The heat is on in cyber, and that’s not because we are on the precipice of the first day of summer. Rather, threat actors believed to have ties to the Russian and Chinese governments have been exploiting vulnerabilities and targeting government agencies and private companies on a global scale.
Cybercriminals leveraged a vulnerability in a widely used software to infiltrate several US federal government agencies, among them are the Energy Department and Johns Hopkins University. The same day the MOVEit breach made headlines, the World Economic Forum reported that a massive cyber-espionage campaign targeting critical infrastructure is targeting US companies. And, “The U.S., along with its key “Five Eyes” intelligence partners, issued an unusual joint statement last month that a Chinese government espionage group had hacked into critical infrastructure systems in Guam,” The Hill reported.
Meanwhile, “the average cost of cybersecurity systems, solutions and staff is increasing.” If resources are limited, there are some actions that will make a difference in your organization’s overall cybersecurity posture. To learn more about security strategy and operations, visit the RSAC Library.
Now let’s take a look at what else made industry headlines this week.
Jun. 16: A Russian national is facing charges from the US Justice Department for his involvement in the LockBit ransomware attacks.
Jun. 16: “Polish police officers of the country's Central Bureau for Combating Cybercrime detained two suspects believed to have been involved in operating a DDoS-for-hire service (aka booter or stresser) active since at least 2013,” Bleeping Computer reported.
Jun. 15: Cryptocurrency scammers are reportedly leveraging cloud mining services to send funds to a mainstream crypto exchange.
Jun. 15: Wired reported, “The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.”
Jun. 14: On-going investigations of an adversary-in-the-middle (AitM) attack on Microsoft Office 365 indicate that there could be a much larger, multi-stage business email compromise campaign underway.
Jun. 13: Venture Beat outlined the Top 10 cybersecurity findings from Verizon’s 2023 data breach report.
Jun. 12: Infosecurity Magazine reported, “The websites of several Swiss federal agencies and state-linked companies were inaccessible on Monday, June 12, 2023, due to a cyber-attack, Switzerland’s finance ministry has confirmed."