open, and access was practically free for all.

After repeatedly raising the issue to senior leadership without action, I decided to take matters into my own hands—with the CIO’s permission, of course. I left my badges in the car, put on some scrubs, and walked right into the data center, past several checkpoints without being stopped. I then wheeled out a rack containing patient data right out of the front doors of the hospital, assisted by staff along the way.

I sent a selfie to the regional CIO, showing myself with the stolen equipment. It worked like a charm—security was quickly and dramatically improved. Sometimes, it takes a little trickery to deliver the treat of better protection!

2.The Ghost in the Network 

Aaron Rosenmund, OnDefend Senior Director of Programs and Tradecraft  

The phone rang for the third time in 10 minutes. Our IT support team, utterly exhausted after weeks of around-the-clock shifts, answered yet another call from a team member unable to access mission-critical resources. Machines were mysteriously dropping off the network, and the ports were locking. Logs indicated MAC address mismatches, making it seem like someone was spoofing devices.

The team suspected everything from insider threats to advanced malware, but there was little evidence to go on. It wasn’t until we isolated and baselined one of the systems in the lab that the truth emerged—a rare, misconfigured network switch was causing all the chaos. No hacker, no malware—just a simple configuration error wreaking havoc on an entire mission-critical system.

Sometimes, the biggest horror stories are not from advanced cyberattacks but from the small mistakes that get overlooked during high-pressure situations.

3. The MRI Machine That Opened Pandora’s Box 

Joe Brinkley, OnDefend’Director of Offensive Security  

During a penetration test for a hospital, we stumbled upon an old MRI machine running Windows Server 2003—ancient by today’s standards. Exploiting known vulnerabilities in the system, we gained access. But what we uncovered next was truly terrifying.

From this single machine, we cracked passwords, infiltrated the hospital’s local domain, and compromised more accounts. Then, we gained access to a connected vendor’s domain and VPN, escalating our privileges. In the end, we had the ability to steal sensitive patient data from multiple organizations undetected.

The experience was a chilling reminder that even seemingly innocuous devices can become powerful tools for cybercriminals if left unprotected.

4. Even the Experts Aren’t Immune 

Billy Steeghs, OnDefend COO 

Phishing attacks are one of the most effective tactics used by cybercriminals. We were conducting a phishing and social engineering test for a client. After presenting the results, we realized that the person who had initiated the test and signed the contract had fallen for the phishing attempt. Despite being fully aware of the exercise, they unknowingly provided their credentials.

It was a humbling reminder that no one is immune. Even those who organize the tests can be caught off guard. It just goes to show how convincing and dangerous phishing attacks can be—especially when they target human behavior.

5. A Web App Pentest Turned Real-Life Nightmare 

Evan Hosinski, OnDefend’s Senior Tradecraft Engineer 

One of the most frightening experiences I’ve had was during a web application pentest for a medical company. They relied on a third-party vendor to generate all their PDFs linked to medical records. After some probing, I found the vendor’s site and a version number that led me to a series of vulnerabilities (CVEs). Using this information, I developed a tool that could brute force random patient IDs, giving access to medical records. 

When I presented my findings, the client dismissed it as an unlikely scenario, saying it would require insider access. Fast forward a few months, and the same company made the news—hundreds of medical forms were leaked due to the exact type of brute force attack I had warned them about. This was not a database leak but a targeted attack, and they paid the price for not taking the threat seriously. 

 

Final Thoughts 

From phishing attacks and unsecured data centers to unpatched machines and network misconfigurations. These real-life stories remind us that even the most well-prepared organizations can fall victim to cyber threats. The lesson here? Always stay vigilant and never underestimate the power of even the smallest vulnerabilities—they might just turn into your next horror story. 

 


About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit http://www.ondefend.com/

OnDefend Media Contact:

Lauren Verno, Media@ondefend.com

904-299-3669

Hurricane Prep 101: How to Protect Your Data and Devices

When preparing for a hurricane, most of us think about securing our homes, gathering emergency supplies, and planning evacuation routes. But backing up your data and staying vigilant of scams after the storm are also crucial in planning. Below is your need-to-know guide to keeping your information safe as a storm approaches.

1. Back Up Important Data

Cloud Backups: Don’t let the storm take your valuable files with it. Use services like Google Drive, Dropbox, or OneDrive to back up essential documents, photos, and files. These platforms ensure that your data is stored securely offsite, safe from any physical damage to your devices.

External Hard Drives: Consider having a local backup. An encrypted external hard drive, stored in a waterproof container, is a great way to have a quick recovery option at hand if your cloud access is disrupted.

2. Use Battery Backup for Electronics

Uninterruptible Power Supplies (UPS): Power outages are almost guaranteed during a hurricane. To prevent sudden shutdowns and data loss, a UPS can keep your systems running just long enough to safely save your work and shut down your devices.

Backup Power Solutions: Portable power banks or generators can keep essential devices running for hours, or even days, if the power goes out.

3. Secure Devices and Networks

Update Software: Make sure all your devices—computers, smartphones, tablets—are running the latest security updates. These patches protect you from known vulnerabilities, especially in the chaos of a hurricane.

Enable Encryption: If your devices are lost, stolen, or damaged, encrypted data ensures that your information cannot be accessed without authorization.

4. Enable Multi-Factor Authentication (MFA)

Activate MFA: This extra layer of security can be the difference between keeping your accounts safe and exposing them. Even if a device is stolen, MFA ensures only you can access sensitive information.

5. Prepare for Offline Access

Download Critical Information: Have important documents, contact lists, and emergency information downloaded onto your device so that you can access them without an internet connection.

Offline Passwords: Many password managers offer offline access. Alternatively, consider keeping a physical list of crucial passwords, stored securely.

6. Plan for Communication Disruptions

Backup Internet Solutions: Mobile hotspots, satellite phones, or even pre-purchased data plans can keep you connected to loved ones, your workplace, or emergency services if power lines and Wi-Fi networks are down.

VPNs for Remote Work: If you plan to work remotely during the storm, double-check that your VPN is operational, and you can connect securely to your company’s network.

7. Be Wary of Cyber Scams Post-Storm

Phishing Attacks: In the aftermath of a hurricane, opportunistic scammers often send fake emails pretending to be from disaster relief agencies or charities. Be cautious about unsolicited requests for personal information.

Charity Scams: Make sure your donations go to legitimate organizations by checking that the charity is verified.

8. Secure Physical Devices

Waterproofing: Protect your physical devices, including laptops, hard drives, and other electronics, by sealing them in waterproof containers or bags.

Offsite Storage: If possible, store your most valuable tech equipment in a safer location out of the storm’s path.

9. Create a Cyber Response Plan

Critical Contact List: Have the numbers of your IT team, managed service provider, or relevant tech support ready. Post-storm recovery may require immediate assistance to mitigate damage.

Incident Response Plan: Ensure your organization has a solid plan for recovering data and restoring operations in the event of a system compromise.

10. Stay Updated with Alerts

Set Up Alerts: Sign up for notifications from trusted organizations like the National Weather Service (NWS) and the Cybersecurity and Infrastructure Security Agency (CISA). These alerts can provide real-time updates on both weather patterns and emerging cybersecurity threats.

 


It’s important to remember that cybercriminals will use catastrophic events to prey on victims’ emotions. Stay vigilant but most importantly stay safe.

OnDefend welcomes Aaron Rosenmund as Senior Director of Programs and Tradecraft.

With a passion for redefining cybersecurity strategy and prevention, Aaron brings extensive expertise in red teaming, threat emulation, and security testing.

In addition to his role as Senior Director of Programs and Tradecraft, Aaron will serve as associate program director for the Independent Security Inspector program with TikTok USDS. He will lead teams to ensure the effectiveness of security measures for TikTok USDS, while driving innovation and implementing his strategic vision across OnDefend’s services and product offerings. 

 Learn a little more about Aaron and the expertise he brings in this one-on-one interview:   

Q: What is your role at OnDefend? 

In my role as Associate Program Director, I’ll be working with the Independent Security Inspector team to ensure that TikTok USDS—formerly Project Texas— successfully separate U.S. data and the behavior of the U.S. application for all U.S. citizens from the ability for ByteDance, the owning company, to be able to manipulate it or have access to it. This is critical work, especially in today’s climate where privacy concerns are front and center. 

What excites me is that we’re not just taking things at face value. We’re testing to ensure every control is functioning the way it should, providing confidence that U.S. data is protected.  

Outside of that, my goal as Senior Director of Programs and Tradecraft is to help OnDefend focus on real-world cybersecurity testing. We have compliance, but we need to go beyond it. We need to test these systems in-depth and find the flaws before the bad guys do. 

Q: How did you get started in cybersecurity? 

It’s not the typical “I grew up coding” story. I actually started in construction, working with concrete grinders, but I realized that wasn’t for me. I invented robotics to automate those machines, and that’s how I fell in love with technology. From there, I joined the National Guard, where I focused on securing air operations systems.  

After 9/11, protecting airspace became a top priority, and I helped build secure systems for that mission. The hands-on experience with automation and security sparked my interest in cybersecurity full-time.  

Q: Can you walk us through some career highlights?

One of my proudest projects was creating mission defense teams for the Air Force. We were building secure systems, and I realized no one was testing them—no one was seeing if the protections we put in place were actually working.  

 I started emulating attackers, and that was when I knew this was where I wanted to focus my career. 

More recently, at RSA, I presented research on using command and control that bypasses detection entirely. We figured out how to send data within packets, modulating information in a way that no existing defenses could detect. It was a game-changer and is something I’m still excited to be working on. 

 Q: What excites you most about joining OnDefend?

First and foremost, the people. I first met co-founder Ben Finke at a local B-Sides conference, and we hit it off because of our shared passion for giving back to the cybersecurity community.  

What also drew me in is OnDefend’s mission of testing and validating security controls rather than just relying on compliance checkboxes. 

That curiosity only grew when I learned about Blindspot, OnDefend breach and attack simulation solution which is doing exactly what I’ve been advocating for—simulating real-world attacks, identifying vulnerabilities in real time, and giving teams essentially ‘the answers to the test’ to fix these problems before they’re exploited.  

We don’t just want to meet compliance standards; we want to ensure real-world defenses are in place and constantly working, a core message in OnDefend’s mission.  

 Q: Is there a project or accomplishment you’re particularly proud of?

There’s one project that stands out: my first RSA presentation. I demonstrated side-channel attacks using mechanical waves—essentially using a computer’s fan to transmit data.  

 It was like performing a magic trick on stage, and it worked flawlessly.  

The audience was blown away by how we could exploit something as simple as a fan’s noise to leak sensitive information. 

 I took this 20-year-old computer with a graphics card in it and then I brought an Xbox Kinect, like one of the old school ones with the microphone array. 

I set them up 30 feet apart from each other and then walked through how you would compromise a device like that and be able to, without having even administrative control, transmit data by changing the speed of the fan. 

We had the whole room quiet.  

I had them give me a phrase, and then we ran the code live and the fan’s just kind of going on and off and then that transmitted back to information that you could collect.  

There’s no feeling quite like taking your own research and presenting it in a way that the whole room was amazed like I was doing this ‘magic trick’ when really it was just cybersecurity.  

Q: What’s something people should know about you?

I’m still serving in the Air National Guard as a cyber warfare officer, contributing to offensive cybersecurity operations. It’s important for me to give back to the military and the country. The skills and experience I’ve gained on the civilian side directly help improve our national defense capabilities. There’s a real sense of duty in being part of something bigger. 

Q: Where do you hope to see the state of cybersecurity in five years?

I’d love to see a shift where we prioritize real technical skills over just compliance. If we can test security controls every day and fix them in real-time, that’s where we need to be as an industry. Right now, there’s too much focus on checking boxes, and not enough on verifying that the systems are truly secure. 

Q: Looking ahead, what would you like your legacy at OnDefend to be?  

On the ISI side, I want to help build a team that can elevate their knowledge and capabilities above the attackers we’re emulating. It’s about outsmarting the threat actors. 

I’m also focused on amplifying OnDefend’s approach at proactively validating security program. If we can inject that mindset of testing and validation into organizations, we’ll not only protect our clients but change the industry’s approach to staying secure. 

Explore how OnDefend is reimagining security programs and going beyond compliance with experts like Aaron Rosenmund, bringing advanced threat emulation and real-world testing to protect organizations around the globe.

About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit http://www.ondefend.com/

OnDefend Media Contact:

Lauren Verno, Media@ondefend.com

904-299-3669

Former Department of Defense, Booz Allen & EY executive Wayne Loveless joins OnDefend as Managing Director of Strategic Services and Associate Program Director of the Independent Security Inspector program for TikTok USDS. 

Wayne Loveless is a globally recognized cybersecurity engineer, strategist, and leader with more than 25 years of industry experience across the Government and Public Sector, Defense, Energy, Oil and Gas and Healthcare industries.

He has led and supported teams in the development of National Cybersecurity Strategies, development and implementation of large-scale enterprise cybersecurity programs, research and development, and cybersecurity engineering in government and private industry.

Interview with Wayne Loveless:

Q: What is your role at OnDefend? 

” I get the exciting opportunity to support in the delivery of a key strategic project with the ISI team focusing on TikTok USDS security testing. This allows me to bring my global experience in delivering large scale cybersecurity programs in support of the overall objectives of the project, work in developing human capital, and drive high performing teams.

Additionally, I have another role in my capacity of Managing Director of Strategic Services, where I am working with the OnDefend Leadership to expand into new markets, industries, and geographies. Whether with core consulting services or new partnerships for OnDefend’s unique software and services, I get the opportunity to help supercharge the growth of services and clients on a global scale.”

Q: How did you get into cybersecurity? 

” I started my career in cybersecurity as an active-duty U.S. Military member serving in both the United States Marines and the US Army. Following my nearly decade of service, I transitioned into supporting the US Department of Defense as a Cybersecurity Analyst with the DISA Field Security Office and the rest was history.”

Q: You have had quite an extensive career, tell me some highlight roles? 

“As a consultant with leading companies such as Booz Allen Hamilton and Deloitte, I led strategic cybersecurity programs and security-oriented services with the DOD, US Navy, NSA, DOE, USMC, US Treasury Department, and the Department of Justice. Following my extensive government work, I moved to the Middle East where I led teams across the region in supporting cybersecurity programs in the Oil and Gas, Financial Services, and Government and Public sectors.

With Booz Allen Hamilton, I led the International Cybersecurity practice based out of Abu Dhabi, UAE and supported and led the development and implementation of National Cybersecurity Strategies, development of national cybersecurity agencies and capabilities, the development of national cybersecurity standards, and the design and implementation of cybersecurity detection and response capabilities at a national level. I joined EY MENA as a senior Partner leading the Government and Public Sector Cybersecurity Practice for the Africa, India, and Middle East region.”

In addition to working for major corporations and government agencies, I’ve had the opportunity to create numerous startups, functioned as a Global CISO and vCISO, and supported various entities as a Strategic Cybersecurity Executive Advisor. Which has led to some passion projects of mine, including being a contributor, published author, speaker, and sought out subject matter expert in the fields of cybersecurity and digital transformation.”

Q: Are there any projects you’ve worked on that stood out from the rest?

“One project I am most proud of was the development of a national cybersecurity strategy for a G20 country that established a new cybersecurity authority and regulatory scope across the public and private sector. Reporting directly to the head of state, the authority has grown to employ thousands of people in the cybersecurity field, creating new opportunities, particularly for women in the cybersecurity field as a very underrepresented group within the domain. The strategy and agency moved the country from the bottom of rankings for cybersecurity globally to one of the top 10 countries within three years, driving billions of dollars in investment and growth across the industry.”

Q: What are you most excited for in joining the OnDefend team? 

” I have a passion for growth and taking on new challenges. Growing a small business and scaling new capabilities is a lifelong motivation. With OnDefend I have a unique opportunity to open new doors, expand service offerings, and bring new and exciting opportunities with a broad range of clients in international organizations and the Federal Government. This in turn helps grow not only the OnDefend portfolio of clients and cyber experts, but also the broader Jacksonville profile as an emerging cybersecurity hub in the southeast region.”

Explore OnDefend’s array of professional services, spanning from network penetration testing to tabletop exercises, and see firsthand how the OnDefend team can invigorate your security program.

 

About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit http://www.ondefend.com/

OnDefend Media Contact:

Lauren Verno, Vice President of Communications & Marketing

Media@ondefend.com

904-299-3669

AT&T Data Breach: What You Need to Know

OnDefend CEO Chris Freedman discusses the AT&T data breach with WJXT News4Jax.

You can watch the full interview here:

The Breach Details: The breach, which primarily involved data from 2022, impacted AT&T’s cellular customers, customers of mobile virtual network operators using AT&T’s wireless network, and landline customers who interacted with those cellular numbers. In total, approximately 109 million customer accounts were affected. AT&T has confirmed that the compromised data does not include the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information.

Nature of the Compromised Data: Although the data does not contain sensitive personal information or detailed usage specifics like call timestamps or customer names, there is a potential risk. AT&T acknowledged that publicly available online tools might be used to find names associated with specific telephone numbers.

Ransom Payment: In an unusual turn of events, AT&T reportedly paid a hacker over $370,000 to delete the stolen customer data. However, there is uncertainty about whether the payment went to the actual perpetrators of the breach.

OnDefend helps companies prepare for and defense against real-world threat. Click here to learn more about our Ransomware Defense Validation service which tests your defenses in depth against ransomware.

Story Originally aired on News4Jax: Data of nearly all AT&T customers downloaded from a third-party platform in security breach (news4jax.com)

TikTok U.S. Data Security Names Independent Security Inspectors as Part of Digital Integrity and Compliance Journey 

Company announces new partnership with HaystackID and OnDefend to further security of the TikTok U.S. platform and app

CHICAGO and JACKSONVILLE, Fla. (June 26, 2024) – Today, TikTok U.S. Data Security Inc. (USDS) is further enhancing the security of TikTok users’ data and protection against cybersecurity threats by appointing HaystackID and OnDefend to serve as Independent Security Inspectors (ISIs) for USDS.

This new collaboration builds on TikTok USDS’ ongoing partnership with Oracle. In May 2022, TikTok created a new organization called TikTok U.S. Data Security (TikTok USDS) as part of its ongoing Project Texas Plan. This special purpose subsidiary is staffed by U.S.-based employees (with some exceptions in the U.K. and Australia to provide global coverage). USDS controls access to protected U.S. user data, content recommendation, and moderation systems in the secure Oracle Cloud. This structure brings heightened focus and governance to TikTok’s operations in the U.S. including data protection policies and content assurance protocols to keep U.S. users and their data safe and ensure users have an authentic experience on TikTok.

Expanding on this established focus, HaystackID and OnDefend with additional support from Mandiant Consulting will serve as the Independent Security Inspectors for USDS. This collaboration is designed to ensure the security and integrity of the TikTok app, its source code, user information, and the U.S. platform as a whole, highlighting TikTok USDS’s commitment to meeting stringent cybersecurity standards.

HaystackID is a specialized data services company solving business data challenges related to legal, compliance, regulatory, and cyber events. OnDefend is a trusted cybersecurity service provider helping organizations prepare for and defend against real-world threats. Mandiant Consulting is recognized by enterprises, governments, and law enforcement agencies worldwide as the market leader in threat intelligence and expertise gained on the frontlines of cybersecurity.

The ISIs will identify potential security risks to U.S. users through technical security testing and validation of the TikTok U.S. platform. This will be a continuous initiative, not a point in time assessment, as TikTok’s ability to deliver a seamless experience to its users is achieved through a sophisticated architecture involving hundreds of thousands of microservices.

“Through Project Texas, TikTok USDS is already well ahead of any peer companies in terms of how we secure users’ data and by providing unparalleled transparency by making our source code available to a third-party for review,” said Andy Bonillo, Head of TikTok-U.S. Data Security. “Keeping our users’ data safe involves constantly innovating and looking around corners for new threats. The partnership we’re announcing today will further our ability to anticipate and prevent emerging and sophisticated cybersecurity threats.”

“Supporting TikTok USDS in their critical mission to safeguard digital security marks a consequential affirmation of our efforts to enhance the cybersecurity standards and data protection efforts of our clients,” said Hal Brooks, CEO of HaystackID. “Our role as Independent Security Inspector is to provide comprehensive support in reinforcing TikTok USDS’s initiatives to maintain the highest levels of digital integrity. We are excited about the opportunity and look forward to contributing to this initiative with national security implications.”

Chris Freedman, CEO of OnDefend, discussed the proactive strategy implemented in this collaboration: “Our advanced security testing team, in conjunction with our proprietary Breach and Attack Simulation platform, BlindSPOT, will play a crucial role in identifying and addressing vulnerabilities within the TikTok application and network infrastructure. Moreover, our rigorous application and network penetration testing standards aim to ensure that the platform’s security strictly complies with national and global cybersecurity standards, identifying potential vulnerabilities while reinforcing trust and safety in the digital ecosystem.”

Price McDonald, Senior Manager, Mandiant Consulting added, “In this effort, our team is focused on providing security assessment services. Continuous penetration testing enables organizations to proactively manage their cyber risk in a rapidly changing threat landscape. This provides a number of benefits including early vulnerability detection, a reduced attack surface, and improved efficiency in responding to threats.”

Shawn Belovich, Senior Vice President of Digital Forensics and Cyber Incident Response at HaystackID and former Deputy Chief Information Security Officer at the White House, addressed the initiative’s alignment with national security priorities. “In my previous role at the White House, I had the opportunity to gain a comprehensive understanding of the intricacies of national security and data protection. I look forward to leveraging this experience. We are intensely focused on ensuring TikTok USDS’s infrastructure is not only secure but also in strict adherence to the heightened standards of cybersecurity and national security compliance directives.”

Read the release on the Tik Tok Newsroom

 ### 

About HaystackID®

HaystackID solves complex data challenges related to legal, compliance, regulatory, and cyber events. Core offerings include Global Advisory, Data Discovery Intelligence, HaystackID Core® Platform, and AI-enhanced Global Managed Review powered by its proprietary platform, ReviewRight®. Repeatedly recognized as one of the world’s most trusted legal industry providers by prestigious publishers such as Chambers, Gartner, IDC, and Legaltech News, HaystackID implements innovative cyber discovery, enterprise solutions, and legal and compliance offerings to leading companies and legal practices around the world. HaystackID offers highly curated and customized offerings while prioritizing security, privacy, and integrity. For more information about how HaystackID can help solve unique legal enterprise needs, please visit HaystackID.com.

 

About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit http://www.ondefend.com/

OnDefend Media Contact:

Lauren Verno

Media@ondefend.com

904-299-3669

Haystack ID Media Contacts:

Carolyn Depko

carolyn@plat4orm.com

908-565-3709

Rob Robinson

pr@haystackid.com

512-934-7531

 

 

 

There’s been no shortage of headlines involving ransomware over the last few months.

Let’s dive into your ransomware roundup with OnDefend.


Behind the Scenes with a CISO: James Case, Baptist Health.

It’s only May, and we may have already witnessed the fallout from the biggest ransomware attack of the year. Change Healthcare is still grappling with significant challenges post-February’s breach. How does this impact other security leaders? We sat down with a CISO to gain an insider’s perspective and insights on the ransomware landscape.

Watch the Full Interview Here


OnDefend in the News

In this article for Forbes, OnDefend CTO Ben Finke breaks down five steps every organization should implement to prepare for an attack. They’re not necessarily difficult, but they are imperative for success.

Read: How To Prepare For A Ransomware Attack

What does negotiating with a ransomware criminal look like? OnDefend COO, Billy Steeghs, sat down with WJXT News4Jax for an in-depth discussion about “Cracking the code on negotiating with a cyber extortionist.”

Watch: Cracking the code on negotiating with a cyber extortionist


Customer Success

BlindSPOT simulates ransomware on hospital system to validate security controls.

Learn how this enterprise hospital system utilizes Ransomware Defense Validation powered by BlindSPOT, a breach and attack simulation solution to prove security controls are working effectively so hospitals can focus on what matter most: patient care.

Read Here: BlindSPOT Customer Success: Ransomware & Healthcare


Ransomware Defense Validation

A solution designed to test your defenses in depth.

A cyber pandemic.
Can you remember the last time you didn’t see a ransomware attack in the news? There is no industry these cybercriminals won’t attack.

While there’s no way to get rid of all the bad guys, the goal is to know you’ve done everything you can to protect your organization. At OnDefend, we’ve made your mission our mission.

Ransomware Defense Validation.


BlindSPOT Updates

Make sure you’re staying up to date on all of the new features released with the BlindSPOT newsletter.

What you may have missed: BlindSPOT Newsletter: April 2024

About OnDefend:

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, contact us.

Negotiating with a ransomware criminal.

The News4JAX I-TEAM is finding out what it’s like at the virtual negotiation table, going behind the curtain of the process with Billy Steeghs, Chief Operating Officer of OnDefend.

Originally Aired On: News4Jax

OnDefend enables companies to reduce risk against ransomware by testing and validating controls against the real-world strains. Discover how OnDefend empowered by BlindSPOT’s attack capabilities are supporting security programs through Ransomware Defense Validation.

Discover if your environment is prepared for a ransomware attack with OnDefend’s comprehensive Ransomware Defense Validation service. This multi-level assurance offering supports security leaders in reducing risk by simulating real-world ransomware threats to validate your security measures.

Learn More About Ransomware Defense Validation.