Week of December 15th, 2023

Welcome to Your Cybersecurity Recap: a bite-sized weekly newsletter by cybersecurity enthusiasts, for cybersecurity enthusiasts.

Here are this week’s top takeaways:

Are Organizations Falling Behind on Cybersecurity Awareness Training? Statistics Indicate Yes

When was the last time your organization engaged in thorough Cybersecurity Awareness Training?

According to recent reports, not recently enough.

New data from a Waterloo-based cyber security service suggests hackers have shifted their tactics… and that organizations may be falling behind.?

“In 2020, email really dominated as the initial access factor at 66 percent,” said Ryan Westman, threat intelligence professional. “So in Q1, Q2 and Q3 in 2023, we’ve seen that browser-based initial access has really exploded to 47 percent,” he said.

That accounts for nearly half of how all cyber breaches are occurring across North America, largely due to how threat actors have created millions of dangerous links that lead to fake websites.

So, what can you do to bolster your organization’s cyber-related training in 2024? There are several initiatives that an organization can start today to help mitigate their organization’s cyber risk profile:

• Address Internal Cybersecurity Concerns: Monthly internal newsletters or training sessions may be employed to share tips and techniques to help employees protect themselves, and your organization’s data. Two-factor authentication (2FA) is also a core part of many organizations’ defenses against phishing involving the theft/reuse of employee passwords. Most importantly, the annual use of a skilled and dedicated penetration testing team, such as Packetlabs, will indicate, in order of priority, your company’s cybersecurity vulnerabilities.
• Conduct Periodic Phishing Campaigns: Often, Packetlabs is engaged in the execution of phishing campaigns to evaluate internal user awareness. Such campaigns allow an organization to test and measure their employee’s resistance to phishing, ideally, without their awareness; similar to a fire drill. Our founder, Richard Rogerson, estimates that as many as 1 in 4 employees across most organizations open links, inadvertently access malicious documents, or supply credentials to such campaigns... all of which reinforces the requirements for more thorough training

With employee-related cybersecurity breaches up 22% year-over-year, there has never been a more important time to realize the cyber threat employees inadvertently pose to organizations of all sizes.

HHS Announces Intent to Enhance Cybersecurity for Healthcare and Public Health Sectors

The U.S. Department of Health and Human Services (HHS) recently released a concept paper that outlines the Department’s cybersecurity strategy for the healthcare sector. The concept paper builds on the National Cybersecurity Strategy that President Biden released last year, which focuses on bolstering cyber-related resilience for hospitals, patients, and communities threatened by cyberattacks. The paper details four pillars for action, including publishing new voluntary healthcare-specific cybersecurity performance goals, working with Congress to develop incentives for domestic hospitals to improve cybersecurity–as well as increasing accountability and coordination within the healthcare sector.

According to the HHS Office for Civil Rights (OCR), cyber incidents in healthcare are on the rise. From 2018-2022, there has been a 93% increase in large breaches reported to OCR (369 to 712), with a 278% increase in large breaches involving ransomware. Cyber incidents affecting hospitals and health systems have led to extended care disruptions, patient diversions to other facilities, and delayed medical procedures, all putting patient safety at risk.

The transition to the digital landscape has led to a spike in cybersecurity threats: with online threats jumping a staggering 81% in the past three years, making cybersecurity a top priority for every business, many teams are still underestimating the cost of successful cyber breaches past the initial financial aspect. What are your thoughts on this potential rollout??

What is Citrix Bleed? Introducing the Latest Ransomware Patch

Introducing Citrix Bleed: a software vulnerability being increasingly connected to cyberattacks around the globe, now putting government and critical infrastructure at risk— but the good news is that a patch is available.

The vulnerability’s name has been popping up over the past couple of months in reports on key sectors. According to an article from cybersecurity researcher Kevin Beaumont, this flaw may be behind the cyber attack that disrupted swathes of credit unions earlier this week. The credit union’s technology vendor, Ongoing Operations, was hit with ransomware and had failed to patch the vulnerability, he wrote. Ongoing Operations declined to confirm to Government Technology whether Citrix Bleed had been exploited.

However, the healthcare industry is also raising warning flags: the American Hospital Association recently urged its membership to patch against the vulnerability. Its message amplified the federal Health Sector Cybersecurity Coordinating Center (HC3)’s own alert.?

The flaw, also known as CVE 2023-4966, impacts Citrix NetScaler web application delivery control and NetScaler Gateway appliances. Federal officials and partners turned a spotlight on the vulnerability and issued a joint advisory, giving advice and details, including indicators of compromise; observed tactics, techniques and procedures; and detection methods.

Advisory authors include the Cybersecurity and Infrastructure Security Agency, FBI, Multi-State Information Sharing and Analysis Center and Australia’s lead cybersecurity agency, the Australian Signals Directorate’s Australian Cyber Security Centre.