Cybersecurity News of the Week, May 16, 2021

Individuals at Risk

Cyber Defense

Cloudflare wants to kill the CAPTCHA: Security keys could not only bolster authentication but may also remove one of the most annoying aspects of the internet. ZDNet, May 14, 2021

Cyber Update

Microsoft Patch Tuesday, May 2021 Edition: Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser. KrebsOnSecurity, May 11, 2021

Cyber Warning

Android malware tries to trick you. Here’s how to spot it: Malicious apps are common, and they can drive you nuts with ads or steal your personal information. CNet, May 14, 2021

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

US pipeline ransomware attack serves as fair warning to persistent corporate inertia over security: That companies continue to disregard the need for basic cybersecurity hygiene signals the need for firmer action, especially as cybercriminals turn their focus to operational technology sectors and cyber threats can result in real-world physical risks. ZDNet, May 14, 2021

Cyber Attacks on the Rise for Businesses, Pushing Many to the Brink: Hiscox: The proportion of businesses targeted by cyber criminals in the past year increased from 38% to 43%, with over a quarter of those targeted (28%) experiencing five attacks or more, according to the Hiscox Cyber Readiness Report 2021. Insurance Journal, April 19, 2021

Information Security Management

How to select a cybersecurity framework to protect your greatest assets: People, property and data: A fact of doing business in today’s hyper-internet-connected world is the need for organizations, regardless of size or sector, to protect their enterprises against a constant onslaught of malicious actors, insider threats, and a slew of other cybersecurity risks. It’s more a matter of “when,” not “if” your organization will face an attack. Fortunately, cybersecurity frameworks have been developed that comprise best practices, standards, and guidelines designed to manage risks and combat these threats so you can protect your greatest assets: people, property and data. SecurityMagazine, May 14, 2021

How to ‘Demystify’ Cybersecurity: Ciaran Martin, Former UK Cybersecurity Chief, on Managing Cyber Risks. BankInfoSecurity, May 14, 2021

Cyber Privacy

Data Privacy: How the Growing Field of Regulations Impacts Businesses: The recent proposed rules over artificial intelligence (AI) in the European Union (EU) are a harbinger of things to come. Data privacy laws are becoming more complex and growing in number and relevance. So, businesses that seek to become — and stay — compliant must find a solution that can do more than just respond to current challenges. Take a look at upcoming trends when it comes to data privacy regulations and how to follow them. SecurityIntelligence, May 13, 2021

Cyber Warning

Microsoft warns: Watch out for this new malware that steals passwords, webcam and browser data: Microsoft open sources tools to help organizations detect a nasty remote access trojan targeting the aviation, travel and cargo sectors. ZDNet, May 14, 2021

Fintech Startup Offers $500 for Payroll Passwords: How much is your payroll data worth? Probably a lot more than you think. One financial startup that’s targeting the gig worker market is offering up to $500 to anyone willing to hand over the payroll account username and password given to them by their employer, plus a regular payment for each month afterwards in which those credentials still work. KrebsOnSecurity, May 14, 2021

Cybersecurity in Society

Cyber Crime

Ransomware group says it released ‘full data’ on DC police department: Washington (CNN)A ransomware group said it published its “full data” on the Washington Metropolitan Police Department this week, claiming the department’s payment offer wasn’t enough to prevent the release, according to screenshots of online posts by the group that were reviewed by CNN. CNN, May 14, 2021

Cyber attack ‘most significant on Irish state’: A cyber attack on Irish health service computer systems is “possibly the most significant cybercrime attack on the Irish state”, a minister has said. BBC, May 14, 2021

We’re all paying a cybercrime tax: With gasoline once again flowing through the Colonial Pipeline network, consumers will soon forget about the ransomware attack that disrupted gas supplies on the East Coast for about a week, starting May 7. But Americans are increasingly paying the cost of ransomware attacks and other types of cybercrime, as a sort of hidden tax that would generate outrage if it showed up on a bill in the mail. Yahoo, May 14, 2021

Verizon: Pandemic Ushers in ⅓ More Cyber-Misery: The DBIR – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers. ThreatPost, May 14, 2021

Ransomware’s New Swindle: Triple Extortion: Ransomware attackers are now demanding cash from the customers of victims too. ThreatPost, May 14, 2021

85% of Data Breaches Involve Human Interaction: Verizon DBIR: Ransomware, phishing, and Web application attacks all increased during a year in which the majority of attacks involved a human element. DarkReading, May 13, 2021

Know Your Enemy

How the Colonial Pipeline hack is part of a growing ransomware trend in the US: Cybercriminals have attacked solar power firms, water treatment plants and police departments in attempts to extort money. The Guardian, May 14, 2021

DarkSide, Blamed for Gas Pipeline Attack, Says It Is Shutting Down: The hacking group, which the F.B.I. has said was responsible for the ransomware attack, said it had received “pressure” from the U.S. The New York Times, May 14, 2021

Darkside ransomware gang says it lost control of its servers & money a day after Biden threat: A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments. The Record, May 14, 2021

A Closer Look at the DarkSide Ransomware Gang: The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. Here’s a closer look at the DarkSide cybercrime gang, as seen through their negotiations with a recent U.S. victim that earns $15 billion in annual revenue. KrebsOnSecurity, May 11, 2021

Digital Currencies’ Role in Facilitating Ransomware Attacks: A Brief Explainer: This paper details how Bitcoin—the most popular digital currency—is used to facilitate ransomware attacks and how criminals try—and sometimes fail—to cover their tracks. Understanding how criminals use digital currencies for ransomware attacks can lead policymakers to solutions in thwarting and enforcing cybercrimes. ThirdWay, May 3, 2021

The Incredible Rise of North Korea’s Hacking Army: The country’s cyber forces have raked in billions of dollars for the regime by pulling off schemes ranging from A.T.M. heists to cryptocurrency thefts. Can they be stopped? The New Yorker, April 19, 2021

National Cybersecurity

New Executive Order From Biden Administration Requires Federal Contractors To Report Cybersecurity Breaches, Forces Major Upgrades: It was a very safe bet that the United States government would take swift action in the wake of the Colonial Pipeline debacle. That action has arrived with a Biden administration executive order that looks to make immediate improvement to the nation’s cybersecurity defenses, with the headline item being new reporting requirements for federal government vendors that experience cybersecurity breaches. CPO, May 14, 2021

Pipeline Attack Yields Urgent Lessons About U.S. Cybersecurity: The hack underscored how vulnerable government and industry are to even basic assaults on computer networks. The New York Times, May 14, 2021

Everything You Need to Know About the New Executive Order on Cybersecurity: Yesterday evening, the Biden administration released its much-anticipated “Executive Order on Improving the Nation’s Cybersecurity.” It is tempting to yawn; every administration in recent memory has done something of this kind, after all, and not always to significant effect. But this executive order deserves your attention. It contains concrete measures tailored to respond to lessons learned from recent crises, especially the SolarWinds and Microsoft Exchange compromises. Lawfare, May 13, 2021

FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks: Today, President Biden signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals. These incidents share commonalities, including insufficient cybersecurity defenses that leave public and private sector entities more vulnerable to incidents. The White House, May 12, 2021

2018 tech audit of Colonial Pipeline found ‘glaring’ problems: ‘An eighth-grader could have hacked into that system,’ consultant says. MarketWatch, May 12, 2021

Hacker Attack on Essential Pipeline Shows Infrastructure Weaknesses: Ransomware is steadily hitting harder. Could banks or subway systems be next? Scientific American, May 12, 2021

The Colonial Pipeline ransomware attack and the SolarWinds hack were all but inevitable – why national cyber defense is a ‘wicked’ problem: The ransomware attack on Colonial Pipeline on May 7, 2021, exemplifies the huge challenges the U.S. faces in shoring up its cyber defenses. The private company, which controls a significant component of the U.S. energy infrastructure and supplies nearly half of the East Coast’s liquid fuels, was vulnerable to an all-too-common type of cyber attack. The FBI has attributed the attack to a Russian cybercrime gang. It would be difficult for the government to mandate better security at private companies, and the government is unable to provide that security for the private sector. The Conversation, May 10, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge