Cyber Risk Update 14 APR 2023

Cyber Risk Update for the week of April 14, 2023.

Events

• Webinar "Cyber Tabletop Exercises: Mastering Cyber Resilience through Tabletop Exercises" register: https://us06web.zoom.us/webinar/register/WN_OgiKHUPHQbGgt5GEEyg48g#/registration

• Convene, Security Training and Awareness Conference, The National Cybersecurity Alliance, September 6 - 7, The Watergate Hotel 2650 Virginia Avenue Northwest Washington, DC 20037 https://www.eventbrite.com/e/convene-washington-dc-tickets-593323916807

• National Emergency Communications Plan (NECP) webinar: Is This Thing On? Using Backup Communications Systems To Ensure Mission Readiness, April 26th Register: https://www.cisa.gov/news-events/events/thing-using-backup-communications-systems-ensure-mission-readiness

Career

• Cybersecurity professionals looking at the top job have the technical skills to become a CISO but may wonder if they have what it takes to lead a team while ensuring management and board support. Here are five ways to tell if you are CISO material or not. https://www.csoonline.com/article/3691772/5-ways-to-tell-you-are-not-ciso-material.html

• Rethinking Cybersecurity's Structure & the Role of the Modern CISO https://www.darkreading.com/operations/rethinking-cybersecurity-s-structure-the-role-of-the-modern-ciso

Security Convergence

• The Importance of Converging Physical and Cybersecurity an Interconnected World https://www.learnsecurity.org/single-post/the-importance-of-converging-physical-and-cybersecurity-an-interconnected-world

Data Breaches

• FBI investigating electronic ‘network disruption’ at San Bernardino County Sheriff’s Department https://www.sbsun.com/2023/04/08/fbi-investigating-electronic-network-disruption-at-san-bernardino-county-sheriffs-department/

• Hackers Behind Modesto PD Attack Begin Releasing Data https://www.govtech.com/security/hackers-behind-modesto-pd-attack-begin-releasing-data

• NJ Police Agency Hit by Ransomware, Delaying Investigations https://www.govtech.com/security/nj-police-agency-hit-by-ransomware-delaying-investigations

• Two years after the Port of Seattle lost $572,683 to phishing email scammers, the Washington state auditor's office has released the findings of an audit noting issues with consistency and adherence to procedures. https://www.govtech.com/security/port-of-seattle-cyber-audit-released-following-2021-phishing-loss

• A pro-Russian hacking group may have targeted Canada's energy infrastructure in February, the New York Times has reported citing the leaked Pentagon documents. https://www.reuters.com/world/americas/canadian-energy-infrastructure-unharmed-after-cyberattack-says-trudeau-2023-04-11/

• The Vice Society cybercrime group on March 31, 2023, took credit for a cyberattack on Lewis & Clark College, posting samples of passports as well as documents that included Social Security numbers, insurance files, and W-9 forms. https://therecord.media/lewis-clark-college-ransomware-attack-vice-society

• The Jefferson County School System suffered a ransomware attack, but school officials say there was no breach of sensitive information. https://www.wvtm13.com/article/large-alabama-school-system-hit-by-ransomware-attack/43486343

• The UK's Criminal Records Office (ACRO) confirmed that a “cyber security incident” caused online portal issues since January 17, 2023. https://www.bleepingcomputer.com/news/security/uk-criminal-records-office-confirms-cyber-incident-behind-portal-issues/

• Rorschach ransomware, with a rare encryption speed, makes it even harder for companies to respond

• The potential impact and victims claimed by Rorschach remain unknown, but one expert said some yet-undetected attacks are likely underway. https://www.cybersecuritydive.com/news/rorschach-ransomware-encryption-speed/647693/

Incident Response

• CISOs and cyber leaders may not see reporting a breach as the most pleasant of tasks, but experts say mandatory and voluntary sharing of intelligence around incidents can only improve the readiness and resilience of responders. https://www.csoonline.com/article/3692815/why-reporting-an-incident-only-makes-the-cybersecurity-community-stronger.html

Financial Impact

• Ensuring Transparency and Disclosure: Navigating Cybersecurity Risks in the Municipal Bond Market https://www.learnsecurity.org/single-post/ensuring-transparency-and-disclosure-navigating-cybersecurity-risks-in-the-municipal-bond-market

Awareness

• National Public Safety Telecommunicator Week https://www.learnsecurity.org/single-post/national-public-safety-telecommunicator-week-2023

Ethics

• Organizations are increasingly under pressure to protect customer data and ensure it is used responsibly. To hold themselves accountable, companies need a formalized data program. https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/tech-forward/ethical-data-usage-in-an-era-of-digital-technology-and-regulation

• The Bitdefender 2023 Cybersecurity Assessment, which was released recently, has shed light on the pressure faced by cybersecurity teams to keep quiet about data breaches. According to the report, 74.7% of respondents in the United States reported experiencing a data breach or leak within the last year. Of these respondents, 70.7% stated that they were instructed to maintain confidentiality about the security breach when it should have been reported. Additionally, the report found that 54.7% of respondents admitted to keeping a security breach confidential even when they knew it should be reported. https://businessresources.bitdefender.com/bitdefender-2023-cybersecurity-assessment

Cyber Insurance

• Cyber Insurance in 2023: Trends and Insights from Industry Experts https://www.learnsecurity.org/single-post/cyber-insurance-in-2023-trends-and-insights-from-industry-experts-watch-now

• The cost of cyber insurance doubled in the past year for Saint Paul Public Schools in Minnesota, to $120,000. https://kstp.com/kstp-news/top-news/minnesota-lawmakers-consider-school-cybersecurity-funding/

• With cybercrime spreading, insurers are offering a new kind of product to meet the threat: policies that protect individuals, as opposed to businesses. Here's what consumers need to know. https://www.wsj.com/articles/cyber-liability-insurance-coverage-8afc4fdd

Nation States

• Mandiant Bolsters The Case That North Korean Hackers Were Behind 3CX Supply Chain Hack https://www.scmagazine.com/analysis/third-party-risk/mandiant-bolsters-the-case-that-north-korean-hackers-were-behind-3cx-supply-chain-hack

• Russian APT Hackers Actively Targeting European NATO Allies https://www.databreachtoday.com/russian-apt-hackers-actively-targeting-european-nato-allies-a-21678

Cyber Criminals

• Today’s established cybercrime gangs operate like large enterprises. Those with 50-plus staff have affiliates, a few management layers, and more than $50 million in annual revenue. https://www.darkreading.com/vulnerabilities-threats/cybercrime-professionalization-gangs-corporate-headaches

• National Guardsman Arrested for Military, Intelligence Leaks. Jack Teixeira, 21, Accused of Sharing Classified National Defense Info on Discord. https://www.databreachtoday.com/national-guardsman-arrested-for-military-intelligence-leaks-a-21677

AI

• How threat actors are using AI and other modern tools to enhance their phishing attempts https://blog.talosintelligence.com/ai-and-other-modern-tools-enhance-phishing/

• ChatGPT Already Involved in Data Leaks, Phishing Scams & Malware Infections https://networkassured.com/security/all-chatgpt-cybersecurity-risks-attacks/

• AI-created malware sends shockwaves through cybersecurity world https://www.foxnews.com/tech/ai-created-malware-sends-shockwaves-cybersecurity-world

• Time to rethink the AI ethics narrative https://www.humanbrainproject.eu/en/follow-hbp/news/2023/04/13/time-rethink-ai-ethics-narrative/

IoT

• If TikTok is spyware, then what about Chinese IoT? https://www.techradar.com/opinion/if-tiktok-is-spyware-then-what-about-chinese-iot

• For today’s fragmented Internet of Things (IoT) to reach its potential as a fully interconnected ecosystem, the answer may lie in the convergence of cybersecurity and the IoT. https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/cybersecurity-for-the-iot-how-trust-can-unlock-value

• Education Sector Sees 34% Increase in IoT Attacks https://www.scmagazine.com/news/device-security/education-sector-34-increase-iot-attacks

Emergency Management

• The Increasing Concern of Public-Sector Cybersecurity in State and Local Government https://www.govtech.com/sponsored/the-increasing-concern-of-public-sector-cybersecurity-in-state-and-local-government

• Cybersecurity Needs its Place in Emergency Management Now https://www.cpomagazine.com/cyber-security/cybersecurity-needs-its-place-in-emergency-management-now/

Cybersecurity For the C-suite

• The Local Government Officials Guide to Cybersecurity https://www.learnsecurity.org/single-post/the-local-government-officials-guide-to-cybersecurity

• Why CEOs Need To Prioritize Online Safety Compliance https://www.forbes.com/sites/forbestechcouncil/2023/04/07/why-ceos-need-to-prioritize-online-safety-compliance/

• Cyber Risk Is Growing. HBR. The consequences of cyber-attacks are growing increasingly severe. And as “bad actors” become increasingly well-financed, and the “attack surface” where cyber threats are deployed becomes increasingly larger and more complex, it’s becoming practically impossible to ensure that everything is properly secure. https://hbr.org/2023/04/cyber-risk-is-growing-heres-how-companies-can-keep-up

Guidance

• CISA Releases Zero Trust Maturity Model Version 2 https://www.cisa.gov/news-events/alerts/2023/04/11/cisa-releases-zero-trust-maturity-model-version-2

• Federal Zero Trust Strategy https://zerotrust.cyber.gov/

Legislation Watch

• Senator Calls for Cybersecurity Audit of Law Enforcement Wireless Network https://www.nextgov.com/emerging-tech/2023/04/senator-calls-cybersecurity-audit-law-enforcement-wireless-network/385110/

Federal Government

• U.S. embassies to get cyber experts by the end of 2024. Nathaniel Fick, ambassador at large for cyberspace and digital policy at the State Department, said he plans to install a Foreign Service staffer trained in cybersecurity at each U.S. embassy worldwide. https://federalnewsnetwork.com/cybersecurity/2023/04/state-dept-cyber-bureau-plans-to-add-tech-experts-to-every-embassy-by-next-year/

• The Cyberspace Solarium Commission wants space systems to be considered critical infrastructure sector number 17 https://cyberscoop.com/solarium-commission-space-systems-critical-infrastructure/