Cyber Briefing ~ 08/29/2024
McCrary Institute for Cyber & Critical Infrastructure Security
Working to protect and advance U.S. interests in the areas of cyber and critical infrastructure security.
Cybersecurity experts emphasize the increasing vulnerability of small businesses to cyber threats, urging owners to prioritize security measures. Recommendations include vetting vendors, creating a cybersecurity culture, and developing a clear incident response plan using resources from CISA and the SBA.
The U.S. Marshals Service refutes allegations of a breach by the Hunters International ransomware gang, denying any recent incident. The cybercrime group listed USMS as a victim on its leak site, but the leaked data matches information previously offered for sale in a 2023 hacking forum.
Iranian hackers targeted former US officials from both the Trump and Biden administrations in phishing schemes to gain access to sensitive information. US intelligence agencies are on high alert for Iran's cyber activities ahead of the 2024 election, fearing potential interference and espionage.
Iranian hackers linked to the government deploy custom malware named Tickler to target sectors like oil and gas, satellite, government, and communications in the US and UAE. Microsoft attributes the attacks to Peach Sandstorm, also known as APT33, operating on behalf of the Iranian Islamic Revolutionary Guard Corps.
State-linked threat actor Volt Typhoon is exploiting a zero-day vulnerability in Versa Director servers to target ISPs and MSPs. Black Lotus Labs discovered a custom web shell named VersaMem used to intercept credentials and gain network access. Authorities urge organizations to apply updates and monitor for malicious activity.
Think tank warns that Chinese broadband satellites could facilitate censorship through the nation's "Great Firewall" system. The satellites, operated by Chinese entities, may extend China's digital governance model globally, allowing for content monitoring and control and raising concerns about human rights violations and cyber espionage.
Lessons from the 2016 election hacking prompted US officials to swiftly and openly attribute the recent Iranian hack on presidential campaigns. The change reflects a shift towards transparency in addressing foreign threats to American democracy.
A Chinese hacking group targeted U.S. and international internet firms through a software flaw in Versa Director, affecting five companies. Lumen Technologies suspects the Chinese government-backed "Volt Typhoon" group was behind the campaign to conduct covert surveillance. The FBI and CISA have raised concerns about China's escalating cyber activities.
German companies faced a hefty price tag of around 267 billion euros due to cybercrime and sabotage, marking a 29% increase from the previous year. A survey by Bitkom revealed that 90% of firms anticipate more cyberattacks ahead, with organized crime accounting for 70% of the attacks. Companies cited data theft and pointed to China as a significant source of attacks, followed by Russia. Companies are urged to enhance their security measures and emergency response strategies to combat this escalating threat landscape.
Signal, a nonprofit secure communication platform, celebrates its 10th anniversary. Led by Meredith Whittaker, known for tech criticism and privacy advocacy, Signal stands against surveillance capitalism. It offers encrypted services without ads or user tracking, challenging traditional tech models.
Michigan's McLaren Health Care overcomes ransomware attacks, restoring full operations ahead of schedule. While electronic health record access is regained, manual patient data input is ongoing. The healthcare sector remains a prime target for cybercriminals, with ransomware attacks on the rise.
GSA appointed Pete Waterman, a former TMF adviser and USDS engineer, as the new FedRAMP director. Waterman aims to enhance FedRAMP's transformation momentum and program strategy for 2025 and facilitate broader access to secure cloud services for federal employees.
领英推荐
Automakers like General Motors face legal risks as they navigate data privacy laws. GM is sued for allegedly selling private driving data to third parties without customer consent. With FTC crackdowns and evolving regulations, automakers must prioritize consumer data protection to reduce legal risk.
The ransomware threat has evolved into ransomware-as-a-service (RaaS) companies that develop sophisticated encryption software, infiltrate networks, encrypt data, negotiate ransoms, and distribute profits. Since Russia's 2022 invasion of Ukraine, ransomware groups feel emboldened to attack core infrastructure of companies, taking entire systems offline. Victims struggle to fully remove intruders before restoring systems, enabling repeat attacks. But increased law enforcement efforts have successfully decrypted systems of victims who report attacks. Companies must thoroughly prepare response plans and use available protections like multifactor authentication to reduce risk.
Denmark's Prime Minister Mette Frederiksen announces the establishment of a new ministry for state security and emergency management to enhance readiness against cyber threats, espionage, and other crises. The decision reflects growing concerns over escalating threats, particularly from Russia.
The Supreme Court's overturning of the Chevron doctrine raises concerns about the extent of agency authority in crafting cybersecurity regulations. The ruling could lead to increased business legal challenges, potentially causing delays and inconsistencies in interpreting and enforcing cybersecurity rules.
Gen. Timothy Haugh of the U.S. Cyber Command urges lawmakers to allow the completion of ongoing internal assessments before commissioning independent studies on the creation of a new Cyber Force. The Pentagon's upcoming force-generation study aims to optimize cyber capabilities within the Department of Defense.
Cox Media Group (CMG) claims it can target ads based on audio captured by device microphones, partnering with tech giants like Facebook and Google. The leaked presentation sheds light on CMG's Active Listening capabilities, prompting Google to remove CMG from its advertising Partners Program.
A state-sponsored Chinese hacking campaign, Volt Typhoon, exploits a vulnerability in a California startup to breach US and Indian internet companies. As Volt Typhoon targets unpatched systems, concerns rise over US critical infrastructure vulnerability, denying state sponsorship claims. Emergency patches are issued.
CISA led the "Tabletop the Vote" exercise with state election partners to enhance readiness for the upcoming elections. The four-day session focused on cyber and physical incident planning, aiming to improve response strategies and bolster the security and resilience of the election process.
An annual report by the Federal Energy Regulatory Commission highlights cybersecurity gaps in electric entities under NERC and urges full compliance with bulk power standards. To bolster cyber resilience in the energy sector, recommendations include enhancing risk assessments, categorizing networks properly, managing configuration changes, and safeguarding communications.
The National Security Telecommunications Advisory Committee embarks on a project to guide the shift to new post-quantum cryptography standards, aiming to address barriers and industry-specific needs. This move responds to the urgency of preparing for the potential threat posed by quantum computers to national security.
Senator Mike Rounds introduces five AI bills aimed at regulating AI in financial services, healthcare, and defense while also promoting national AI literacy. The bipartisan effort seeks to boost AI innovation rather than solely address concerns like job loss or discrimination.
Subscribe to our LinkedIn Cyber Briefing .
Subscribe to the daily Cyber Briefing email .
Subscribe to our Cyber Focus podcast .
Copyright ? 2024 Auburn University 's McCrary Institute. All Rights Reserved.