All Eggs in One Basket and Airline Peanuts

All Eggs in One Basket and Airline Peanuts

So much to talk about... too much. We have TikTok getting banned and now fined $5m by France, Twitter leaks 200 million user’s data, PayPal leaks 35k personal details, Aflac and Zurich insurance leaks million of personal records for people in Japan, British semiconductor maker – top 350 most valuable businesses listed – suffered massive attack, Nissan notifies thousands of customer due to data leak, JP Morgan getting sued by Ray Ban for having $272m stolen from their online account, Ireland fines Meta $414m for using personal data without asking while Apple is being sued for tracking people despite them opting out, and believe it or not, Costa Rica’s government agencies get slammed again by ransomware – and this is just from the first few weeks of January!

Ok, now that we have that out of the way, let’s touch on some specific news items and what you can take from it.


Basket of Eggs

Highlighted this week was a 48% year over year increase in cyber attacks against the cloud where researchers suggest that 98% of global organizations use the cloud. This in and of itself isn’t unexpected. If you move to the cloud, well that’s where your ‘stuff’ is and hackers want your stuff. But, one has to ask what are the controls available to you in the cloud, are they being managed effectively by you and your providers, and are you getting visibility into attacks and even vulnerabilities. Add to this that cyber insurance providers are starting to more than float the idea that they will not cover ‘systemic events’, which a multi-company-impacting cloud event classifies as an uncovered event, potentially leaving you with millions in expenses. Interestingly, I suspect this is why Beazley launches the first ever cyber bond to cover claims over – get this - $300M. Very interesting times. I wonder how long this (unstoppable hacks, companies being impacted by the cauldron of hackers, government, law enforcement, compliance, insurance, markets, etc.) ?can last, frankly.

Links:

Cloud hacker report - https://www.theregister.com/2023/01/20/cloud_networks_under_attack/

Beazley press release - https://www.beazley.com/en-us/news/beazley-launches-markets-first-cyber-catastrophe-bond?utm_content=233948841&utm_medium=social&utm_source=linkedin&hss_channel=lcp-15991

Beazley article - https://therecord.media/in-an-industry-first-insurance-firm-announces-cyber-bond-to-cover-claims-over-300-million/


Pound Sand

According to a report released this week by blockchain research firm Chainalysis there’s been a measurable drop in the amount of ransom being paid by victims. But, if anything, ransomware attacks have increased – so what gives? Well, I think it’s a combination of things, and as with everything in life, there’s more to it than meets the eye. First, people are saying no to paying! But let us not forget that a huge portion of ransomware attacks are drive-by’s and will grab data from organizations that don’t care what they got or have done the risk assessment and accepted it. Second, backups are getting better, and people have finally picked up on what IT people have known for like… 50 years, back up your stuff. Why pay when you have a copy. Not always possible, but a reality for some. Third, and this is the most important. There are thousands of crypto platforms out there and not all these are being analyzed. The bigger part here is what will the option for payment even be in the future? Governments are exploring making it illegal to pay ransom. Think about that for a moment and while adherent to have to pay, some companies are left with no other option. With a change in the laws, it could make law biding executives felons overnight.

Links:

Chainalysis report - https://blog.chainalysis.com/reports/crypto-ransomware-revenue-down-as-victims-refuse-to-pay/

Article - https://www.theregister.com/2023/01/19/ransomware_payments_down/

Law takes down Russian exchange used to launder $15m - https://therecord.media/law-enforcement-takes-down-crypto-exchange-allegedly-used-to-launder-15-million-in-ransomware-payments/

Early OFAC ransomware advisory (setting the tone) - https://home.treasury.gov/system/files/126/ofac_ransomware_advisory.pdf

Legalities of paying - https://www.cybereason.com/blog/what-are-the-legal-implications-from-a-ransomware-attack#:~:text=It%20is%20currently%20not%20illegal,should%20be%20paid%20for%20not.


Hard Hardware Security

It’s one thing to have your software experience end-of-life and as a result receive no more support and especially no more security updates. In short, when your OS or app hits EOL, you’re an instant target. But software has an intangible characteristic, unlike, for example, a router. You buy a box that performs a function, admittedly because it’s running software, but there is a physical component. Let’s for the moment assume that the device is performing adequately and although old, it’s meting expectations. Ok, so wat do you do when the manufacturer says no more. This week Cisco warns of two vulnerabilities in a router that they stopped selling in 2020 and says they won’t offer updates or workarounds but do offer some support until 2025. I’m not going to pick on Cisco here. That’s a whole can of worms. But I’d have you think about the concept of permanence and vendor responsibilities. For example, the auto industry is highly regulated concerning support – specifically for safety – of their products for years. Ever had a recall? How will this manifest in technology and with regards to cybersecurity? In this case, some are recommending replacing the hardware. Imagine if you just bought it in late 2020? The odds of you being prepared to make that investment again within a 5-year horizon is virtually nil. So, some will remain potentially insecure.

Links:

Article - https://therecord.media/cisco-warns-of-two-vulnerabilities-affecting-end-of-life-routers/

EOL For the routers - https://www.cisco.com/c/en/us/products/collateral/routers/small-business-rv-series-routers/eos-eol-notice-c51-743070.html


FAA Jump Seat

As you know, the FAA’s Notice to Air Missions (NOTAM) safety alerting system went down last Wednesday causing all kinds of havoc and delays. The FAA referred to it as cyber related, but didn’t specify. Of course, the world assumed a hacker got control and the FAA’s announcement was the start of a cover up. This week US politicians called for investigations while the White House and Transportation Secretary were quick to tamp down concerns that the issues were caused by a cyberattack, creating a great deal of agitation resulting in a slew of tweets by, well, everyone. The most recent news of this saga came yesterday with an announcement from the FAA that it determined a contractor unintentionally deleted files while working to correct synchronization between the live primary database and a backup database. My take-away here is that systems have grown extraordinarily complex, and they’re all interconnected in some way. Moreover, the constant news of hacks and attacks naturally leads to assuming when a computer hiccups it’s a cyber-attack. In this case, however, it appears that human error was the culprit. Which, ironically, is why most cyber-attacks are successful :)

Links:

Last weeks news - https://www.cnn.com/travel/article/faa-computer-outage-flights-grounded/index.html

Call for investigation - https://therecord.media/congressman-calls-on-cisa-to-investigate-air-travel-vulnerabilities-after-outage/

FAA (former) Contractor - https://www.faa.gov/newsroom/faa-notam-statement

要查看或添加评论,请登录

Jim Tiller的更多文章

  • Ethics and Too Big to Fail

    Ethics and Too Big to Fail

    Ethics is the New Frontier At birth of the Internet it was all about access to information – the information…

    3 条评论
  • Hamburgers, TSA, and TPM

    Hamburgers, TSA, and TPM

    What Does This Say There are a lot of stories this week – the week of International Women’s Day - being shared about…

  • What's Old is Old and I Quit

    What's Old is Old and I Quit

    That’s Rough One of the roles the CISA has taken on is notifying the industry of vulnerabilities that are known to…

  • FBI Hackers, Deepfakers, and Mythbusters

    FBI Hackers, Deepfakers, and Mythbusters

    This week we explore thoughts around the FBI’s “hacking the hackers” news, and it’s clear deepfake is here to stay, so…

  • Lizard Brains, Xray Vision and Master Keys

    Lizard Brains, Xray Vision and Master Keys

    I decided I would once again try to keep this short and sweet. But, alas, the news cycle was far too generous.

    2 条评论
  • 12 Billion, Spying Inc. and Rudolf the red nosed reindeer

    12 Billion, Spying Inc. and Rudolf the red nosed reindeer

    A bit late with this one, but better late than never :P Happy holidays! Good News Cyber Story I know this newsletter is…

    2 条评论
  • (De)Central Intelligence and Two Bucks

    (De)Central Intelligence and Two Bucks

    This week I offer a quick news snippet about data privacy in the UK based on a report from the ICO. However, this week…

  • Phreaking Cars and Killer Robots

    Phreaking Cars and Killer Robots

    This week we have some repeat business from vulnerabilities in cars that are a bit unsettling and even more news around…

  • Tank and EVs to Ransome and Crypto

    Tank and EVs to Ransome and Crypto

    This week we see the beginning of the end of a long-standing hacker group. We explore the evolution of cyber as it…

  • Nation Scanning to 43 Trillion Events

    Nation Scanning to 43 Trillion Events

    This week we look at how the UK's NCSC is scanning every Internet facing system in the country - could be interesting…

社区洞察

其他会员也浏览了