Cyber-Attacks Rose 30% in 2023, With the United States the Top Target
Article Link: https://www.techradar.com/pro/critical-infrastructure-sustained-13-cyber-attacks-per-second-in-2023
- Researchers from KnowBe4 revealed that cyber-attacks on critical infrastructure surged 30% from January 2023 to January 2024, with 420 million incidents globally, heavily impacting power grids, transportation, and communication systems.
- The U.S. was the primary target, with threat actors from China, Russia, and Iran searching for vulnerable sectors that manage services such as water networks and power grids.
- Experts warn of severe, even crippling, risks to essential services like utilities and hospitals, and support a defense-in-depth security plan for critical U.S. infrastructure sectors.
- Link to KnowBe4’s Report: https://www.knowbe4.com/press/knowbe4-report-reveals-critical-infrastructure-under-siege-with-cyber-attacks-increasing-30-percent-in-one-year
Complying With PCI DSS Requirements by 2025
Article Link: https://www.helpnetsecurity.com/2024/09/02/pci-dss-requirements/
- PCI DSS 4.0.1 demands major changes, including stricter encryption and broader MFA requirements by April 2025. Companies must start now to avoid last-minute issues and increased costs.
- New requirements like automated log reviews and authenticated scans will strain resources, making it crucial to enhance detection and response capabilities.
- The standard’s new rules on tamper detection for payment pages highlight the urgent need to upgrade defenses against e-commerce fraud.
- Organizations should conduct a scope analysis and align PCI DSS with other standards like ISO 27001 and GDPR to streamline compliance and prepare for audits before the 2025 deadline.
Why Identity Teams Should Start Reporting to CISOs
Article Link: https://www.darkreading.com/cybersecurity-operations/why-identity-teams-need-to-start-reporting-to-the-ciso
- Identity is now a key factor in almost every security beach, making it clear that responsibility for identity security should move from IT to the CISO. CISOs have the right expertise to manage it with a stronger security focus.
- When CISOs take control of identity management, they can enforce important practices like least privilege and proper segmentation, which help prevent overprivileged or unmanaged accounts—common security risks.
- By giving CISOs authority over identity security, organizations can improve accountability and strengthen protections, reducing the chances of identity-related breaches.
- Strong identity protection goes beyond MFA and access control. It requires combining identity and network segmentation to fully contain threats and stop attackers from elevating privileges and moving laterally through compromised systems.
White House Thinks It’s Time to Fix the Insecure Glue of the Internet: Yup, BGP
Article Link: https://www.theregister.com/2024/09/03/white_house_bgp_security/
- The White House Office of the National Cyber Director (ONCD) has a plan to address security issues in the Border Gateway Protocol (BGP), which is crucial for data routing, by recommending the use of Resource Public Key Infrastructure (RPKI) with digital certificates to enhance data path security.
- A team from ONCD and the Cybersecurity and Infrastructure Security Agency (CISA) will implement the plan, which includes network operators developing risk management plans, publishing Route Origin Authorizations (ROAs), and monitoring routing security. In contrast, network providers are expected to use Route Origin Validation (ROV) filtering and assist customers with security.
- The Federal Government is supporting efforts to improve internet routing security by implementing new procurement rules, providing agencies with ROA guidance, promoting best practices, and working with CISA, the Office of Management and Budget (OMB), and other federal groups to raise awareness, set industry standards, and collaborate with international partners.
- Link to the White House’s Fact Sheet: https://www.whitehouse.gov/oncd/briefing-room/2024/09/03/fact-sheet-biden-harris-administration-releases-roadmap-to-enhance-internet-routing-security/
Secrets Exposed: Why Your CISO Should Worry About Slack
Article Link: https://thehackernews.com/2024/09/secrets-exposed-why-your-ciso-should.html
- Collaboration tools like Slack, Jira, and Confluence are becoming prime targets for secret leaks, exposing critical credentials that can lead to massive data breaches.
- Machine identities outnumber human identities 45-to-1 according to CyberArk, multiplying the risks as sensitive application programming interface (API) keys, access tokens, and encryption keys spread across various platforms, essentially doubling the attack surface.
- High-severity secrets found in collaboration tools pose a greater risk than those in source code, significantly expanding the vulnerability window for attackers to exploit.
- Organizations must expand real-time secrets detection to collaboration tools, adopt a culture of secrets awareness, and act quickly to mitigate potential breaches.
Cloud Computing Hits the Nuclear Button Amid Energy Crisis
Article Link: https://www.theregister.com/2024/09/03/cloud_growth_energy_challenges/
- Artificial intelligence services are fueling cloud computing growth, but power shortages are hindering the expansion of data centers despite $80 billion in quarterly global infrastructure spending.
- Companies are exploring energy solutions like nuclear power and small modular reactors (SMRs). However, these operations are costly and still years from widespread deployment.
- Renewable energy sources like fuel cells, geothermal, and wind are being tested. Still, they also face challenges, such as carbon emissions and storage difficulties.
- National power grids are under pressure, with data centers consuming large amounts of electricity; a mix of energy sources, including gas-powered backups, may be needed until infrastructure improves.
- Link to Synergy Research Group’s Report: https://www.srgresearch.com/articles/cloud-market-growth-stays-strong-in-q2-while-amazon-google-and-oracle-nudge-higher
Cyber Insurance: A Few Security Technologies, a Big Difference in Premiums
Article Link: https://www.darkreading.com/threat-intelligence/cyber-insurance-security-technologies-premiums
- Ransomware and email fraud cause 80-90% of cyber insurance claims. Using defenses like multifactor authentication (MFA), secure backups, and stronger remote access controls can dramatically cut both risk and premiums.
- Cyber insurers are increasingly prioritizing tools like managed detection and response (MDR) and endpoint detection and response (EDR), which catch threats early, minimizing damage and slashing insurance costs.
- Companies with strong, redundant backup strategies reduce damages by 72% and avoid hefty ransom payments, while those without will likely face higher costs and slower recoveries.
- With 40% of claims 2024 linked to third-party breaches, securing external partners has never been more critical.
- Link to atBay’s Report: https://www.at-bay.com/press_releases/insursec-can-drive-an-effective-proactive-cybersecurity-strategy-new-analyst-report/
- Link to PR Newswire’s Report: https://www.prnewswire.com/news-releases/global-ransomware-attacks-demands-and-payments-rose-in-second-quarter-according-to-corvus-insurance-cyber-threat-report-302228081.html?tc=eml_cleartime
Two Nigerians Sentenced to Prison in US for BEC Fraud
Article Link: https://www.securityweek.com/two-nigerians-sentenced-to-prison-in-us-for-bec-fraud/
- Two Nigerian nationals were sentenced in the U.S. for running a business email compromise (BEC) scheme that defrauded companies of over $5 million through phishing and malware attacks.
- The scheme, active from 2016-2021, targeted organizations by sending phishing emails that appeared legitimate, tricking employees into making fraudulent wire transfers.
- With prison sentences of 10 years and 5 years, and $5 million in restitution ordered, this case showcases the critical need for stronger defenses against email fraud and malware infiltration.
Admins of MFA Bypass Service Plead Guilty to Fraud
Article Link: https://www.bleepingcomputer.com/news/legal/admins-of-mfa-bypass-service-plead-guilty-to-fraud/
- Three men pled guilty to running OTP[.]Agency, an illegal service that helped criminals bypass multi-factor authentication (MFA) by obtaining one-time passcodes, impacting over 12,500 victims in the U.K.
- The service offered access to over 30 online platforms, including Apple Pay and bank accounts, enabling criminals to bypass security for as little as £30 ($40) a week, with potential earnings for the group reaching £7.9 million ($10.4 million).
- This high-tech fraud operation, which exploited weaknesses in MFA, indicates a need for stronger defenses against social engineering attacks as criminals increase their efforts in targeting online banking and payment systems.