Cyber Risk Update 13 JAN 2023

Local Governments are still a target:

• The Housing Authority of the City of Los Angeles, on January 3, 2023, announced that a cyberattack has disrupted its systems. https://techcrunch.com/2023/01/03/hackers-claims-ransomware-attack-on-los-angeles-housing-authority/

• LockBit claims an attack on the Port of Lisbon https://cybernews.com/news/lockbit-attacks-port-of-lisbon/

• A municipal ambulance services provider that serves 15 cities in a Texas county has reported to federal regulators a ransomware breach potentially affecting 612,000 individuals, which is equivalent to nearly 30% of the county's 2.1 million population https://www.govinfosecurity.com/texas-county-ems-agency-says-ransomware-breach-hit-612000-a-20876

• The San Francisco Bay Area Rapid Transit System (BART) was listed this week by the ransomware group Vice Society as being among its latest victims. https://www.darkreading.com/ics-ot/san-fran-bart-investigates-vice-society-data-breach

Supply Chain & Third Party Risks

• Government Offices Revert to Pen and Paper. Over 400 U.S. counties continued to work with pen and paper after a cyberattack on their digital records management vendor last week disrupted methods to view, add and edit government records. https://www.databreachtoday.com/cyberattack-on-records-vendor-affects-scores-us-counties-a-20856

• SweepWizard, an app that law enforcement used to coordinate raids, left sensitive information about hundreds of police operations publicly accessible. https://www.wired.com/story/sweepwizard-police-raids-data-exposure/

Obsolete software increases the cyber risk for organizations:

• Microsoft Ends Windows 7 Extended Security Updates on Tuesday. Windows Server 2012 Extended Support will End in October. https://www.bleepingcomputer.com/news/microsoft/microsoft-ends-windows-7-extended-security-updates-on-tuesday/

Critical Infrastructure:

• Tech priorities are out of sync with security needs, CISA director says, “We cannot accept that 10 years from now it’s going to be the same or worse than where we are now. The critical infrastructure that Americans rely on every day … is underpinned by a technology base and that technology base was created effectively in an insecure way.” "Cybercrime damages cost organizations $6 trillion last year. They are projected to reach $8 trillion this year and $10.5 trillion in 2025." Boards and Councils need to understand cyber risk is enterprise risk. "Enterprise risk is owned by the CEO and the board, not CISOs or CSOs, Easterly and CrowdStrike CEO George Kurtz said on a panel at the event." https://www.cybersecuritydive.com/news/tech-priorities-CISA-CES/639939/

Nation States:

• Russian hackers known as the Cold River team targeted three U.S. nuclear research laboratories in the summer of 2022 https://www.reuters.com/world/europe/russian-hackers-targeted-us-nuclear-scientists-2023-01-06/

Cybersecurity Talent Shortage:

• What Should the Governments Do in 2023 to Fill its Cyber Workforce Shortage? https://www.nextgov.com/cybersecurity/2022/12/what-should-government-do-2023-fill-its-cyber-workforce-shortage/381306/

Threat Actors Activities:

• Security researchers warn that patching critical vulnerabilities allowing access to the network is insufficient to defend against ransomware attacks. Some gangs exploit the flaws to plant a backdoor while the window of opportunity exists and may return long after the victim applies the necessary security updates. https://www.bleepingcomputer.com/news/security/lorenz-ransomware-gang-plants-backdoors-to-use-months-later/

• Wisconsin became the latest state to ban TikTok on devices owned by the state government, joining more than 20 other states. Representatives for TikTok have said it wouldn’t share U.S. users’ data with the Chinese government. https://www.wsj.com/articles/why-are-governors-turning-on-tiktok-11673493296

• FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations https://thehackernews.com/2023/01/fortios-flaw-exploited-as-zero-day-in.html