Cybersecurity News of the Week, June 19, 2022

A weekly aggregation of important cybersecurity and privacy news designed to educate, support, and advocate; helping you meet your data care challenges and responsibilities.

Stan’s Top of the News

Our lead story on my return from Ireland is a conversation Cybersecurity and Infrastructure Security Agency (CISA) Chief of Staff,  Kiersten Todt, had with Bloomberg’s Jeff Stone at the Bloomberg Technology Summit. Ms. Todt discusses CISA’s 3-pronged approach to cybersecurity. I strongly urge you to listen to this 12-minute video.

One cybersecurity prong, she said, is increasing the cybersecurity workforce. Another is extending partnerships between the public and private sectors. This is music to SecureTheVillage’s ears as all five of our strategic thrusts — including our cybersecurity workforce working group — are about growing these and other community-based partnerships down at ground-level where real change takes place.

She has this to say about ransomware: The cause of ransomware is that we’re not doing a better job of truly making companies more resilient. You know we’re talking about basic cyber-hygiene … multi factor authentication, backups, encryption. So we’ve got to get to where we can raise the bar in security so that industry is doing a better so that ransomware isn’t an issue. She also talked about the role insurance companies can play in increasing cyber-hygiene and resilience.

  • CISA’s Todt on The Cybersecurity Landscape: Kiersten E. Todt,  Chief of Staff, Cybersecurity and Infrastructure Security Agency (CISA) discusses the current state of cybersecurity with Bloomberg’s Jeff Stone at the Bloomberg Technology Summit. Bloomberg Live, June 8, 2022

Cyber Humor

Security Nonprofit of the Week

The Anti Phishing Working Group (APWG) unifies the global response to common cybercrimes and related infrastructure abuse through technical diplomacy; curation of a real-time clearinghouse of internet event data; development of applied research; and deployment and maintenance of global cybersecurity awareness campaigns. APWG is a fellow-member of Nonprofit Cyber.

Section 2 – Personal Data Care – Security and Privacy

Important data care stories for protecting yourself and your family.

#UpdateNow

  • Microsoft Patch Tuesday, June 2022 Edition: Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that’s seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year. Krebs On Security, June 15, 2022

#Let’sBeCarefulOutThere

  • How Zelle Scams Work, and How to Protect Your Money: Zelle is one of the most popular financial platforms of its kind, so it’s no surprise that the platform has been made a target for scammers. Here’s what to look out for and how to avoid a nasty surprise. How-To-Geek, June 11, 2022

#Privacy

  • Your kids’ apps are spying on them: Apple and Google just look the other way. Here’s how we stop it. … Apps are spying on our kids at a scale that should shock you. More than two-thirds of the 1,000 most popular iPhone apps likely to be used by children collect and send their personal information out to the advertising industry, according to a major new study shared with me by fraud and compliance software company Pixalate. On Android, 79 percent of popular kids apps do the same. Washington Post, June 9, 2022
  • 24+ Billion Credentials Circulating on the Dark Web in 2022 — So Far: Username and password combinations offered for sale on the Dark Web by criminals has increased 65% since 2020. … Passwordless technology may be one of the most hyped categories in cybersecurity at the moment, but the reality on the ground is that passwords are still widely entrenched — and wildly insecure. Some 24.6 billion complete sets of usernames and passwords are currently in circulation in cybercriminal marketplaces as of this year, a report has found. DARK Reading, June 15, 2022

#Don’tTrust.AlwaysVerify. … There is no 100% security in the digital world. Cybercriminals break algorithms the way termites eat wood.

  • Gone in 130 seconds: New Tesla hack gives thieves their own personal key: You may want to think twice before giving the parking attendant your Tesla-issued NFC card. … Last year, Tesla issued an update that made its vehicles easier to start after being unlocked with their NFC key cards. Now, a researcher has shown how the feature can be exploited to steal cars. Ars technica, June 8, 2022

Section 3 – General Cybersecurity and Privacy Stories

Cybersecurity and privacy stories for those wanting a deeper look.

#UkraineWar

#CyberCrime

  • Ransomware Attack Disrupted Municipal Services in the Italian City of Palermo: Southern Italy’s city of Palermo suffered a ransomware attack that disrupted municipal services, rendering them unavailable to residents and tourists. … The cyber incident left people unable to access many digital services and venues or communicate with the city. CPO, June 16, 2022
  • Cybercriminal scams City of Portland, Ore. for $1.4 million: Portland, Ore. is investigating a cybersecurity breach that resulted in a $1.4 million fraudulent transaction with city funds in April — one discovered after the same compromised account tried again the next month, the city said in a press release late last week. The Record, May 31, 2022
  • SAG-AFTRA Alerts Pensioners To Data Breach Of Horizon Actuarial Services That Might Affect Their Personal Information: SAG-AFTRA is telling members who participate in the SAG-Producers Pension Plan and the AFTRA Retirement Fund that they might be receiving a letter from Horizon Actuarial Services alerting them to a data breach and the possible theft of some of their personal information, including their Social Security numbers and birthdates. Deadline, June 2, 2022
  • Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions: Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia. Krebs On Security, May 31, 2022
  • FBI director blames Iran for ‘despicable’ attempted cyberattack on Boston Children’s Hospital: Iranian government-backed hackers were behind an attempted hack of the Boston Children’s Hospital computer network last year, FBI Director Christopher Wray alleged Wednesday, calling it “one of the most despicable cyberattacks I’ve ever seen.” … The FBI was able to help thwart the hackers before they did damage to the hospital’s computer network, according to Wray, but he cited it as an example of the potential high-impact hacking threats that the US faces from the governments of Iran, Russia, China and North Korea. CNN Politics, June 1, 2022
  • US college VPN credentials for sale on Russian crime forums, FBI says: Trafficked data could lead to subsequent attacks, agency warns. … The FBI on Friday said that thousands of compromised credentials harvested from US college and university networks are circulating on online crime forums in Russia and elsewhere—and could lead to breaches that install ransomware or steal data. … “The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publicly accessible forums,” the agency said. “This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” ars technica, May 27, 2022
  • People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices: CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA) to provide information on ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure across public and private sector organizations. The advisory details PRC state-sponsored targeting and compromise of major telecommunications companies and network service providers. It also provides information on the top vulnerabilities associated with network devices routinely exploited by PRC cyber actors since 2020. CISA, June 7, 2022

#CyberCrimeStatistics

  • APWG Observes One Million Attacks in First Quarter of 2022: The Anti Phishing Working Group’s (APWG) new Phishing Activity Trends Report reveals that in the first quarter of 2022 the APWG observed 1,025,968 total phishing attacks—the worst quarter for phishing that APWG has observed to date. This quarter was the first time the three-month total has exceeded one million. APWG saw 384,291 attacks in March 2022, which was a record monthly total. APWG is a member of Nonprofit Cyber. APWG, June 7, 2022
  • FTC: Consumers Have Lost $1 Billion to Crypto Scams Since Start of 2021, More Than Half Taken By Fake Investments: The Federal Trade Commission (FTC) has issued one of its periodic Consumer Protection Data Spotlight Advisories. The June 2022 edition is devoted to crypto scams, which have taken $1 billion from consumers since January 2021. … The advisory tracks statistics up to May 2022, but the losses from 2021 alone represent a 60x increase from those recorded in 2018, and over 5x the 2020 numbers. The $1 billion in losses over roughly the last year-and-a-half were divided among about 46,000 victims, with a median loss of $2600 for each individual caught up in crypto scams. 2022 is on pace to break the annual record, with $329 million in losses in the first quarter alone. CPO, June 16, 2022

#KnowYourEnemy

#CyberEnforcement

  • Russian Botnet Disrupted in International Cyber Operation: SAN DIEGO – The U.S. Department of Justice, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, have dismantled the infrastructure of a Russian botnet known as RSOCKS which hacked millions of computers and other electronic devices around the world. US Department of Justice, June 16, 2022
  • International Authorities Take Down Flubot Malware Network: The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020. … International law enforcement has taken down the infrastructure behind Flubot, a nasty piece of malware which had been spreading with unprecedented speed across Android devices globally since December 2020. … Europol revealed Wednesday that a collaboration between law enforcement in 11 countries led to the disruption of the Flubot network in early May by Dutch Police, or Politie, “rendering this strain of malware inactive,” according to the agency. Threatpost, June 2, 2022
  •  How DOJ took the malware fight into your computer: Reaching into people’s computers and removing malware, once controversial inside the government, has gained more acceptance as a tool to thwart hackers. … The Justice Department is increasingly seeking and receiving permission to secretly reach into Americans’ computers to delete malware — a shift officials say reflects a growing embrace of aggressive and creative tactics for combating a surge in cyberattacks. Politico, June 13, 2022

#BreachSettlement

Section 4 – Data Care in the Organization

Stories to support executives and top management in securing their organizations.

#CyberWorkforce

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge