Cybersecurity

Montenegrin authorities reported a series of cyberattacks on its servers early last week and said they prevented any damage. But the attacks have continued.

Threats to private sector organizations abound—exacerbated by persistent political, social, and economic issues—but U.S. companies aren’t keeping up. By the end of 2022, 26 percent of executives at American companies anticipate they will miss at least 51 percent of threats, a new report found.

There are currently no minimum cybersecurity mandates for the water sector in the United States, although the Biden Administration is working to develop and implement some that target the 1,600 water companies that serve large populations.

As the price of milk, gas, and rent went up in 2022, the cost of a data breach rose right alongside them to peak at the global average of $4.35 million, according to analysis out this week in an annual IBM report.

While availability on the Dark Web of hacked Chinese data has recently increased, so too have Chinese users' interest in Dark Web forums, thanks to one of the world's largest data breaches - 23 terabytes of information on roughly 1 billion Chinese citizens, which was collected by the Shanghai National Police.

A new report out this week from the U.S. Cyber Safety Review Board which analyzed the events surrounding the disclosure of the Log4j vulnerability in December 2021 and its known impact.

More than 82 percent of all data breaches are caused by human-based risks, including phishing, business email compromise (BEC), and ransomware, largely because of a lack of diversity in security awareness teams compounded by increasingly sophisticated attacks.

“The tragic events in Buffalo and Uvalde have underscored a fact known all too well by many Americans: the internet can fuel hate, misogyny, and abuse with spillover effects that threaten our communities and safety online," a fact sheet on the new initiative said.

The persistent pace of attacks is driving “increasing and unsustainable stress levels” in the cybersecurity workforce, and it may be driving larger numbers of security leaders to quit the industry altogether, a new report found.

While it’s no surprise that ransomware attacks increased between 2021 and the first quarter of 2022, the amount that it rose and the threat actors behind the trend disclosed in an annual report from Verizon were a bit startling.

The school district said the breach was caused and exacerbated by a vendor's failure to follow the information security terms of its contract—specifically failing to encrypt data and purge old records.

The U.S. Department of Justice (DOJ) changed its policy toward security researchers acting in good faith to test, investigate, or correct security vulnerabilities, revising its previously broad approach of prosecuting these actions as crimes under the Computer Fraud and Abuse Act.

The food and agriculture sector is facing a higher threat of ransomware attacks during critical planting and harvesting seasons, according to a notice issued by the FBI earlier this week.

Researchers discovered a new malware that is designed to target Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA), bringing the total number of publicly known malwares to do this up to seven.

In 2021, Hydra accounted for around 80 percent of all darknet market-related cryptocurrency transactions. The platform’s “Bitcoin Bank Mixer” service obfuscated digital transactions and made cryptocurrency investigations difficult for law enforcement agencies.

These incidents, coupled with disruptions in electric service in Ukraine due to Russia’s invasion, highlight the fragility of the electric grid and the importance of pre-planning to respond quickly to mitigate further damage from physical attacks and cyber incidents.

As the investigation into a January breach continues, authentication company Okta announced that about 2.5 percent of its customers were impacted by the breach.

U.S. President Joe Biden issued a statement Monday warning of Russian cyberattacks and asking U.S. companies in the critical infrastructure space to redouble their efforts to protect their systems from attacks.

Ukraine’s Internet service was disrupted this week after a cyberattack targeted telecoms provider Triolan. The firm—which provides service for the northeastern Kharkiv region—confirmed the incident and said it was working to restore service.

Executive order is expected to address wide-ranging U.S. governmental approach to cryptocurrency reflecting the many complex aspects of the issue, all with a backdrop of how cryptocurrency could be used to evade sanctions on Russia.

The U.S. Cybersecurity and Infrastructure Security Agency issued an alert about a China-linked, stealthy new cyber threat called Daxin, which is optimized for hardened targets that are not connected directly to the Internet.

More than half a million people have fled their homes to escape the war in Ukraine as major cities remain under attack. But there are two fronts in this war: the physical fighting and the digital domain, where cybersecurity professionals battle disinformation, psychological warfare, and cyberattacks.

The Beijing 2022 Winter Olympics are officially underway in China following a more subdued opening ceremony on Friday as the nation continues to pursue a zero-COVID policy.

The U.S. FDA is drafting regulations that may push companies in the food and beverage sector to adopt blockchain technology to validate every step in the food supply chain.

A cyberattack exposed personal and confidential data from more than 515,000 people who were helped by Red Cross and Red Crescent organizations.

While talks stalled between Western and Russian officials about the country’s increasingly aggressive posture and troop buildup on the border of Ukraine, activity in the cyber sphere was speeding ahead.

Meta notified 50,000 people in more than 100 countries that surveillance-for-hire firms were targeting their accounts for intelligence, manipulation, or compromise, the parent company of Facebook announced Thursday.

Because so many enterprise and open-source software products use Log4j—including cloud platforms, Web applications, and email services—a newly discovered vulnerability puts many critical online functions at risk.

For the first time, the U.S. military acknowledged publicly that it has taken action against ransomware groups.

It’s been a busy week, especially in the cybersecurity arena. Here’s a rundown of some of the top news from around the world.

CISA launches the voluntary ChemLock program to provide resources, tools, and onsite services to chemical facilities that pose a risk but are not subject to regulation.

The United States unsealed court documents on Monday and announced the apprehension of the suspected mastermind behind the most potent REvil ransomware attacks.

China's new data privacy law went into effect this week, and it is already sending shockwaves through the global economy as international firms reassess how they will continue to do business in the country.

Ransomware actors are likely using significant financial events like mergers or acquisitions to target and leverage victim companies—threatening to disclose nonpublic financial information that could trigger investor backlash if victims do not pay up promptly, the FBI warns.

White House Market was the largest dark market for drugs, stolen data, and other illicit activity. While it closed down, its methods live on and make catching its successors that much harder.

Officials arrested 12 individuals in Ukraine and Switzerland on 26 October for their alleged role in carrying out ransomware attacks against critical infrastructure, Europol announced on Friday.

Three high-profile cyber attacks in the past few days indicate the ongoing war between hackers with malicious intent and cybersecurity postures of companies, organizations, and nations continues without abatement.

Threat actors are consistently attempting to infiltrate U.S. water and wastewater sector (WWS) facilities, according to a joint advisory issued Thursday.

The U.S. Department of Justice is launching an initiative to address the use of cryptocurrency to facilitate criminal activity, including ransomware.

After a review of 12 agencies, the GAO found that while all of them invested in the technology needed to support remote work, four had not fully documented their plans to mitigate weaknesses found in IT security controls.

Research examines the Dark Web advertisements of ransomware perpetuators to build a profile of the ideal target: a U.S.-based company with at least $100 million in revenue not operating in taboo sectors.

The Irish Data Protection Commission (DPC) issued a new record high fine against WhatsApp for breaching privacy regulations under the European Union’s GDPR rules. 

The new Personal Information Protection Law in China imposes major restrictions on the collection and use of personal data by companies, however, the government is not subject to the same restrictions.

Blackberry became aware of a vulnerability that impacted multiple components of its software in April 2021, but waited until this week to disclose it after facing increased pressure. 

The report, Federal Cybersecurity: America’s Data Still At Risk, found that only one out of the eight U.S. federal agencies audited for their cybersecurity programs showed improvements in 2020.

This roundup of news from the week covers the recent ransomware payments and recoveries, right-wing extremism in police units, environmental activism, apps that cause suspicion and apps that catch criminals, pandemic updates, workplace shooting motivations, currency wars, and a nun who embezzled and gambled it away.

In a diverse six to three decision, the U.S. Supreme Court rejected the U.S. Department of Justice’s (DOJ’s) interpretation of a major computer fraud law in a victory for security researchers.

Hackers gained access to an email marketing service account used by a U.S. State Department agency to carry out a string of attacks on other agencies, think tanks, consultants, and non-governmental organizations (NGO), Microsoft announced Thursday evening.

While it took nearly seven years for the FBI's Internet Crime Complaint Center tally to reach 1 million, the latest million took just 14 months—from mid-March 2020 to mid-May 2021.

U.S. President Joe Biden signed a long-awaited cybersecurity executive order on Wednesday evening, which instructs the federal government to take a host of actions to improve the nation’s security and resiliency.

Colonial Pipeline, responsible for a major portion of the East Coast's fuel supply, shut down its pipelines over the weekend due to a ransomware attack.

A task force recommended a series of actions to mitigate the threat of ransomware, including requiring cryptocurrencies to adopt anti-money laundering regulatory requirements.

Data from the Washington, D.C., police department ransomware attack has leaked online, adding the Metropolitan Police to the ever-growing list of organizations compromised by hijacked data.

In response to the country’s alleged misconduct linked to the SolarWinds hack and attempts to generate confusion in the United States’ election process, the Biden administration levied new sanctions on Russia.   

The personal information—including phone numbers—of Facebook users exploited in a vulnerability originally uncovered and fixed in 2019 is now freely available.

Up to 150,000 security cameras installed in schools, hospitals, factories, and businesses were compromised, giving outsiders access to video from Tesla factories, prisons, psychiatric hospitals, and more.

While security professionals are continuing to address the fallout from the SolarWinds breach, Microsoft announced this week that it had detected several 0-day exploits being used to attack versions of Microsoft Exchange Server.

The world is at a turning point when it comes to artificial intelligence (AI), and the United States is at risk of falling behind, according to a new report from the National Security Commission on Artificial Intelligence (NSCAI).

CISA released its first international strategy on Thursday in a commitment to work with international partners to address risks and threats to critical infrastructure.

The attack on an Oldsmar, Florida, water utility was unsuccessful; however, it chillingly spotlights a potential vulnerability to critical infrastructure in the United States.

Global law enforcement agencies came together to take down one of the most significant botnets in the world: EMOTET, responsible for distributing the EMOTET malware.

The U.S. Cybersecurity and Infrastructure Security Agency issued an alert this week, warning security practitioners of recent cyberattacks against organizations’ cloud services that exploited poor hygiene practices and phishing tactics.

The recently enacted defense authorization bill and other federal and state laws call for research and begin to codify restrictions on deepfake technology; European countries have not addressed the issue directly.

Philadelphia area hunger relief organization Philabundance was the target of a cyberattack that cost the charity group almost $1 million.

Approximately 115,000 students have been affected by the ransomware-triggered shutdown, and there is no clear timeline for schools to reopen.

If enacted, the IoT Cybersecurity Improvement Act would help consolidate security requirements and considerations for Internet of Things (IoT) devices, including secure development, identity management, patching, and configuration management.

U.S. President Donald Trump announced on Twitter Tuesday that he decided to fire Chris Krebs, the director of CISA, which has led the way for federal cybersecurity initiatives, public–private sector information sharing and partnerships, and election security.

Facebook banned new political ads for the week leading up to the 3 November 2020 U.S. elections.

An artificial intelligence enabled bot created deepfake nude images of more than 100,000 women, some of whom seem to be underage, according to a new report from intelligence firm Sensity.

Six Russian intelligence hackers were charged with the NotPetya attack, as well as several other cyber crimes involving the 2017 French election and the 2018 Olympics.

The ban marks a sharp escalation in Facebook’s battle to curb the movement and its conspiracy theories—which have been identified as a potential domestic terror threat by the FBI.

The year 2020 may permanently shift the way individuals use the Internet. Cybersecurity Awareness Month aims to help people—and security practitioners—take control of their cybersecurity to enhance their overall security posture.

City council members in Portland, Oregon, voted unanimously to enact the strictest ban on facial recognition technology in the United States.

One of the largest public school systems in Connecticut was forced to delay its first day of classes after a ransomware attack affected 200 of the city’s 300 servers.

The U.S. Office of Management and Budget (OMB) released a memo that instructs U.S. federal agencies to create and publish coordinated vulnerability disclosure program (VDP) policies.

Facebook and Twitter reported that the FBI warned them that Russia is again targeting Americans with disinformation, attempting to influence the 2020 U.S. presidential election.

U.S. prosecutors charged the former chief security officer of Uber for his alleged role in an attempted cover up of a data breach of the company in 2016.

U.S. President Donald Trump issued executive orders late Thursday night that bar transactions by U.S. persons or that involve property subject to U.S. jurisdiction with the parent companies of WeChat and TikTok.

The European Union issued its first sanctions for cyberattacks on Thursday against Chinese, North Korean, and Russian groups linked to recent major hacking incidents.

The Court of Justice of the European Union struck down a major data sharing agreement between the United States and the European Union, but confusion remains about what measures corporations can use to share data across the Atlantic.

The United States has ordered China to close its Houston, Texas, diplomatic consulate within 72 hours—a move made in response to alleged violations of American sovereignty and “massive illegal spying and influence operations” from China, including intellectual property theft.

Several accounts of high profile Americans were taken over on 15 July, directing followers of billionaires and politicians to send cryptocurrency to a Bitcoin wallet.

A new study from Deloitte gives overview of the state of AI adoption and highlights risk and ethical concerns companies face.

A joint task force of European investigators cracked the EncroChat encrypted messaging platform, unlocking a gold mine of leads on criminal activities and plots.

The race to exploit COVID-19 fears for profit continues as fraudsters are rapidly evolving their methods—now posing as COVID-19 contact tracers to steal personal information.

Symantec sent a notice to its customers Thursday night, alerting them to a series of attacks against U.S. companies by threat actors attempting to deploy WastedLocker ransomware on their networks.

Despite a 400 percent rise in COVID-19-related cyberattacks, Americans remain largely unconcerned about cyber crime, according to a new report.

New reporting finds CIA did not take appropriate insider threat precautions, which enabled the massive data leak to Wikileaks in 2017.

IBM announced it will discontinue its general-purpose facial recognition business and opposes the use of the technology to conduct mass surveillance and racial profiling.

Recent social media activity has experts concerned about the potential for disinformation to color the outcome of upcoming elections, including the 2020 presidential election in the United States.

The COVID-19 pandemic has spurred more discussion about the possibility of online voting, but some security experts and officials are voicing security concerns about the risks.

The first Thursday of May is designated World Password Day, arguably more important than before as several organizations in various countries have workers operating remotely in response to the COVID-19 pandemic.

The U.S. Department of Defense CIO released a list of a list of best practices for cybersecurity and protecting an information network while teleworking.

From phishing to malware to ransomware, COVID-19-related attacks seek to take advantage of vulnerabilities.

Researchers note the limited use of artificial intelligence in the U.S. government, as well as opportunities for enhancement.

The United States linked a Russian military unit to the hacking group known as Sandworm which is said to be responsible for some of the most significant cyberattacks around the globe over the past 10 years.

The U.S. Department of Justice charged Huawei and its subsidiaries with racketeering conspiracy and conspiracy to steal trade secrets in an indictment released late Thursday afternoon.

The breach compromised sensitive personal information on more than 145 million Americans.

A security lapse by an app maker led to the exposure of data from all 6.5 million eligible voters in Israel, including full names, addresses, genders, phone numbers, and identity card numbers.

A vital U.S. government agency tasked with aiding state and local election officials to secure election systems “has not yet completed” plans to secure the 2020 U.S. presidential election less than 10 months away, a watchdog report found.

FBI Director Chris Wray tells Congress that Russia is conducting "information warfare" leading into the 2020 U.S. presidential election.

The State of Convergence report shows slow adoption of a converged security function, but business conditions may speed up the timetable.

On Data Privacy Day, here are a collection of resources for security professionals.

Department of Interior, military, other agencies cite security concerns with Chinese-made drones.

A study from the University of Michigan found that voting machines advertised as a secure alternative are still hackable.

The internationalization of far-right threats and tension between the Persian Gulf countries rank as the top two security risks for companies in 2020, according to a new risk forecast.

The U.S. Office of Personnel Management (OPM) has made strides in increasing its cybersecurity, but more work remains to be done almost five years after the agency suffered one of the largest government data breaches in history.

ASIS Foundation study researches the degree to which physical security, cybersecurity, and business continuity have converged into a single department.

Despite writing and releasing the text of a bill, bipartisan work on a federal online privacy law is expected to continue well into 2020.

U.S. intelligence officials confirmed that Russia has been spreading a disinformation campaign about Ukrainian efforts to interfere in the 2016 U.S. presidential election.

U.S. federal officials say that foreign governments are trying to steal ideas, proprietary information, and research from American universities.

A group of U.S. federal agencies released a joint statement Tuesday pledging to work with states and localities to protect the 2020 election.

U.S. superiority in artificial intelligence is endangered, according to a new report from the National Security Commission on Artificial Intelligence.

U.S. Representatives Matt Gaetz and Steve Scalise led a group of lawmakers into a closed hearing on Capitol Hill on Wednesday in a major breach of protocol and security.

As part of National Cybersecurity Awareness month, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) and the National Cyber Security Alliance (NCSA)—launched the “Own IT. Secure IT. Protect IT.” campaign.

A new study says employees are to blame for as many as half of all data breaches.

Australian, British, and U.S. officials asked Facebook not to fully encrypt its messaging services to provide greater access to data for law enforcement.