Cyber Risk Update 12 MAY 2023
- Donald E. Hester
- May 26, 2023
- 2 min read
Local Government Cyber Watch discord server. This server is focused on cybersecurity collaboration with local government stakeholders. (TLP Clear Only) Invite: https://discord.gg/PGz3NDKb5V (we are up to 113 members!)
AI
Navigating AI ChatBots: Establishing Guidelines and Embracing Change https://www.learnsecurity.org/single-post/navigating-ai-chatbots-establishing-guidelines-and-embracing-change
Why You Need an AI Ethics Committee https://hbr.org/2022/07/why-you-need-an-ai-ethics-committee
How Generative AI Changes Strategy https://hbr.org/podcast/2023/05/how-generative-ai-changes-strategy
Cyber Incidents
BlackByte ransomware claims City of Augusta cyberattack. The city of Augusta in Georgia, U.S., has confirmed that the most recent IT system outage was caused by unauthorized access to its network. https://www.bleepingcomputer.com/news/security/blackbyte-ransomware-claims-city-of-augusta-cyberattack/
Scope of the Dallas Cyber Attack Remains a Mystery. Officials with the city of Dallas have not definitively outlined the full scope of the May 3 cyber-attack that disrupted its systems. They have also not released whether the perpetrators demanded any sort of ransom. https://www.govtech.com/security/scope-of-the-dallas-cyber-attack-remains-a-mystery
The Devastating Business Impacts of a Cyber Breach https://hbr.org/2023/05/the-devastating-business-impacts-of-a-cyber-breach
Legislation Watch
More than 30 states and the federal government have moved to ban TikTok on work devices, but Montana’s new law stands as the first outright ban of TikTok on all devices. https://www.scmagazine.com/news/privacy/security-experts-montanas-ban-on-tiktok-pointless-and-technically-naive
Cyber Risk Management
If we are looking to reduce risk, then we must work together as an industry to create a more efficient, collaborative model with less box checking. https://www.scmagazine.com/perspective/risk-management/three-ways-to-improve-collaborative-risk-management
Governance
City Councils Are Having the Wrong Conversations About Cybersecurity https://www.learnsecurity.org/single-post/city-councils-are-having-the-wrong-conversations-about-cybersecurity
Nation States
The Underground History of Russia’s Most Ingenious Hacker Group. From USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as “adversary number one.” https://www-wired-com.cdn.ampproject.org/c/s/www.wired.com/story/turla-history-russia-fsb-hackers/amp
New Russian-linked CosmicEnergy malware targets industrial systems https://www.bleepingcomputer.com/news/security/new-russian-linked-cosmicenergy-malware-targets-industrial-systems/
Critical Infrastructure
Insider threats surge across US CNI as attackers exploit human factors. Economic pressures and remote working could be increasing critical national infrastructure insider threats while nation-state actors and ransomware attacks continue to pose significant risks. https://www.csoonline.com/article/3696318/insider-threats-surge-across-us-cni-as-attackers-exploit-human-factors.html
Litigation
TikTok sues Montana. The suit, filed Monday in the U.S. District Court of Montana, alleges the state's ban of the video app violates the First Amendment and several other laws. The case was brought against the state’s attorney general, who is tasked with enforcing the ban signed last week and due to go into effect Jan. 1, 2024. https://www.wsj.com/articles/tiktok-sues-montana-over-states-ban-of-its-service-145ee291
Disinformation
A faked image of a smoke-engulfed building billed as the Pentagon circulated online Monday led to a temporary drop in financial markets. The image appeared to be generated by AI and came from an apparently bogus Twitter account claiming to be the Bloomberg news outlet. Twitter suspended the account. https://www.washingtonpost.com/technology/2023/05/22/pentagon-explosion-ai-image-hoax/
Collaboration
What cybersecurity professionals can learn from the humble ant. When ants work together to defend their colony, it’s all for one and one for all. This model could help forge an immediate global, coordinated, and effective response to cyberattacks. https://www.csoonline.com/article/3697009/what-cybersecurity-professionals-can-learn-from-the-humble-ant.html
Career
How Do I Work with a Difficult Boss? A senior leader who is struggling with his new boss must learn how to handle the negative work dynamic. https://hbr.org/podcast/2023/05/how-do-i-work-with-a-difficult-boss
Launch Your Cybersecurity Career with Certified in Cybersecurity (CC) from (ISC)² https://www.learnsecurity.org/single-post/launch-your-cybersecurity-career-with-certified-in-cybersecurity-cc-from-isc
Physical Security
Active Shooter Preparedness: Resources for Organizations and Individuals https://www.learnsecurity.org/single-post/active-shooter-preparedness-resources-for-organizations-and-individuals
Comments