{"id":3189,"date":"2020-10-01T13:18:19","date_gmt":"2020-10-01T17:18:19","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=3189"},"modified":"2020-10-01T13:18:19","modified_gmt":"2020-10-01T17:18:19","slug":"making-sense-of-the-blackbaud-ransomware-attack","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/","title":{"rendered":"Making Sense of the Blackbaud Ransomware Attack"},"content":{"rendered":"

\"Making<\/p>\n

Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. What happened? What lessons can enterprises learn from it? What might the fallout of the Blackbaud ransomware attack entail?\u00a0<\/span><\/p>\n

Here are the facts. Blackbaud, a cloud software supplier, suffered a ransomware attack that took place over the course of several months and only discovered in May. Upon discovery, Blackbaud decided to pay the ransomware attackers, a move considered unwise by cybersecurity experts.\u00a0<\/span><\/p>\n

Then, the supplier waited two months before initially disclosing the attack to the public. In its original statement, Blackbaud stated that its security team mitigated the damage and expelled the attackers. Additionally, it claimed it paid off the hackers to protect its clients, and that the hackers did not access sensitive data. However, they acknowledged hackers did copy a subset of client data.\u00a0<\/span><\/p>\n

In a new regulatory filing, Blackbaud admitted that hackers did steal sensitive data from some customers including bank account information and social security numbers. Breached information also includes passwords and usernames, although the company believes credit card information was not affected. The affected information may not have been encrypted prior to the attack.\u00a0<\/span><\/p>\n

Blackbaud\u2019s clients include numerous universities as well as several charities in the U.S. and the U.K.<\/span><\/p>\n


Widget not in any sidebars
<\/span><\/p>\n

Expert Commentary: The Blackbaud Ransomware Attack<\/b><\/h2>\n

Mounir Hahad<\/b><\/h3>\n

Mounir Hahad is Head of the <\/span><\/i>Juniper Threat Labs<\/span><\/i><\/a> at Juniper Networks.\u00a0<\/span><\/i><\/p>\n

\u201cIt used to be that computers were secure and that only communication was vulnerable to interception. But that time has long gone. We seem to focus so much on securing communication with encryption that we forget that data security has three essential components: securing data at rest so no one can steal it, securing communication so no one can snoop in on it and ensuring data integrity so no one can tamper with it. Every organization has to take a hard look at the data it stores and make sure no sensitive data is ever stored or moved around in the clear and that data integrity is verified at critical processing steps. Unfortunately, I have little faith this will just happen out of good will. We will need some legislation that mandates this policy and punishes organizations that egregiously ignore this mandate and end up exposing troves of sensitive customer data.\u201d<\/span><\/p>\n

Saryu Nayyar<\/b><\/h3>\n

Saryu Nayyar is CEO of <\/span><\/i>Gurucul<\/span><\/i><\/a>.\u00a0<\/span><\/i><\/p>\n

\u201cThe revelations about the Blackbaud breach are disappointing but, sadly, not surprising.\u00a0 Originally reported as a loss of non-vital information, the forensics reveals a different picture.\u00a0 At the time, there was no reason to assume the attackers wouldn’t abuse or sell the personal information they had.\u00a0 Now that forensics have shown the attackers had access to credit card and banking information, it’s almost certain that information will end up for sale on the dark web, making this incident considerably more serious than originally assumed.\u201d<\/span><\/p>\n

Dan Piazza<\/b><\/h3>\n

Dan Piazza is Technical Product Manager at <\/span><\/i>Stealthbits Technologies<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

\u201cTo stay positive in the court of public opinion, it’s typically best practice to avoid definitive statements about the scope of a potential breach before a full investigation has been performed. Ultimately, it’s far easier to simply state you’re taking the matter seriously and will have further comments after conducting an extensive review of the incident, rather than needing to backtrack from a strong statement that turned out to be false. Needing to walk back statements can, perhaps unfairly, call into question future statements, and brings about scrutiny that could have been avoided. When breaches occur, consumers and others affected will be upset regardless. However, trust is reduced further when false statements are made, despite an organization’s good intentions.\u201d<\/span><\/p>\n

<\/div><\/p>\n

Thanks to these experts for their time and expertise. Learn more about securing your data in our SIEM Buyer\u2019s Guide<\/a>.\u00a0<\/span><\/p>\n


Widget not in any sidebars
<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. What happened? What lessons can enterprises learn from it? What might the fallout of the Blackbaud ransomware attack entail?\u00a0 Here are the facts. Blackbaud, a cloud software supplier, suffered a ransomware attack that took place over the course of […]<\/p>\n","protected":false},"author":41,"featured_media":3058,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[353,1421,95,827,86,1408,276,1422,21,57,22,1423],"acf":[],"yoast_head":"\nMaking Sense of the Blackbaud Ransomware Attack<\/title>\n<meta name=\"description\" content=\"Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. Here's why.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Making Sense of the Blackbaud Ransomware Attack\" \/>\n<meta property=\"og:description\" content=\"Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. Here's why.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-01T17:18:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/\",\"name\":\"Making Sense of the Blackbaud Ransomware Attack\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg\",\"datePublished\":\"2020-10-01T17:18:19+00:00\",\"dateModified\":\"2020-10-01T17:18:19+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. Here's why.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg\",\"width\":800,\"height\":400,\"caption\":\"Panther Labs Releases State of SIEM 2021 Report\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Making Sense of the Blackbaud Ransomware Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Making Sense of the Blackbaud Ransomware Attack","description":"Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. Here's why.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/","og_locale":"en_US","og_type":"article","og_title":"Making Sense of the Blackbaud Ransomware Attack","og_description":"Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. Here's why.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2020-10-01T17:18:19+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/","name":"Making Sense of the Blackbaud Ransomware Attack","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg","datePublished":"2020-10-01T17:18:19+00:00","dateModified":"2020-10-01T17:18:19+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Currently, the cybersecurity discourse is consumed with talk about the revelations surrounding the Blackbaud ransomware attack. Here's why.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/06\/Dark-web-mod.jpg","width":800,"height":400,"caption":"Panther Labs Releases State of SIEM 2021 Report"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/making-sense-of-the-blackbaud-ransomware-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Making Sense of the Blackbaud Ransomware Attack"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3189"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=3189"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3189\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/3058"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=3189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=3189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=3189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}