Cyber Risk Update 3 MAY 2024
This is a selection of this week's events. Join the conversation for more news and advisories, and connect on our discord server. CIKR Cyber Sentinels discord server. This server is focused on cybersecurity collaboration with critical infrastructure stakeholders. (TLP Clear Only) Invite: https://discord.gg/PGz3NDKb5V
Join (ISC)2 East Bay Chapter, membership is free! https://isc2-eastbay-chapter.org/membership/
Events
RSA Conference next week, I will see you there. Moscone Center, May 6 - 9, 2024 *Standard Period savings is off the Onsite price of a regular Full Conference Pass. The Standard Period ends May 3 at 11:59 PM PT. https://www.rsaconference.com/
Most interesting products to see at RSAC 2024 (CSO) https://www.csoonline.com/article/2097067/most-interesting-products-to-see-at-rsac-2024.html
Remember Public Sector Day free and on Monday. RSA Public Sector Day, May 6 11am-3pm, Hilton 333 O’Farrell St. San Francisco, CA 94102 https://carahevents.carahsoft.com/Event/Details/445617-web
Incidents
Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits. At Least 33 Ernest Health Facilities in 12 States Are Reporting Breaches https://www.healthcareinfosecurity.com/rehab-hospital-chain-hack-affects-101000-facing-6-lawsuits-a-25004
Andrew Witty, CEO of UnitedHealth Group, said this week in a House subcommittee meeting that an estimated one-third of Americans may have had their data compromised in the Change Healthcare ransomware incident. https://www.cnbc.com/2024/05/01/unitedhealth-ceo-one-third-of-americans-could-be-impacted-by-change-healthcare-cyberattack.html
REvil Hacker Gets Nearly 14-Year Sentence https://www.govinfosecurity.com/breach-roundup-revil-hacker-gets-nearly-14-year-sentence-a-25002
Hacker Sentenced After Years of Extorting Psychotherapy Patients. Two years after a warrant went out for his arrest, Aleksanteri Kivimäki finally has been found guilty of thousands of counts of aggravated attempted blackmail, among other charges. https://www.darkreading.com/cyberattacks-data-breaches/hacker-sentenced-after-years-of-extorting-psychotherapy-patients
Guidance and Recourses
CISA published a blog for National Small Business Week informing small businesses on how eliminate potential risks for threats from the People’s Republic of China. CISA blog: Under the Digital Radar: Defending Against People’s Republic of China’s Nation-State Cyber Threats to America’s Small Businesses. https://www.cisa.gov/news-events/news/under-digital-radar-defending-against-peoples-republic-chinas-nation-state-cyber-threats-americas
A “software bill of materials” (SBOM) has emerged as a key building block in software security and software supply chain risk management. An SBOM is a nested inventory, a list of ingredients that make up software components. While not a brand new concept, the ideas and implementation have advanced since 2018 through a number of collaborative community effort, including National Telecommunications and Information Administration’s (NTIA) multistakeholder process. https://www.cisa.gov/sbom
NIST offers guidance on AI risk management https://www.csoonline.com/article/2097119/nist-publishes-new-guides-on-ai-risk-for-developers-and-cisos.html
Editorial
San Francisco Interim CIO Michael Makstman: ‘Make the Technology Meaningful’ https://insider.govtech.com/california/news/san-francisco-interim-cio-make-the-technology-meaningful
Software Security: Too Little Vendor Accountability, Experts Say https://www.darkreading.com/cyber-risk/software-security-too-little-vendor-accountability-experts-say
Trends
Chief Risk Officers Say Cybersecurity Most Pressing Risk: Survey https://www.insurancejournal.com/magazines/mag-features/2024/04/15/769327.htm
IoT Tech News: Global agencies warn of increased cyberattacks against OT devices https://www.iottechnews.com/news/2024/may/02/global-agencies-warn-of-increased-cyberattacks-against-ot-devices
Cyberattacks involving Kerberoasting rose 583 percent last year, with threat actor Vice Spider responsible for more than a quarter of those incidents, according to CrowdStrike’s 2023 Threat Hunting Report.
The Record from Recorded Future News: Newly identified botnet targets decade-old flaw in unpatched D-Link devices https://therecord.media/goldoon-botnet-unpatched-dlink-routers
CISA warned 1,750 organizations of ransomware vulnerabilities last year. Only half took action. More than half of CISA’s ransomware vulnerability warning pilot alerts were sent to government facilities, healthcare and public health organizations. https://www.cybersecuritydive.com/news/cisa-ransomware-vulnerability-warnings/714951/
5 key takeways from Verizon’s 2024 Data Breach Investigations Report https://www.csoonline.com/article/2096991/5-key-takeways-from-verizons-2024-data-breach-investigations-report.html
TTP & Malware
Report shows rise in use of sophisticated hacking tactics "'Terrifying' trend: Over 11 million malware attacks recorded globally in past 4 years" https://www.hcamag.com/asia/specialisation/hr-technology/terrifying-trend-over-11-million-malware-attacks-recorded-globally-in-past-4-years/485771
Nation States
Pro-Russia hackers target OT weaknesses in critical infrastructure (05/02) https://www.scmagazine.com/news/pro-russia-hackers-target-ot-weaknesses-in-critical-infrastructure
Iranian hackers harvest credentials through advanced social engineering campaigns https://www.csoonline.com/article/2097509/iranian-hackers-harvest-credentials-through-advanced-social-engineering-campaigns.html
US warns of North Korean hackers using email security flaws for phishing attacks https://www.nextgov.com/cybersecurity/2024/05/us-warns-north-korean-hackers-using-email-security-flaws-phishing-attacks/396279/
Governance Risk and Compliance
Biden Signs New Security Memo to Safeguard Critical Infrastructure (05/02) https://otakukart.com/biden-signs-new-security-memo-to-safeguard-critical-infrastructure
Experts Say White House Memo Overlooks Space Cyber Risks (05/02) https://www.govinfosecurity.com/experts-say-white-house-memo-overlooks-space-cyber-risks-a-25001
Legislative Watch
Bipartisan Senate bill on AI security would bolster voluntary cyber reporting processes https://fedscoop.com/senate-bill-on-ai-security-bolster-voluntary-cyber-reporting
New CISA incident reporting draft rule deemed excessive https://www.scmagazine.com/brief/new-cisa-incident-reporting-draft-rule-deemed-excessive
Electricity providers in Europe will soon have to perform cybersecurity risk assessments for regulators, including disclosing incidents, reporting threats and implementing safeguards, under upcoming rules that aim to prevent hacks from causing blackouts in the region. https://www.wsj.com/articles/new-eu-cyber-rules-for-electricity-providers-aim-to-prevent-cascading-outages-ecd4c71e
The FCC just doled out big privacy fines. It could soon lose that power. https://www.washingtonpost.com/politics/2024/04/30/fcc-just-doled-out-big-privacy-fines-it-could-soon-lose-that-power/
Federal Privacy Bill’s Vagueness Threatens Ad-Supported Business https://news.bloombergtax.com/daily-labor-report/federal-privacy-bills-vagueness-threatens-ad-supported-business
Career
C-suite to cyber pros: Try and tone down the technical jargon. CISO’s complain executives don’t understand cyber-related issues, but clear communication from both sides is critical to creating an aligned security culture. https://www.itpro.com/business/business-strategy/c-suite-to-cyber-pros-try-and-tone-down-the-technical-jargon
Microsoft is embedding deputy CISOs in its product groups https://www.bloomberg.com/news/articles/2024-05-02/microsoft-adds-security-chiefs-to-product-groups-in-wake-of-hacking-woes
Comentários