Because the start of the 2023-2024 school year has introduced opportunities for hackers to cause major disruptions across school campuses, many news stories this week offered tips for protecting cybersecurity as students return to the classroom. Still, after a ‘significant’ security incident, the University of Michigan shut down access to the internet for two days. Additionally, the University of Sydney issued a cyber incident notice upon learning that one of its third-party providers experienced a data breach. In Maryland, a new ransomware group dubbed Rhysida, claimed responsibility for an attack on one of the largest school districts in the US.
Though these incidents do cause concern, I was tickled to see that the number of colleges and universities whose names were in the headlines for more implementing or improving their cybersecurity offerings. Rhode Island College now offers a BS in cybersecurity. Having received an NSA grant for $1.45 million, Metro State University announced the launch of a new cybersecurity clinic to help SMBs and nonprofit organizations boost their cybersecurity posture. The University of Nevada will host a cybersecurity conference in early October, “to tackle the growing challenges in cybersecurity, [and promote] collaboration and synergy among industry and academia.” A US-based startup will be collaborating with the University of Arkansas at Little Rock to strengthen industrial control systems security using AI. And, Amazon made a generous $50,000 donation to Cyber.org’s Project REACH to provide cybersecurity education to the K-12 sector and help build a diverse pipeline of young people interested in cybersecurity careers.
To learn more about how the cyber maturity of any organization can impact the people and culture, join us for the RSAC 365 Virtual Seminar on People, Process & Technology on September 7, 2023.
Now let’s look at what else made industry headlines this week.
Sep. 1: The FBI’s Safe Online Surfing Internet Challenge opened, providing a free, educational program for school age children in both English and Spanish.
Aug. 31: BBC News reported, “A hacking group called Anonymous Sudan took X, formerly known as Twitter, offline in more than a dozen countries on Tuesday morning in an attempt to pressure Elon Musk into launching his Starlink service in their country.”
Aug. 30: WFSB in Hartford, Connecticut reported, “A criminal ransomware network connected to a cyberattack at some of Connecticut’s hospitals has been taken down by the FBI, according to the Department of Justice.”
Aug. 30: The UK’s National Cyber Security Centre (NCSC) warned of the risks in AI chatbots, noting malicious actors can potentially manipulate the outputs of large language models.
Aug. 29: Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) reported a data breach believed to be the work of Chinese hackers.
Aug. 29: Colorado is also using $500,000 from a multi-state settlement with Equifax to invest in a cybersecurity program at Metropolitan State University.
Aug. 29: The FBI and Justice Department led a multinational operation to take down of Qakbot, a malware and, “botnet infrastructure used by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.”
Aug. 28: According to Florida Bar News, “The new Standing Committee on Cybersecurity & Privacy Law will work with other Bar committees to help lawyers appreciate the growing threat of data breaches, and how to mitigate them.”