Cyber Risk Update 6 JAN 2023
Cyber Insurance:
Catastrophic cyberattacks may overwhelm the insurance industry in the future, and some cyberattacks may be uninsurable, says Mario Greco, CEO of Zurich Insurance Group AG. https://www.ft.com/content/63ea94fa-c6fc-449f-b2b8-ea29cc83637d
Compliance:
EPA has submitted to the White House Office of Management and Budget a notice for review titled “Memorandum to State Drinking Water Administrators on Public Water System Cybersecurity.” The details of this memo are not publicly available, but we know that since 2021, the agency has been evaluating an approach to add cybersecurity to the sanitary survey program. (AWWA)
Governments are still a target of cybercriminals:
Ransomware Impacts Over 200 Govt, Edu, Healthcare Orgs In 2022 https://www.bleepingcomputer.com/news/security/ransomware-impacts-over-200-govt-edu-healthcare-orgs-in-2022/
The share of cyberattacks targeting states’ critical infrastructure increased from 20 percent to 40 percent of all attacks detected by Microsoft between July 2021 to June 2022. https://www.hstoday.us/featured/power-in-numbers-how-a-whole-of-state-approach-can-improve-cybersecurity/
Cyber Threat Actors:
The most recent tactic by the ALPHV/BlackCat ransomware group involves creating a replica of a victim’s website to publish stolen data openly on the internet. At this time, it is unclear if this extortion tactic will prove successful, but this development does highlight the need for organizations to protect against domain spoofing as part of a ransomware resilience strategy. (WaterISAC)
The terrorist and violent extremist threat landscape in 2023 will remain complex, volatile, and dynamic. https://www.hstoday.us/featured/7-terrorism-trends-to-watch-in-2023/
Comments