top of page

Cyber Risk Update 2 DEC 2022


Cyber Risk for Critical Infrastructure

We know that our critical infrastructure will continue to be a top target for digital adversaries. In 2021, according to the FBI, ransomware attacks hit 649 US critical infrastructure entities, and nearly 90% of all US critical infrastructure sectors were hit by a successful ransomware attack. In the past two years alone, 76% of organizations were attacked by ransomware, and 66% experienced at least one software supply chain attack.

https://www.darkreading.com/vulnerabilities-threats/cisa-s-strategic-plan-is-ushering-in-a-new-cybersecurity-era

Cyber Insurance view on Cyber Risk

The worst is yet to come, cyber insurers say. Insurers have adapted to unrelenting cyberattacks by tightening requirements for policyholders and raising premiums after losses soared in 2020, partly because of a ransomware spike. Still, the biggest risk hasn’t yet materialized: a cyberattack against a company or information services system so important to an economy, or to society as a whole, that it reaches systemic levels. One so big, perhaps, it might take down carriers. Reporter James Rundle dives into the issue, looking at whether it's possible for insurers to cover catastrophic cyberattacks. https://www.wsj.com/articles/cyber-insurers-turn-attention-to-catastrophic-hacks-11669407185

State and Local Governments that were recently hit by a cyber incident

Vulnerabilities and Threat Actors

The cyber espionage group known as Bahamut has been attributed as behind a highly targeted campaign that infects users of Android devices with malicious Fake VPN apps designed to extract sensitive information. https://thehackernews.com/2022/11/bahamut-cyber-espionage-hackers.html

Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks https://thehackernews.com/2022/11/over-dozen-new-bmc-firmware-flaws.html

Cybersecurity leaders want to quit. Here's what is pushing them to leave. Cybersecurity might just be the most stressful job in tech right now. But there might be a (tiny) glimmer of light at the end of the tunnel.

https://www.zdnet.com/article/cybersecurity-leaders-want-to-quit-heres-what-is-pushing-them-to-leave/

Google Pushes Emergency Chrome Update to Fix 8th Zero-Day in 2022

https://www.bleepingcomputer.com/news/security/google-pushes-emergency-chrome-update-to-fix-8th-zero-day-in-2022/

Featured Posts
Recent Posts
Archive
Search By Tags
Follow Me
  • Facebook Basic Square
  • LinkedIn Social Icon
  • Twitter Basic Square
  • YouTube Social  Icon
  • SlideShare
bottom of page