Cyber Risk Governance Insights | May 28, 2024

Honoring the Fallen

This week's edition arrives a day later than usual.

We delayed our regular newsletter in observance of the solemnity of Memorial Day as we took time to recognize and honor fallen heroes, the brave men and women who made the ultimate sacrifice in service to our nation.

WEEK IN HEADLINES

PHISHING - Blitz Puts Businesses at Risk

A new wave of phishing emails is spreading the notorious LockBit Black ransomware, posing a severe threat to businesses worldwide. These emails, disguised as legitimate communications, lure unsuspecting victims into opening malicious attachments or clicking on dangerous links. Once executed, the ransomware encrypts files and demands a hefty ransom payment, crippling operations and causing significant financial losses. Cybersecurity experts urge heightened vigilance and immediate action to fortify defenses against this insidious campaign.

MANUFACTURING - Ransomware Exposes Employee PII Data

LivaNova, a UK-based medical device manufacturer, fell victim to a ransomware attack by the LockBit gang. The attack disrupted LivaNova's IT systems and led to the exposure of sensitive personal data belonging to current and former employees, including names, contact details, Social Security numbers, financial information, health insurance data, and online credentials. LivaNova has taken steps to secure its systems, implemented new password requirements, and is offering affected employees two years of identity protection services.

HEALTHCARE - Victory Claimed Too Soon?

Despite UnitedHealth Group's [NYSE: UNH]announcement of restoring major pharmacy systems after a cyberattack, Utah health officials continue to face issues with pharmacy services for low-income residents. Documents reveal frustration with UnitedHealth's claims of progress, as the state encounters ongoing disruptions weeks after the company's declared repairs, highlighting the challenges of recovering from major cybersecurity incidents in the healthcare sector.

TELECOMMUNICATIONS - Mobile Carrier Suffers Data Breach

Patriot Mobile has fallen victim to a data breach that compromised subscribers' personal information, including full names, email addresses, home ZIP codes, and account PINs. The breach was confirmed by a hacker who provided a sample of the stolen data to TechCrunch. Patriot Mobile, with fewer than 100,000 subscribers, operates as a mobile virtual network operator leasing access from major carriers like AT&T and T-Mobile.

RELIGION - Phishing Plagues Pilgrims

The annual Hajj pilgrimage to Mecca attracts millions of Muslims worldwide, making it a prime target for cybercriminals. Phishing campaigns, identity theft, and fraudulent services pose significant risks to pilgrims, compromising their safety, privacy, and financial well-being. Authorities warn against fake websites offering free Hajj sponsorships, urging pilgrims to use official channels and exercise caution when sharing personal information online.

REPORT - Rampant Fraud: Who’s Who in Scams

The Federal Trade Commission (FTC) latest data reveals a surge in scams targeting consumers across various platforms. Business impersonation scams topped the list, with over 332,000 reports and $660 million in losses. Social media emerged as a lucrative hunting ground for scammers, while government agencies were often impersonated. The FTC urges vigilance, recommending that consumers verify sources, avoid unsolicited messages, and report fraudulent activities to safeguard against financial losses.

?INSIGHTS & EXPERT PERSPECTIVES

RISK MANAGEMENT - Cybercrime on Main Street: The 2024 Threat Report

The Sophos 2024 Threat Report reveals a significant shift in malware's primary objective from mere disruption to data theft. Nearly half of the detected malware targeting small and medium-sized businesses (SMBs) now comprises password stealers, keyloggers, and spyware. This alarming trend underscores the need for organizations to prioritize robust identity controls and a comprehensive understanding of these evolving threats to mount an effective defense.

Here are the key takeaways from the report:

• Prioritizes Data Defenses: Data theft is malware's prime target for SMBs, with password stealers, keyloggers, and spyware making up ~50%. Understanding these threats is key.
• Evolving Malware Distribution: SMBs need adaptive security strategies to counter these evolving threats - like phishing, malvertising, and SEO poisoning.
• Ransomware Persists: Ransomware variants plague organizations and require adaptive defenses against extortion-based attacks.?

INSIGHTS: There is hope for SMB executives, founders, and owners.? There are "easy" best practices that your organizations can follow to reduce the threats identified in the report.

1. Don’t Reinvent the Wheel: Implement tried-and-true solutions instead of creating unproven defenses for your digital assets.
2. Outsource as Needed: Internal resources area already thin; leverage expertise of specialized vendors for protection, training, and assessments.
3. Keep It Simple: Avoid unnecessary complexity; focus on essentials to prevent security incidents.
4. Practice Basic Cyber Hygiene: Update software, rotate passwords, train staff - the cyber hygiene basics.
5. Employees to Defend: A well-trained team can effectively defend against cyber adversaries.? If you need help, Netswitch offers customized hands-on education and training for you and your staff.

Cyber risk governance isn’t just for IT —it’s everyone in the organization’s responsibility.? Especially, the executives who must set the tone of a security-first culture.? Your understanding and adoption of best practices will inspire cyber resilience company-wide.

OPINION

5 Cyber Questions Your Board Should Be Asking

Effective communication between board members and security teams is crucial for ensuring cybersecurity alignment with business objectives and fostering a culture of resilience. This executive summary presents the top five questions that board members should ask their security teams, based on conversations with board members from over 100 companies.

By addressing these five key questions, board members can begin to adopt a business-aligned security approach, which focuses on enabling the business strategy and strategic capabilities securely. This involves understanding the organization's mission, goals, and values, identifying how security enables or supports business outcomes, and developing a security strategy that aligns with and enables the overall business strategy.

Resources:

• NIST Cybersecurity Framework
• NIST Interagency Report 8286
• MITRE Cyber Resilience Engineering Framework (CREF)
• Cyber Risk Governance Group

Sharpen Your Cyber Edge with Netswitch

Master Compliance & Minimize Risks:

• Independent Security Audit: Identify network risks with our automated Security And Risk Assessment (SARA). Get a clear picture, prioritize improvements, and optimize resource allocation. Contact Netswitch
• Free "Quick Start" Program: Gain a free cyber risk and governance health check. Enroll now and start building resilience.

Deepen Your Knowledge:

• Join Our LinkedIn Group: Collaborate with industry leaders in the CyberRisk Governance Group on LinkedIn. Share insights and stay ahead of the curve.
• Live Events: Participate in interactive LinkedIn Live sessions. Explore cyber risk topics with executives, technologists, and governance professionals.

Don't wait.

Contact Netswitch today to take control of your cyber risk.

Disclaimer: The information and links provided in this newsletter are for informational purposes only. Netswitch does not warrant the accuracy or completeness of such information and is not liable for any damages arising from its use.

?