The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Cyber Command Cyber National Mission Force (CNMF) identified tactics, techniques, and procedures (TTPs) used by North Korean advanced persistent threat (APT) group Kimsuky to gain intelligence on various topics of interest to the North Korean government.
If we ended up in a cyberbattle with some of the top nation-state actors, they could shut down supply chains, hospitals, the internet, oil and gas, electricity grids, water systems and more.
A national cyber director would be able to coordinate the cybersecurity flow of information to the executive branch and be able to coordinate a strategy to defend against these kinds of attacks.
October is National Cybersecurity Awareness Month, and we wholeheartedly support this important initiative to focus attention on the critical security challenges facing all of us. This week’s theme focuses on the continued proliferation of IoT with, “The Future of Connected Devices.”
If there’s one major cyber trend we’ve seen unfold around connected devices, it’s that there is a tendency to focus cybersecurity awareness on what we can see – phones, laptops, and IoT devices, while assuming that protecting endpoints will stop the epidemic of damaging cyberattacks.
A company that offers psychotherapy to thousands of patients across Finland says it’s been the victim of a data breach, with the personal information of customers held for ransom. Vastaamo, which sees patients in 20 cities including Helsinki, Joensuu, Jyväskylä, Pori, Turku and Tampere, says “an unknown hostile party” got in touch with them saying they had obtained customer details.
On one hand, we have cybersecurity solutions that are not keeping pace with today’s hackers. In spite of more resources being devoted to cybersecurity, cyber compromises are at an all-time high, with even less experienced hackers now gaining access. At the same time, hardware designers are changing their industry standards and direction. This change enables hackers anytime access to hardware - even when it is powered off. The result of this combination is a perfect cyber storm, ready for disaster.
One Identity released commissioned global survey results that reveal IT and security team attitudes regarding their responses to COVID-19-driven work environment changes.
Mimecast Limited released new research which highlights the risky behavior of employees using company-issued devices. More than 1,000 respondents in countries throughout the globe were asked about their use of work devices for personal activities and how aware they are of today’s cyber risks.
LogMeIn released findings of a new LogMeIn Central report commissioned to reveal the current state of IT in the new era of remote work. The report, “The Surprising New State of IT in a Remote World: Tackling Challenges and Redefining IT for Future Success” was conducted in partnership with Lab42 and quantifies the impact of COVID-19 on IT roles and priorities for small to medium-sized businesses.
Digital Shadows released its latest research examining foreign threats to the 2020 US presidential election. After infamously compromised elements of the 2016 Election, connected to malicious actors linked to the Russian state, Digital Shadows has uncovered further evidence related to similar efforts this year.
Over the past decade we’ve seen an increase in consumer grade IoT devices, but the security of those devices hasn’t always kept pace with the realities of the cyber threats targeting what is arguably an unmanaged computing device. These cyber threats are made more concerning when the expected lifespan of the device is factored in. After all, dishwashers, thermostats and doorbells aren’t devices like smartphones where there is social pressure to have the latest version.