You are here

Home » Cybersecurity

Cybersecurity

OT Compromises – AEIOU (Actors Exploiting Infrastructure Often Unsophisticated)

A recent threat research post by Mandiant Threat Intelligence highlights the increasing frequency of OT compromises by low sophistication threat actors. The majority of these compromises occur due to insecure OT systems exposed to the internet. According to Mandiant’s report, the compromises appear to be driven by threat actors who are motivated to achieve ideological, egotistical, or financial objectives by taking advantage of an ample supply of internet-connected OT systems.

Why System Backups No Longer Shield against Ransomware

Given how ransomware has evolved, regular system backups no longer protect against these attacks like they once did, as an article in Tech Radar points out. Backups may still help organizations restore their systems quickly, but they don’t address ransomware threat actors’ latest tactic of exfiltrating data that they then threaten to sell or publicly release if the victim doesn’t pay the ransom. Referred to as the “double extortion” of “encrypt and exfiltrate,” a recent Coveware study found that 77 percent of ransomware attacks involve these tactics.

CISA and FBI Warn of Sophisticated Campaign Targeting Government Organizations, IGOs, and NGOs

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued an alert regarding a sophisticated spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). They note a sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact, a legitimate email marketing software company, to spoof a U.S.-based government organization and distribute links to malicious URLs.

Basic (Cybersecurity) Doesn’t Mean Trivial, but it Does Mean Foundational

According to countless reports of risk assessments, vulnerability assessments, penetration tests, and disclosed incidents, organizations of all sizes and sectors are not doing well with basic cybersecurity. The reasons why (excuses) vary from entity to entity, but what shouldn’t be an excuse is cost. Cybersecurity doesn’t have to cost a lot of money. Granted, at some point you’ll want/need or have the budget for the next shiny thing, but that currently elusive shiny thing should not stop anyone from embracing a lot of the best practice guidance already out there – for no cost.

Online Is the New Frontline against Crime, according to U.K. Assessment

Today the U.K.’s National Crime Agency released its 2021 National Strategic Assessment of Serious and Organised Crime, sharing the national government’s understanding of threats posed by organized criminals. The report stresses that criminals have increasingly turned to online environments to commit crimes at scale and avoid detection, a trend exacerbated by the COVID-19 pandemic. The report focuses a significant amount of its attention on cyber threats in particular, especially ransomware.

Executive Order 14028, Improving the Nation’s Cybersecurity in Small Manageable Chunks

Much has been said about the new Executive Order (EO 14028), Improving the Nation’s Cybersecurity, released earlier this month (covered in the Security & Resilience Update for May 13, 2021). And if you have had time to read the EO, then feel free to move to the next write-up. However, those of us who haven’t reviewed it and what it could mean beyond federal networks, may find a series by aDolus Inc.

FBI FLASH: Conti Ransomware

The FBI has published a TLP:WHITE FLASH report on Conti ransomware, which it indicates has impacted healthcare and first responder networks. The report also notes that Conti has affected municipalities in the last year. It states Conti typically both encrypts servers and workstations and steals files, selling or publishing the stolen data to a public site if the ransom isn’t paid. The report provides additional technical details and indicators and asks partners for any information that can be shared.

Pages

Subscribe to Cybersecurity