Cyber Risk Update 17 FEB 2023

Donald E. Hester

Feb 17, 20232 min read

This is a Cybersecurity Update for the week of February 17, 2023, emphasizing cyber risks related to local governments.

Cybersecurity Maxim

There is no such thing as 100% prevention. As attackers become more sophisticated and the attack surface grows exponentially, the security industry will have to pivot from a prevention ideology to focusing on early detection and response. https://www.netscout.com/blog/breaking-down-soc-visibility-triad

The City of Oakland confirmed reports that its networks had been hit with ransomware after rumors emerged online that several agencies were having issues with systems on Thursday. https://therecord.media/city-of-oakland-hit-with-ransomware-attack-but-says-core-functions-are-intact/
The Housing Authority of the City of Los Angeles (HACLA) was hit by a ransomware attack on Dec. 31, 2022, by a hacker group called Lockbit. The hackers claimed to have stolen 15 terabytes of data from HACLA’s databases, including personal and financial information of thousands of people who receive housing assistance. They threatened to publish the data if a ransom payment was not made. https://laist.com/news/housing-homelessness/hacla-city-of-los-angeles-housing-authority-hack-cyber-attack-ransomware-lockbit

Business email compromise (BEC) attacks—especially in transportation, automotive, and healthcare industries—is up by 81 percent from last year. https://www.infosecurity-magazine.com/news/bec-attacks-surge-81-in-2022/
In 2020, as public schools turned to cloud-based services due to the COVID-19 pandemic, ransomware attacks increased. The education sector faces particular challenges, as they are largely unequipped to deal with modern security threats. https://www.infosecurity-magazine.com/opinions/schools-ransom-education-attack/
Cyber Insurance Price Increases Highlight Ransomware Defense https://www.cisecurity.org/insights/blog/cyber-insurance-price-increases-highlight-ransomware-defense

NRC issues first update of 2010 regulatory guide to strengthen cybersecurity at nuclear plants. The revision incorporates references to industry guidance on identifying and protecting critical digital assets. It also clarifies guidance on comprehensive protections for cybersecurity. https://www.utilitydive.com/news/nrc-cybersecurity-update-guide-nuclear-plants/642542/
Russian-linked malware was close to putting U.S. electric, gas facilities ‘offline’ last year. The malware was targeted at around a dozen U.S. facilities in the weeks after the invasion of Ukraine. https://www.politico.com/news/2023/02/14/russia-malware-electric-gas-facilities-00082675
Hacked hospital has spent $150 million in ongoing recovery from cyberattack. Chicago-based CommonSpirit Health reported expenses of $150 million, including lost revenues, remediation costs other related outlays after a ransomware attack in October. https://emma.msrb.org/P21661663-P21278769-.pdf
The FBI is investigating a hack of its computer network, in an isolated incident that was now contained, the agency said on Friday. https://www.reuters.com/world/us/fbi-says-it-has-contained-cyber-incident-bureaus-computer-network-cnn-2023-02-17/

In late December, a Killnet-Deanon Club partnership set up Infinity Forum, a pro-Russian forum and marketplace offering cybercriminals space to advertise to expand DDoS enterprise. https://www.scmagazine.com/analysis/cybercrime/hacking-marketplace-emerges-from-killnet-partnership-seeks-pro-russia-donations
Multiple government agencies within the U.S. and South Korea are warning organizations, especially in healthcare, of rising ransomware threats from North Korean state sponsored cyber criminals. https://www.inforisktoday.com/us-south-korea-warn-north-korean-ransomware-threats-a-21167
Research suggests that when companies have turnover at the top, they are more vulnerable to cyberattacks https://www.wsj.com/articles/changing-leaders-target-of-hackers-fe724e24
Cybersecurity experts warn that EVs will be ripe targets for hackers unless more attention is paid to the risks https://www.wsj.com/articles/could-electric-vehicles-be-hacked-71a543e3

The new Bing-powered by ChatGPT stole the headlines after being announced during Microsoft's AI event, but it wasn't the only significant update unveiled. Microsoft also has a new Edge browser with a revamped design and integration with the new Bing. https://www.windowscentral.com/software-apps/browsing/how-to-try-out-the-new-microsoft-edge-with-chatgpt