Cyber Risk Update 16 DEC 2022
Data Breaches
The County of Tehama, California, says personal information was compromised in a data breach. https://www.securityweek.com/california-county-says-personal-information-compromised-data-breach
A regional transit district had a cybersecurity incident last month.
A notorious and prolific ransomware operation claimed on Monday to have stolen 76 gigabytes of data from the California Department of Finance. https://www.cyberscoop.com/lockbit-ransomware-california-department-of-finance/
InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber/physical threat info-sharing partnerships w/ the private sector, this week saw its database of contact information on more than 80,000 members go up for sale. https://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/
Cyber risk
BYOD and Phishing Attacks: Top Threats Facing US Government Organizations | Lookout - Security Boulevard https://securityboulevard.com/2022/11/byod-and-phishing-attacks-top-threats-facing-us-government-organizations-lookout/
Most of the 10 largest healthcare data breaches in 2022 are tied to vendors https://www.scmagazine.com/editorial/feature/breach/most-of-the-10-largest-healthcare-data-breaches-in-2022-are-tied-to-vendors
Executives are 4x more likely to be victims of phishing that staff https://www.scmagazine.com/news/identity-and-access/executives-are-four-times-more-likely-to-be-victims-of-phishing-than-workers
Threat Actors
Attackers Use DNS Tunneling as Command-and-Control Channel as a Conduit Into Air-Gapped Networks https://www.inforisktoday.com/dns-conduit-into-air-gapped-networks-say-researchers-a-20703
Threat Actors now using AI to write malware. https://www.govinfosecurity.com/new-ai-bot-could-take-phishing-malware-to-whole-new-level-a-20709
Outlook
The National Association of State Chief Information Officers (NASCIO) today released the State CIO Top Ten Policy and Technology Priorities for 2023, and unsurprisingly, cybersecurity remains a central focus. For the 10th consecutive year, cybersecurity and risk management are top of mind for state CIOs, according to NASCIO's annual list of the top 10 government tech priorities https://www.govtech.com/computing/nascio-releases-top-state-cio-priorities-for-2023
IT leaders still struggle to hold elected officials' attention on cyber https://statescoop.com/local-tech-leaders-survey-comptia-cybersecurity/
Senate passes TikTok ban bill. The Senate passed a bill that would ban federal employees from downloading or using the social media app TikTok on government devices, in response to national security concerns. https://www.wsj.com/articles/senate-passes-bill-banning-tiktok-from-government-devices-11671066166
Digital Cities 2022: Facts and Figures, Cybersecurity Top Priority https://www.govtech.com/biz/data/digital-cities-2022-facts-and-figures-infographic
Comentarios