Cyber Risk Governance Insights | December 9, 2024

WEEK IN HEADLINES

BUSINESS - Hackers Shift Tactics to Business Shutdowns

Hackers are increasingly focusing on shutting down businesses rather than just stealing data. This shift aims to force companies into paying ransoms by rendering key systems inoperable. The trend, highlighted by recent attacks, shows a pivot from data breaches to destructive actions like malware wipers and denial-of-service attacks. Companies are advised to bolster their defenses to mitigate these threats, which can cause significant operational disruptions and financial losses.

INSIGHT: A Business Impact Analysis (BIA) is an excellent starting point for identifying what needs to be set up for Disaster Recovery (DR) and Business Continuity (BC) Plans. When you walk yourself through a BIA, you gain a clear understanding of what needs to be protected and the necessary recovery measures, ensuring well-structured and effective DR & BC Plans. Netswitch prepared a BIA Playbook and accompanying Workbook to help you DIY the process instead of hiring a 3rd party - ask us for the link.

SUPPLY CHAIN - Ransomware Gang Claims Breach to Disrupt Retailers

The Termite ransomware gang has claimed responsibility for a cyberattack on Blue Yonder, a leading supply chain software provider. The attack, which occurred in November, resulted in the theft of 680GB of data and caused significant disruptions for Blue Yonder's clients, including Starbucks and major UK grocery chains. Termite, a new ransomware group, used a modified version of Babuk ransomware to encrypt files and steal sensitive information. Blue Yonder is working with cybersecurity firms to recover and strengthen its defenses.

INSIGHT: All together now…? MFA.?? 2024 has seen several high-profile cyber incidents attributed to the lack of multi-factor authentication (MFA), these supply chain attacks are originating because there is no requirement by the SaaS for the corporate customer to have MFA.? It is fundamental - at your next ops meeting, ask about the enforcement in your organization.

CONSULTING - Firm Breached, 1TB of Customer Data Stolen

The Brain Cipher ransomware group has claimed responsibility for a cyberattack on Deloitte UK, alleging the theft of over 1 terabyte of sensitive data. The breach, which targeted a single client's external system, has raised significant concerns about Deloitte's cybersecurity practices. Despite Deloitte's assertion that its internal systems remain unaffected, the incident underscores the vulnerabilities in third-party risk management. Brain Cipher has threatened to release detailed information about the breach, including compromised data and security protocol violations.

INSIGHT: This is an example of why Third Party Risk Management (TPRM) is important for any organization.? You don't need to be a big company, and your Vendor Risk Assessment questionnaire does not need to be exhaustive, but ask the questions.? Know that your vendor has addressed risk to themselves and their customers and that certain controls are in place to protect your relationship.? Read more here from InfoSec Institute.

GOVERNMENT - Citizen PII & PHI Exposed by 3AM

A significant cyberattack on Hoboken's municipal systems has resulted in the theft of sensitive data, including Social Security numbers, health information, and other personal details. The breach, discovered in early December, has compromised the personal information of thousands of residents. The attackers exploited vulnerabilities in the city's IT infrastructure, leading to widespread concerns about identity theft and privacy violations. The Russia-linked ransomware group ThreeAM (also known as 3AM) has claimed responsibility for the attack.

INSIGHT: Surprisingly, local and state governments are significantly lacking, not just in their cyber controls, but really in their basic network architecture to ensure that their data is properly segmented, encrypted, and access controlled.? Nearly every time we see this type of story, it seems that there is just one big database server filled with data containing information that can be used to clearly identify each citizen and know everything about them.

TELECOMMUNICATIONS - Unencrypted Texts Amid Rising Cyber Threats

The FBI has issued a warning to iPhone and Android users to stop using traditional text messaging due to significant security vulnerabilities. The advisory highlights the risks posed by unencrypted SMS messages, which can be intercepted by cybercriminals and nation-state actors. The warning follows a series of cyberattacks by the Salt Typhoon group, linked to China's Ministry of Public Security, exploiting these vulnerabilities to access sensitive information. The FBI recommends using encrypted messaging apps like Signal or WhatsApp to ensure secure communications.

INSIGHT: Another end-to-end encryption (E2EE) is applicable.? While the FBI says avoid cross-platform text messaging and stay within your device ecosystem, that's unrealistic for most.? Make sure that you have a communication platform that is encrypted from end to end. Here are some of the top end-to-end encryption (E2EE) messaging platforms.

HOSPITALITY - Platform Breach Exposes Diner Info

EazyDiner, a prominent restaurant reservation platform, has reportedly suffered a significant data breach. Hackers claim to have accessed and leaked sensitive customer information, including names, email addresses, phone numbers, and reservation records. The breach raises serious concerns about the security measures in place to protect customer data within the digital hospitality industry. EazyDiner has yet to issue an official statement, leaving users anxious about potential phishing attacks and identity theft.

INSIGHT: This type of breach could be prevented by implementing end-to-end encryption for all customer data. End-to-end encryption ensures that data is encrypted on the sender's device and only decrypted on the recipient's device, making it inaccessible to unauthorized parties during transmission and storage. It is important to, with some regularity, verify your data quality, transmission methods, and data controls.? Particularly when you're dealing with consumer data ensure that you are meeting your stated User Privacy Policies.? Which should align with the most current data privacy laws.

INSIGHTS & EXPERT PERSPECTIVES

RISK REDUCTION - 65% of Employees Circumvent Cybersecurity

Forbes recently published a study highlighting a critical issue in corporate cybersecurity. 65% of employees admit to bypassing established security measures.

This behavior poses significant risks to organizational data integrity and security. The study underscores the need for a balanced approach that ensures compliance with cybersecurity without impeding employee productivity.

Key Insights:?

1. Prevalence of Non-Compliance: Employees bypass cybersecurity protocols, prioritizing convenience over security.
2. Data Sharing Risks: Shared confidential information with external parties exacerbates the risk of data breaches.
3. User-Friendly Security Measures: Overly complex security protocols may drive employees to circumvent them.

INSIGHT: An IBM Report found a crazy 95% of cyberattacks are caused by human error. And it's mostly accidental mistakes, not malicious intent. That’s a huge risk for any company, especially smaller businesses that often do not have the same resources to protect themselves.

If employees aren't careful about how they handle sensitive information, it could lead to serious consequences. Cybercriminals are always on the lookout for weaknesses, and careless mistakes can make your company a prime target.

To stay ahead of these threats, a proactive Security Awareness and Education (SAE) program is crucial. It should be easy to follow, relevant to your employees' daily work, and quick to complete. By empowering your employees to recognize and avoid cyber threats, you can significantly reduce your risk - employees are your first line of defense.

Employees also need to understand that their actions may lead to a cyberattack which can lead to huge financial losses, damage your reputation, and even put your business at risk of closing down. That means less money for salaries, bonuses, and other benefits. So, educate them to protect their jobs and the company's future.

Sharpen Your Cyber Edge with Netswitch

Master Compliance & Minimize Risks:

1. Independent Security Audit: Identify network risks with our automated Security And Risk Assessment (SARA). Get a clear picture, prioritize improvements, and optimize resource allocation. Contact Netswitch.
2. Free "Quick Start" Program: Gain a free cyber risk and governance health check. Enroll now and start building resilience.

Deepen Your Knowledge:

• Join Our LinkedIn Group: Collaborate with industry leaders in the CyberRisk Governance Community on LinkedIn. Share insights and stay ahead of the curve.
• Live Events: Participate in interactive LinkedIn Live sessions. Explore cyber risk topics with executives, technologists, and governance professionals.

Don't wait.

Contact Netswitch Technology Management today to take control of your cyber risk.

Disclaimer: The information and links provided in this newsletter are for informational purposes only. Netswitch does not warrant the accuracy or completeness of such information and is not liable for any damages arising from its use.