Weekly News Roundup May 31-June 4, 2021


Posted on by Kacy Zurkus

The dust hadn’t even settled on the Colonial Pipeline ransomware attack—which continues to make headlines nearly a month post-mortem—when we learned of yet another massive attack impacting the meat industry. The ransomware attack on JBS Foods, the world’s largest beef and pork processor, was reportedly the work of the REvil group. As this revelation came to light, TechCrunch reported, “Japanese multinational conglomerate Fujifilm has been forced to shut down parts of its global network after falling victim to a suspected ransomware attack.”

Indeed, just about every industry has been hit with ransomware this week. The Villages Hospital was reportedly “crippled” by a ransomware attack, and island hoppers in Massachusetts are having a tough time securing ferry tickets to Nantucket and Martha’s Vineyard after the Steamship Authority fell victim to ransomware. As these attacks become more prevalent, Reuters reported,U.S. energy companies are scrambling to buy more cyber insurance...but they can expect to pay more as cyber insurers plan to hike rates following a slew of ransomware attacks.” When asked what is happening in the US, Chris Krebs told CBS This Morning, “The reality is that ransomware is a business and business is good. Until we can disrupt the profitability of the ransomware business model, these events are going to continue to happen.”

But these aren’t the only events happening in the cybersecurity industry. Let’s take a look at what else made headlines this week.

June 4: A new bill, the Space Infrastructure Act, would add space systems to the existing list of critical infrastructure currently identified by the Department of Homeland Security. “Under the bill, space infrastructure would include spacecraft and launch vehicles, space-related terrestrial systems and launch infrastructure, related production facilities and information technology systems,” SpaceNews reported.

June 4: The use of facial recognition software by law enforcement agencies in King County, Washington, has been banned.

June 3: Engadget reported, “Working with the IOC, video game developer nWay will release an officially licensed set of NFT Olympic Pins on June 17th.”

June 3:Researchers have discovered a new cyber espionage weapon they believe was developed and is used by a China-based APT group they have named SharpPanda,” SecurityWeek reported.

June 3: MIT Technology Review reporter Patrick Howell O’Neill attributed the current ransomware crisis we are facing to “years of American inaction.”

June 3: CyberScoop reported, “The Supreme Court issued a 6-3 ruling Thursday determining that improper use of a computer system by someone allowed to use it does not fall under the Computer Fraud and Abuse Act, the nation’s landmark hacking law.”

June 2:NortonLifeLock (NLOK) announced Wednesday morning that it is launching a new feature for a select group of early customers of its Norton 360 platform that will allow them to mine for ethereum, the world’s second most valuable cryptocurrency, on their personal computers,” CNN Business reported.

June 2: Industry leaders offered tips on how to defend against some of the most likely attacks malicious actors will leverage against major cloud providers.

June 2: According to NextGov, the IRS is looking for cybersecurity tools for COBOL, an aged yet extant programming language the agency uses to manage its IT systems.

June 1: SolarWinds shareholders brought a class action lawsuit that has now been expanded to include private equity firms Thoma Bravo and Silver Lake Partners. The consolidated claim contends that their business strategies and lack of cybersecurity investments were central to the Orion hack.

May 31: In an effort to combat misinformation on its social media platform, Twitter is reportedly exploring a tiered warning system to identify the accuracy of people’s tweets.

Contributors
Kacy Zurkus

Content Strategist, RSA Conference

Hackers & Threats

ransomware critical infrastructure fake news/influence operations

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community