Secure your knowledge. Newsletter - February 2024
Secure your knowledge.
News, insights, and analysis from C8 Secure. Providing tips on how to better protect your business from cyber threats.
Our latest newsletter unveils the latest global attacks to hit the headlines, as well as some tips…Read on below ??
EVENTS ??
WEBINAR – Navigating AI and the Deepfake era: Who are you actually speaking with? ???
David Brace and Craig Lusher shared their insight on the darker side of AI and how attackers are exploiting its vulnerabilities to wreak havoc in the digital landscape.???
?A topical debate given that the UK’s National Cyber Security Center (NCSC) has warned recently that AI will increase the threat of ransomware globally over the next two years.
WATCH ON DEMAND: https://bit.ly/4b3wkKX
ICE London | ExCeL London | 6 – 8 February 2024 | Stand N3-110
Patrick Gardner and the Secure product team were at the industry’s largest iGaming show this week, located on the Continent 8 Technologies stand.
They were a part of numerous conversations around the latest threats facing the iGaming industry, one of the most attacked verticals at the event
THE LATEST CYBER ATTACKS ???
EquiLend, a financial technology firm that processes trillions of dollars of securities transactions a month, was hit by a cyber attack taking its systems offline. An EquiLend spokesperson said that the company “identified a technical issue that placed portions of our systems offline.”
The spokesperson explained that they had identified a cyber security incident involving unauthorized access to its systems.
It is believed that the hack impacted specific automated securities lending services, with firms having to adapt by moving to manual processes.
Patrick Gardner , C8 Secure’s Managing Partner, says:
This EquiLend cyberattack example continues to reinforce the urgent need for comprehensive cybersecurity strategies that go beyond mere defense to include rapid response, resilience, and recovery capabilities. The attack's ability to knock significant systems offline, potentially disrupting the securities-lending market, illustrates the substantial risk cyber incidents pose to the stability and integrity of financial markets.
EquiLend's response, initiating immediate steps to secure their systems and engaging with external cybersecurity experts, does align with best practices in incident response. However, the anticipated days-long service restoration timeline raises concerns about the resilience of critical financial services to cyberattacks. As discussed previously in our “its not if its when” posts, reinforces the necessity for “practiced” business continuity and disaster recovery procedures that can swiftly bring services back online with minimal disruption.
Refreshing to see coordination through FS-ISAC to mitigate potential impacts further enhancing collective defense and response to cyber threats. Sharing intelligence and best practices across firms can significantly improve the sector's ability to preempt, respond to, and recover from cyber incidents.
领英推荐
Veolia North America (USA) and Southern Water (UK) have been the victims of ransomware attacks that resulted in data breaches.
The US company was hit by an attack which took down the back-end systems and services, disrupting online billing payments. In a statement the company revealed that personal information from “a limited number of individuals” may have been compromised.
Meanwhile, the UK water company that supports millions of customers in the South of England. Black Basta ransomware group made a statement claiming to have stole 750GB of files, including personal information and corporate documents. They have threatened to release the files into the public domain if they don’t receive a ransom.
Patrick Gardner , C8 Secure’s Managing Partner, says:
As previously discussed critical infrastructure sectors, including water utilities, are prime targets for cybercriminals. These incidents highlight the dual threat faced by such entities: the risk of operational disruption and the potential compromise of sensitive customer information.
The increasing frequency of attacks on water utilities worldwide indicates that cybercriminals view these essential service providers as vulnerable targets. Strengthening defenses requires a concerted effort, leveraging industry best practices and government resources, such as those offered by the Cybersecurity and Infrastructure Security Agency (CISA) in the U.S.
These attacks shines light on the “human” challenges we face in protecting systems and data and the continued investment organizations must undertake with cybersecurity training for all employees. Human error, such as clicking on a malicious link, can often be the weakest link that allows cybercriminals to penetrate even the best defenses.
Proactive and comprehensive cybersecurity measures, combined with a culture of cybersecurity awareness, are essential to protect critical water infrastructure and the privacy of millions of individuals relying on these essential services.
CYBER TIP OF THE MONTH ??
1st February was Change your Password Day!
In our interconnected world, cybersecurity is essential, and your passwords play a crucial role in keeping your data safe. ??
Change your password day is a reminder to strengthen your online security. Regularly updating your passwords helps protect your accounts from cyber threats. ???
How secure are your passwords? ??
?? Here are our best practice tips for setting unguessable passwords:
1? Use a mix of uppercase and lowercase letters.
2? Include numbers and special characters.
3? Avoid easily guessable information like birthdays, pet names or common words.
4? Create unique passwords for each account.
5? Consider using a reliable password manager to keep track of your credentials securely.
Regular password changes is a vital step to ensure your accounts remain safe and secure but should always be supplemented with two-factor authentication (2FA) such as one-time password (OTP) generators or Passkey devices whenever possible. This helps ensure the maximum possible protection of your accounts.
For more tips and insights, subscribe to our monthly cybersecurity newsletter
Learn more about C8 Secure at www.c8secure.com