With only a few weeks left in the year, many are now focused on 2022. The RSA Conference team is excited to bring our community together in San Francisco February 7-10, and this week we had two major news announcements. The RSAC 2022 agenda is live, and we have an incredible lineup of keynote speakers who will be joining us on both the West and South Stages.
CISA also named nearly two dozen members to its new Cybersecurity Advisory Committee, an impressive collection of distinguished leaders and industry influences across multiple sectors (some of whom you’ll see on the RSAC 2022 stage). In thinking about what public-private partnerships and collaboration mean to our industry while exploring this week’s headlines, I thought about Aeschylus’ Oresteia and the concept of justice. Many reports this week affirmed the good that can come from working together. We see the successes law enforcement is having with identifying malicious actors and bringing them to justice.
As the chorus sang in the Oresteia, the cybersecurity industry should also exclaim, “Cry sorrow, sorrow – yet let good prevail!” Here are a few examples of why: Krebs on Security reported that Nickolas Sharp, a former developer at Ubiquiti Networks, was charged with extortion for allegedly causing a data breach in 2020. The Department of Justice sentenced a Philadelphia man to seven years in prison for defrauding the IRS and running a fraudulent debt relief scheme. Bleeping Computer reported, “The FBI seized $2.3 million in August from a well-known REvil and GandCrab ransomware affiliate.” Europol arrested 12 online fraudsters in a global counterfeiters operation. And, according to The Daily Swig, “The final member of an international hacking group known as ‘The Community’ has been sentenced for his role in a multimillion-dollar SIM-swapping campaign.” Yes, “let good prevail!”
Now, let’s take a look at what else made industry headlines this week.
Dec. 3: Facebook continues to struggle with combatting disinformation.
Dec. 3: “A series of malicious campaigns have been leveraging fake installers of popular apps and games such as Viber, WeChat, NoxPlayer, and Battlefield as a lure to trick users into downloading a new backdoor and an undocumented malicious Google Chrome extension with the goal of stealing credentials and data stored in the compromised systems as well as maintaining persistent remote access,” The Hacker News reported.
Dec. 2: Though the CEO of the American Public Transportation Association (APTA) argued that imposing a uniform reporting mandate on critical infrastructure could negatively impact rail transit systems, the federal government has set forth two new cybersecurity requirements for critical passenger and freight railways.
Dec. 2: According to Threat Post, the highly sensitive clinical information of 400,000 Planned Parenthood patients was compromised in a ransomware attack.
Dec. 1: NBC News reported, “There’s just no longer any reason for regular people to pay for antivirus software for their personal devices.”
Nov. 30: Kristina Balaam, Senior Security Intelligence Engineer at Lookout, penned a blog about finding her niche in cybersecurity, noting, “Despite a lack of exposure to issues in computer security during my undergraduate education, I now work as a senior threat researcher tracking advanced persistent threats as they relate to nation-state actors and cybercriminal organizations.”Nov. 29: Those hospitals that have been the victims of cyberattacks resulting in data breaches are now being hit with class-action lawsuits, with former patients alleging the institutions did not do enough to safeguard data.