Cybersecurity News of the Week, May 23, 2021

Individuals at Risk

Cyber Defense

Taking Time Off? What Your Out of Office Message Tells Attackers: As more people are vaccinated and free to live a more normal life again, vacation plans, trip pictures and conference hashtags will flood social media sites. Phone calls and emails to colleagues will be met with out of office (OOO) messages. You might feel happy for that person, or maybe a little jealous that they are getting away. You should also feel concerned for their security well-being. Security Intelligence, May 21, 2021

Try This One Weird Trick Russian Hackers Hate: In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed — such as Russian or Ukrainian. So many readers had questions in response to the tweet that I thought it was worth a blog post exploring this one weird cyber defense trick. KrebsOnSecurity, May 17, 2021

Cyber Warning

How to Tell a Job Offer from an ID Theft Trap: One of the oldest scams around — the fake job interview that seeks only to harvest your personal and financial data — is on the rise, the FBI warns. Here’s the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job offer was too-good-to-be-true. KrebsOnSecurity, May 21, 2021

Vishing attacks spoof Amazon to try to steal your credit card information: The attacks used fake order receipts and phone numbers in an attempt to steal credit card details from unsuspecting victims, says Armorblox. TechRepublic, May 20, 2021

Recycle Your Phone, Sure, But Maybe Not Your Number: Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating. KrebsOnSecurity, May 19, 2021

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

Ransomware Attacks Are Spiking. Is Your Company Prepared?: With the migration to remote work over the last year, cyberattacks have increased exponentially. We saw more attacks of every kind, but the headline for 2020 was ransom attacks, which were up 150% over the previous year. The amount paid by victims of these attacks increased more than 300% in 2020. Harvard Business Review, May 20, 2021

Cyberattacks Are Inevitable. Is Your Company Prepared?: Cyberattacks always happen when you least expect them. And when they happen, they happen quickly. Responding appropriately is not just the responsibility of your cybersecurity team; everyone in the organization has a role to play. Is your team prepared? Do they know what to do and what not to do? Most importantly, has your whole team practiced their response? Everyone — the board of directors, company executives, managers, and team members — has to know their roles and responsibilities and work out any potential problems with their response before a live cyberattack puts immense stress on the organization. Harvard Business Review, March 9, 2021

Information Security Management

Businesses are getting better at security. But they’re still forgetting one big risk: The rise of software supply chain attacks are giving rise to the need for engineering chiefs responsible for tech products. ZDNet, May 21, 2021

Cloud Security Blind Spots: Where They Are and How to Protect Them: Security experts discuss oft-neglected areas of cloud security and offer guidance to businesses working to strengthen their security posture. DarkReading, May 21, 2021

The State of Small Business Cybersecurity in 2021: Most business owners are overconfident about their small business cybersecurity postures. Two-thirds of senior-level decision-makers who participated in a 2019 survey said they didn’t believe the small- to mid-sized businesses (SMBs) for which they’re responsible would fall victim to a digital attack. Within this prevailing view, many respondents didn’t view small business cybersecurity as important. Therefore, they didn’t have a plan to protect their employer against digital attacks. Just 9% of survey respondents cited digital security as the most important factor facing their SMB; double that amount ranked digital defense as least important. At the same time, 60% of business leaders revealed that they didn’t have a cyberattack prevention plan. A quarter of respondents stating that they wouldn’t know where to even start with SMB cybersecurity. SecurityIntelligence, May 21, 2021

How To Prevent Critical Infrastructure Business Disruption From Ransomware Attacks: With a renewed focus on preventing and mitigating the impacts of ransomware, the U.S. Cybersecurity and Infrastructure Security Agency has released a new report on the indications of compromise and best practices for preventing business disruption, which a particular focus toward critical infrastructure operators. MyTechDecisions, May 20, 2021

This is how long hackers will hide in your network before deploying ransomware or being spotted: Any time is too long, but hackers are finding ways to wander through networks unseen for longer than you might expect. ZDNet, May 19, 2021

#RSAC: Netflix Exec Explains Where Infosec Pros are Going Wrong .. … and Why Cybersecurity is a Team Sport: Information security professionals need to be more open to adaptation and embrace emerging ideas to enhance overall cyber-resiliency, according to expert speakers during an opening keynote on day 1 of the virtual RSAC Conference 2021. InfoSecurity Magazine, May 18, 2021

Center for Internet Security (CIS) Releases CIS Controls v8 to Reflect Evolving Technology, Threats: Version 8 is organized by activity, resulting in fewer Controls and Safeguards. PR Newswire, May 18, 2021

Secure The Human

Cybersecurity: How talking about mistakes can make everyone safer: Punishing people for falling for phishing attacks isn’t going to help anyone with cybersecurity – but showing empathy and being open to mistakes can help people learn how to stay safe online. ZDNet, May 17, 2021

Cyber Insurance

Cyber insurance premiums rise as ransomware, hacks continue, GAO finds: A growing number of cybersecurity incidents has led many insurers to raise premiums and some to limit coverage in especially risky areas, such as health care and education, according to new findings from a U.S. government watchdog. CyberScoop, May 21, 2021

Cybersecurity in Society

Cyber Crime

Massive Cyberattack On Air India; Credit Cards, Passport Details Hacked: Air India reported a massive data breach in its passenger service system that affected the personal data of around 45 lakh subjects across the world over the last 10 years. Gulte, May 22, 2021

Sierra College victim of ransomware attack: Sierra College was the victim of a ransomware attack Thursday morning that left students unable to submit final assignments and teachers unable to work on posting final grades before Friday’s end of the semester. Gold Country Media, May 21, 2021

CNA Paid $40 Million in Ransom After March Cyber Attack: CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million in late March to regain control of its network after a ransomware attack, according to people with knowledge of the attack. Insurance Journal, May 21, 2021

Irish Hospitals Are Latest to Be Hit by Ransomware Attacks: Hospitals in Ireland, New Zealand and Scripps Health in San Diego are reeling from digital extortion attacks. The New York Times, May 20, 2021

Scripps Health website is back up; patient portal still down: An investigation continues into what data, if any, was potentially affected. La Jolla Light, May 20, 2021

The Full Story of the Stunning RSA Hack Can Finally Be Told: In 2011, Chinese spies stole the crown jewels of cybersecurity—stripping protections from firms and government agencies worldwide. Here’s how it happened. Wired, May 20, 2021


Facial recognition, fake identities and digital surveillance tools: Inside the post office’s covert internet operations program: The post office’s law enforcement arm has faced intense congressional scrutiny in recent weeks over its Internet Covert Operations Program (iCOP), which tracks social media posts of Americans and shares that information with other law enforcement agencies. Yet the program is much broader in scope than previously known and includes analysts who assume fake identities online, use sophisticated intelligence tools and employ facial recognition software, according to interviews and documents reviewed by Yahoo News. Yahoo, May 18, 2021

Know Your Enemy

New Report Profiles Ransomware Cybergangs: That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. TechNewsWorld, May 21, 2021

Attackers Took 5 Minutes to Start Scanning for Exchange Server Flaws: Research underscores the acceleration of attack activity and points to a growing concern that defenders can’t keep pace. DarkReading, May 18, 2021

National Cybersecurity

Could the ransomware crisis force action against Russia?: Moscow’s blind eye toward cybercriminals has made escalating attacks inevitable, say experts. But changing the approach is easier said than done. Technology Review, May 21, 2021

U.S. government denies disrupting Russian ransomware ring that hacked Colonial Pipeline: Hackers affiliated with DarkSide are complaining the group disappeared without sharing payoff money. Washington Post, May 19, 2021

The Cybersecurity 202: Industry groups express cautious optimism about Biden’s executive order on software standards: Industry is cautiously welcoming the Biden administration’s recent executive order mandating new software security requirements for companies that contract with the federal government. Washington Post, May 19,, 2021

Cyber Law

Colonial Pipeline Accused of Negligence in Proposed Class Action: Colonial Pipeline Co. and its owners acted negligently by employing lax cybersecurity standards that left the company vulnerable to a massive ransomware attack, a proposed Georgia federal court class action alleges. Bloomberg, May 20, 2021

Internet of Things

Now Your Car is a Cybersecurity Risk, Too: The automotive industry started taking cybersecurity seriously about six years ago and started investing in designing and deploying cybersecurity solutions. The auto industry is now deploying cybersecurity hardware and software, but there is a long road ahead to get every ECU in the car protected against increasingly cyberattacks. EE Times, May 21, 2021

Cyber Defense

US Chamber Asks Government To Get More Involved In Ransomware Defense: The Chamber of Commerce offered six steps the federal government can take to help American businesses defend against and respond to ransomware cyberattacks. NextGov, May 21, 2021

The UK loves cybersecurity so much, it’s going to regulate managed service providers’ infosec practices in law: And you’re invited to speak your brains on Computer Misuse Act changes. TheRegister, May 18, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge