This month’s news shows that the United States is taking cybersecurity seriously, with plans to introduce regulations in critical infrastructure. This month, global telecommunication organizations were breached again and yet more clever cyber espionage techniques were used to steal intellectual property. Read on to find out what we’re talking about this month.
U.S. national cyber strategy to stress Biden push on regulation
The White House is focusing on cybersecurity for companies that operate in critical infrastructure, scheduling a comprehensive regulation of the sector. Senior administration officials recognize that years of a voluntary approach have failed to secure the nation against cyberattacks.
The attack on Colonial Pipeline by Russian criminals elevated ransomware to an issue of national security. As a result, the Biden administration undertook an analysis of the state of regulation for all 16 critical infrastructure sectors.
“The latest ransomware attacks conducted in 2022 have fast tracked the need to impose a comprehensive cybersecurity regulation on the nation’s critical infrastructure operators.” — Member of the Development Team
Source: Washington Post, January 5
Financial firms rethink cyber insurance after premiums spike
With cyber risk growing steadily over the years, banks and other financial firms are more inclined to invest in cybersecurity over cyber risk insurance. The switchback from insurance providers over cyber risk insurance means previously generous underwriting standards have tightened dramatically over the past two years. Some firms are now deciding whether to cut their coverage and invest more heavily in cybersecurity instead.
“The rising cost of cyber risk insurance is not surprising considering the increasing frequency and impact of cyber attacks. The fact that banks and financial services are considering giving it up completely is a sign that they recognize the value of implementing rigorous cybersecurity” — Member of the Sales team
Source: Risk, January 10
Laid-off workers are flooded with fake job offers
The new wave of remote work and virtual hiring have made it easier to swindle job seekers. This time the prime target is laid-off tech workers, which numbers more than 150,000 in 2022 alone. Scammers have leveraged this opportunity and created fake job opportunities to swindle applicants. According to the FTC, the number of reported job scams nearly tripled to 104,000 between 2019 and 2021 and remained elevated in 2022. U.S. workers lost more than $200 million from employment-related scams in 2021, up from $133 million in 2019.
“This article reinforces the fact that advanced threat actors are researching new ways to get into companies. Laid-off workers (and this year there have been literally tens of thousands of them from top-tier companies) can pose a huge threat for their former companies as they may be easily bribed by threat actors to get details on companies’ network infrastructure, credentials, and other sensitive information.” — Fernando, Founder
Source: The Wall Street Journal, January 11
Industrial espionage: How China sneaks out America’s technology secrets
China needs technological know-how to power its economy and challenge the geopolitical order, and one way it is getting these things is with cyber espionage. This article tells the story of an engineer by the name of Zheng who was specializing in turbine sealing technology at General Electric Power. The technique he used to sneak out information is called steganography, a means of hiding a data file within the code of another data file. Mr Zheng utilized it on multiple occasions to take sensitive files from GE.
The information Zheng stole was related to the design and manufacture of gas and steam turbines, including turbine blades and turbine seals. The information he sent to his accomplices in China was worth millions. Zheng was sentenced to two years in prison earlier this month.
“Insider threat is one of the biggest threats against any organization. In this case, an employee in the USA who works as a spy for a foreign state stole intellectual property, which is a perfect way to leapfrog up global value chains relatively quickly and at very low cost, both in terms of time and money.” — Member of the Threat Intel team
Source: BBC, January 16
T-Mobile suffers another data breach, affecting 37 million accounts
The German telecommunications giant T-Mobile has been hit by another data breach. The threat actor took advantage of one of its application programming interfaces to steal data on “approximately 37 million current postpaid and prepaid customer accounts.”
T-Mobile states that they were able to trace and stop the malicious activity within a day of learning about it. The carrier believes the breach first occurred “on or around” Nov. 25, 2022, but didn’t learn that a “bad actor” was getting data from its systems until Jan. 5. The carrier reiterated that no passwords or financial data had been exposed and that there was “no evidence that the bad actor breached or compromised T-Mobile’s network or systems.”
“Yet again we see major telecommunication giants being breached. However, what caught my attention was the amount of time the threat actor’s extensive dwell time before they were detected.” — Member of the Pre-Sales Team
Source: CNET, January 19