Okta Discloses Broader Impact Linked to October 2023 Support System Breach
Article Link: https://thehackernews.com/2023/11/okta-discloses-additional-data-breach.html
- Recently, Okta released more information in regard to a security incident that impacted the Okta Help Center which was initially thought to have only exposed the data of a small percentage of customers.
- After further investigation, it was identified that a bad actor ran and downloaded a report containing at a minimum all of the names and email addresses of all Okta customer support system users except for those that use their segmented FedRamp High and DoD IL4 systems. Additionally, the hacker is believed to have accessed the information of all Okta certified users, some Okta Customer Identity Cloud customers, and an unspecified amount of Okta employee information.
- While Okta is unaware of the stolen information being exploited at this time, it has recommended leveraging several security best practices including leveraging MFA, admin session binding and timeouts, and enhanced phishing awareness.
- Link to Okta’s Announcement: https://sec.okta.com/harfiles
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
Article Link: https://thehackernews.com/2023/11/iranian-hackers-exploit-plcs-in-attack.html
- CISA recently announced that it is responding to a cyberattack that exploited Unitronics programmable logic controllers (PLCs) at the Municipal Water Authority of Aliquippa in Pennsylvania.
- The attackers breached the water facility’s PLCs by leveraging default passwords to access their PLCs, which were publicly accessible and connected to the Internet. The attack was attributed to Iranian threat actors who regularly target Israeli critical infrastructure.
- While there is no risk to the area’s water supply, this attack is one of many that have hit critical infrastructure throughout 2023.
- Link to CISA’s Report: https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems
Scores of US Credit Unions Offline After Ransomware Infects Backend Cloud Outfit
Article Link: https://www.theregister.com/2023/12/02/ransomware_infection_credit_unions/
- The cloud IT provider, Ongoing Operations, recently suffered a ransomware infection that disrupted the IT services of at least 60 credit unions across the United States.
- While details related to the incident are limited, several of the impacted credit unions reported outages. The National Credit Union Administration (NCUA) confirmed that at least 60 credit unions were impacted and that relevant Federal authorities were informed of the incident.
Law Firms & Legal Departments Singled Out for Cyberattacks
Article Link: https://www.darkreading.com/cyberattacks-data-breaches/law-firms-face-a-more-dangerous-threat-landscape
- According to security researchers, malicious hackers are increasingly targeting law firms and the legal departments of a variety of organizations. In addition to trying to take money from breached organizations, bad actors have increasingly targeted law firms and legal departments to access the confidential and sensitive information that legal teams often have access to.
- Researchers highlighted that attackers are targeting the legal industry by running business email compromise (BEC) scams and engaging in search engine optimization (SEO) poisoning to flood browsers with malicious websites that appear when potential victims search legal terms.
- While large organizations typically have the resources to counter cyber attackers, many law firms only have several employees and often lack the resources and knowledge to address threats.
How to Maintain a Solid Cybersecurity Posture During a Natural Disaster
Article Link: https://www.csoonline.com/article/1249508/how-to-maintain-a-solid-cybersecurity-posture-during-a-natural-disaster.html
- According to the US National Oceanic and Atmospheric Administration (NOAA), over the first ten months of 2023 there were 25 separate climate-related disasters that cost over $1 billion. While natural disasters are concerning for everyone, they can be especially concerning for cybersecurity personnel when natural disasters coincide with cyberattacks.
- As the article notes, this raises the question of “how do I keep my data and operations cybersecure yet accessible during and after a natural disaster?” for organizations.
- The article looks at key concepts to consider when strategizing for business continuity and disaster recovery. These include preparing emergency cybersecurity plans before disasters hit, collaborating with employees across your organization, creating multiple locations for backup storage and expertise if possible, keeping staff contact information and at-home resources updated, and maintaining a continuity cycle of rehearsing and updating emergency cybersecurity plans.
- Link to Ready.gov’s Business Continuity Information: https://www.ready.gov/business/emergency-plans/continuity-planning
- Link to NIST 800-34 “Contingency Planning Guide for Federal Information Systems”: https://www.nist.gov/privacy-framework/nist-sp-800-34
- Link to FRSecure’s Business Impact Analysis (BIA) Overview: https://frsecure.com/blog/business-impact-analysis/
- Link to FRSecure’s BIA Starter Kit: https://frsecure.com/business-impact-analysis-starter-kit/
Five Resolutions to Prepare for SEC’s New Cyber Disclosure Rules
Article Link: https://www.helpnetsecurity.com/2023/11/29/sec-cyber-disclosure-rules-importance/
- Over the course of 2023, many security initiatives have been driven by regulators, law enforcement, and investors. As the article emphasizes, the U.S. Securities and Exchange Commission’s (SEC) new cybersecurity risk management rules are one of many such initiatives.
- The article points out several ways that organizations can prepare for new incident disclosure requirements. These include increasing collaboration between technology leaders and executive leadership, focusing on incident detection and response, committing to good cyber housekeeping, informing all employees of their cybersecurity roles, and learning from the mistakes of other organizations.
CISA, NCSC Offer a Road Map, Not Rules, in New Secure AI Guidelines
Article Link: https://www.darkreading.com/cyber-risk/cisa-ncsc-offer-a-road-map-not-rules-in-new-secure-ai-guidelines
- Recently, CISA and 22 other domestic and international cybersecurity organizations co-sealed and published a document that outlines optional guidelines for the development of Artificial Intelligence.
- The guidance breaks AI development into four key sections. These include secure design, secure development, secure deployment, and secure operation and maintenance.
- Link to CISA’s Guidelines: https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3598020/guidance-for-securing-ai-issued-by-nsa-ncsc-uk-cisa-and-partners/
Stop Panic Buying Your Security Products and Start Prioritizing
Article Link: https://www.helpnetsecurity.com/2023/11/28/cybersecurity-tool-purchasing/
- As we move into 2024, organizations will be starting with new cybersecurity budgets. The article emphasizes that all organizations, regardless of if their budgets are increasing or not in 2024, should look to maximize their budget as much as possible.
- The author notes that the cybersecurity industry often leverages fear, uncertainty, and doubt (FUD) as a selling tactic. As a result, many security leaders may make impulsive decisions to acquire tools even if they do not adequately address the organization’s highest risk areas.
- While new technologies can be beneficial, it is vital that organizations look internally and try to optimize their spending and address the risks that threaten their most important systems. As such, organizations should identify their top priorities and utilize their budgets to adequately address those top priorities accordingly.
