Cybersecurity News of the Week, January 16, 2022

Individuals at Risk

Identity Theft

Almost 30% of Identity Theft Victims Have Been Targeted More Than Once: Lots of people have imagined what it would be like to be someone else, but what if people pretended to be you? The Identity Theft Resource Center is used to such scenarios. And 29% of those who’ve contacted the center for help were repeat victims of identity theft. PC Magazine, January 6, 2022

Cyber Warning

The latest phishing scam to watch out for: fraudulent QR codes on parking meters: Police in several US cities are warning residents not to pay for their parking using QR codes stuck to parking meters. That’s because these codes have been placed there by scammers, who are using them to direct people to fraudulent sites that capture their payment details. The Verge, January 12, 2022

Cyber Privacy

VICTORY: Google Releases “disable 2g” Feature for New Android Smartphones: Last year Google quietly pushed a new feature to its Android operating system allowing users to optionally disable 2G at the modem level in their phones. This is a fantastic feature that will provide some protection from cell site simulators, an invasive police surveillance technology employed throughout the country. Electronic Frontier Foundation, January 12, 2022

Privacy myths busted: Protecting your mobile privacy is even harder than you think: Settings alone aren’t enough to secure your privacy, but they’re a lot more powerful with the right apps. c|net, January 9, 2022

‘We may have something in common’: Gifts of DNA tests spur paternity surprises, lawsuits: DNA tests like 23andMe and are leading to surprising paternity discoveries for some families. NBC News, January 9, 2022

Cyber Humor

Cybersecurity in Society

Cyber Crime

North Korean hackers said to have stolen nearly $400 million in cryptocurrency last year:  North Korean hackers stole nearly $400 million worth of cryptocurrency in 2021, making it one of the most lucrative years to date for cybercriminals in the severely isolated country, according to a new report. CNN, January 14, 2022

Hackers continue to disrupt payroll for thousands of employers — including hospitals: A month-old ransomware attack on Kronos Private Cloud is still causing administrative chaos for millions of people, including 20,000 public transit workers in the New York City metro area, public service workers in Cleveland, employees of FedEx and Whole Foods, and medical workers across the country who were already dealing with an omicron surge that has filled hospitals and exacerbated worker shortages. NPR, January 15, 2022

Chase let an elderly customer wire more than $600,000 to an overseas scammer: A scammer compelled an 81-year-old woman to wire more than $600,000 overseas within a span of days. Chase bank did little to stop the fraud. … Seniors lose more than $600 million a year to fraud, according to the Federal Trade Commission. That’s shocking and heartbreaking. Los Angeles Times, January 14, 2022

Goodwill discloses data breach on its ShopGoodwill platform: American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its e-commerce auction platform. Bleeping Computer, January 14, 2022

Hackers are breaking into Amazon cloud accounts to mine cryptocurrency, leaving the owners stuck with huge bills for computing power: Chris Chin, a Seattle entrepreneur who creates mobile apps for local publishers, woke up on New Year’s Day to an alarming alert from his Amazon Web Services account. It said he owed more than $53,000 for a month’s worth of hosting, a far cry from his typical $100 to $150 bill. Business Insider, January 13, 2022

TikToker Hareem Shah being investigated for money laundering by Cyber Crime Wing:  TikToker Hareem Shah is now under investigation by the Federal Investigation Agency (FIA)’s Cyber Crime Wing after a video of her claiming to have travelled abroad with a large sum of money went viral. The News International , January 13, 2022

Cyber Attack

Cyberattack hits Ukraine government websites: Scores of Ukrainian government websites were targeted in a cyberattack with threatening text warning Ukrainians to “be afraid and wait for the worst” and alleging their personal information has been hacked. CNN, January 14, 2022

Cyber Surveillance

Team USA Advises Athletes Heading to Beijing Olympics to Leave Their Phones at Home: The U.S. joins Great Britain, Canada, the Netherlands in taking precautions against being monitored through technology.The United States Olympic & Paralympic Committee is encouraging Team USA to use disposable or “burner” phones instead of bringing their own devices to China, because of possible surveillance during the Games that begin Feb. 4. Wall Street Journal, January 14, 2022

Project Torogoz: Extensive Hacking of Media & Civil Society in El Salvador with Pegasus Spyware: This report describes the results of a collaborative investigation into the abuse of NSO Group’s Pegasus spyware to target members of the press and civil society in El Salvador. The investigation led to the identification of 35 Pegasus-infected individuals (37 devices) among members of El Salvador’s media and civil society. munk school of global affairs & public policy, University of Toronto, January 12, 2022

Cyber Privacy

U.S. Chamber of Commerce, others urge Congress to pass privacy legislation: The U.S. Chamber of Commerce, and a long list of other organizations, urged Congress on Thursday to pass “comprehensive privacy legislation” that would prevent the development of an unwieldy patchwork of state laws. Reuters, January 13, 2022

How European Royals Once Shared Their Most Important Secrets: Recent research highlights the use of letterlocking techniques by Queen Elizabeth, Catherine de’ Medici and Mary Queen of Scots. New York Times, January 10, 2022

Know the Enemy

Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry: A deep dive into threats against this sector reveals the top threats organizations should keep in mind. ZDNet, January 13, 2022

Largest darknet stolen credit card site closes: The administrators of the largest illegal marketplace on the darknet for stolen credit cards are retiring after making an estimated $358m (£260m). … The anonymous owners of UniCC thanked the criminal fraternity for their business, citing age and health for the closure. BBC, January 13, 2022

US military links prolific hacking group to Iranian intelligence: The US military’s Cyber Command on Wednesday detailed multiple hacking tools that officials say Iran’s Ministry of Intelligence and Security has used against computer networks “around the world.” CNN, January 12, 2022

National Cybersecurity / Cyber Defense

White House Meets With Software Firms and Open Source Orgs on Security: The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software. DARKReading, January 14, 2022

CISA Warning: Log4j Poses Long-Term Risk to Critical Infrastructure: Due to the sheer amount of places it is present and the simplicity with which it is exploited, the Log4j vulnerability poses a threat to most of the Java-using world. A new alert from the Cybersecurity and Infrastructure Security Agency (CISA) indicates that experts see it as a long-term threat to United States critical infrastructure. CPO Magazine, January 14, 2022

The race towards renewable energy is creating new cybersecurity risks: The shift to renewable energy is bringing benefits – but there’s potential risks of security vulnerabilities in everything from industrial systems to IoT smart meters. ZDNet, January 14, 2022

Cyber Insurance

The Case for an Insurance Institute for Cybersecurity Standards: How insurance could be the fulcrum for a private-public cybersecurity standards partnership. … Successful cyberattacks, particularly ransomware attacks, are increasing in frequency and severity. The total cost of cybercrime in the U.S. alone has increased annually from $1.4 billion in 2017 to $4.2 billion in 2020. The average cost of a data breach for a company was $4.24 million in 2021. This is almost certainly a low number, as in most cases there’s no requirement to report cyberattacks and, in many cases, there are financial and reputational reasons to not report them. Big i, January 11, 2022.

Cyber Enforcement

U.S. confirms Russia arrested REvil ransomware hackers: Russia’s security agency said Friday it arrested members of the Russia-based cyber gang REvil that was responsible for multiple massive ransomware attacks against U.S. companies last year. Axios, January 14, 2022

Cyber Regulation

Federal Communications Commission proposed stricter rules on how telco carriers should report data breaches: The US Federal Communications Commission is considering imposing stricter rules requiring telecommunications carriers to report data breaches to customers and law enforcement more quickly. The Register, January 13, 2022

Information Security Management in the Organization

Information Security Management

The Cybersecurity Measures CTOs Are Actually Implementing: Companies look to multifactor authentication and identity and access management to block attacks, but hedge their bets with disaster recovery. DARKReading, January 14, 2022

Redefining the CISO-CIO Relationship: While these roles have different needs, drivers, and objectives, they should complement each other rather than compete with one another. DARK Reading, January 13, 2022

Bug Alert launched to provide early warning system for super-critical vulnerabilities: A new open source service aims to speed up the security industry’s response to zero-days and high impact vulnerabilities. … Bug Alert, developed by security engineer Matthew Sullivan, is a free tool running on GitHub that sends subscribers early warnings of newly disclosed security flaws. The Daily Swig, January 13, 2022

Why your organization needs a software bill of materials: The recent Log4j vulnerability has exposed systemic problems in how businesses, and the community at large, audit their software. VentureBeat, January 8, 2022.

Cyber Warning

CISA Alert (AA22-011A): Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure: This joint Cybersecurity Advisory (CSA)—authored by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA)—is part of our continuing cybersecurity mission to warn organizations of cyber threats and help the cybersecurity community reduce the risk presented by these threats. This CSA provides an overview of Russian state-sponsored cyber operations; commonly observed tactics, techniques, and procedures (TTPs); detection actions; incident response guidance; and mitigations. This overview is intended to help the cybersecurity community reduce the risk presented by these threats. CISA, January 11, 2022

Secure the Human

Want to improve corporate security? Prioritize personal security: Employees are both under-educated and over-confident about their personal security practices. Enterprises should work to educate and provide tools to their employees to combat this. ZDNet, January 13, 2022

Why Security Awareness Training Should Begin in the C-Suite: It’s not just the rights and privileges that CXOs have on the network. They can also set an example of what good security hygiene looks like. DARKReading, January 11, 2022

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge