- Donald E. Hester
Cyber Risk Update 9 DEC 2022
Governments do create vulnerable systems
A website run by the Florida Department of Revenue had been exposing the personal data, including Social Security numbers and bank account information, submitted by individuals filing for business tax registrations. https://statescoop.com/florida-revenue-department-website-exposed-confidential-data/
Cyber Risk is constantly and rapidly changing
From vendor evolution to the long-term effects of high-profile attacks, the cybersecurity industry is rapidly evolving. Take a look at our top stories to understand just how much has changed.
Prepare for ransomware attacks on critical infrastructure
Prevention and protection are often the focus of ransomware discussions, but IT teams must understand ransomware's effects on operations and how to react in an attack scenario.
Financial Impact of Compliance
Breach disclosures could impact company credit ratings, says Moody’s. Cybersecurity disclosure and regulations could either spur a positive credit environment or cause unintended consequences if not well managed, according to Moody's Investor Service.
Threat Actor Activities
November was the second busiest month for ransomware attacks this year a 180% year-over-year increase. https://www.scmagazine.com/news/ransomware/november-was-the-second-busiest-month-for-ransomware-attacks-this-year
Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. One involves carefully editing email in the inboxes of public executives to make it appear that they were involved in unethical behavior. https://krebsonsecurity.com/2022/12/new-ransom-payment-schemes-target-executives-telemedicine/
The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. https://thehackernews.com/2022/12/vice-society-ransomware-attackers.html
New Go-based Botnet Exploiting Dozens of IoT Vulnerabilities to Expand its Network https://thehackernews.com/2022/12/new-go-based-zerobot-botnet-exploiting.html
Microsoft warns of Russian cyberattacks throughout the winter https://www.bleepingcomputer.com/news/security/microsoft-warns-of-russian-cyberattacks-throughout-the-winter/
Physical Threats to Critical Infrastructure
On Saturday evening, an unknown person or group attacked two electric substations in central North Carolina, using firearms to cause substantial damage to equipment that resulted in loss of power to approximately 45,000 customers.
In an emergency cybersecurity directive issued Tuesday, the state of Maryland flagged technologies from eight companies and prohibited state government employees from using them for official business. The companies include Tiktok, Huawei Technologies, ZTE Corp., Alibaba-owned AliPay, Tencent QQ, WeChat and QQWallet, as well as Russian-owned cybersecurity and antivirus firm Kaspersky. https://www.scmagazine.com/editorial/analysis/asset-management/maryland-bars-state-employees-from-using-kaspersky-tiktok-huawei
Texas Joins a Growing List of States to Ban TikTok in Government https://www.govtech.com/security/texas-joins-a-growing-list-of-states-to-ban-tiktok-in-government
Dallas Introduces Mobile Cybersecurity App to Protect Residents https://www.govtech.com/security/dallas-introduces-mobile-cybersecurity-app-to-protect-residents