Many a cybersecurity warning was published this week, evidence of escalating concerns that Russia is plotting cyberattacks against the United States. CISA and the FBI warned that Russian hackers may be “exploring options to conduct potential cyberattacks.” The Wall Street Journal published news that AI experts are concerned about potential attacks on the financial sector, and in a statement on the nation’s cybersecurity published by the White House, President Biden urged “our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year.”
We also saw legislators examining the reporting and incident response steps taken by companies who were victims of REvil ransomware attacks. “In each case, REvil successfully infiltrated and encrypted the systems of the companies. All of the firms had prepared incident response plans and had notified the federal government. None of them paid the ransom,” The Record reported.
While all organizations across the public and private sectors are urged to boost their defenses, threats to US critical infrastructure remain a top concern. To learn more about making security simpler and developing an incident response plan, explore a variety of content available in the RSA Conference Library.
Here’s a look at other news that made cybersecurity headlines this week.
Mar. 25: The Cybersecurity 202 reported, “The Russian military was behind a hack of the satellite firm Viasat in the early days of the Ukraine invasion, U.S. intelligence analysts conclude, and U.K. police arrested seven people in the Lapsus$ hacking case.”
Mar. 24: A 23-year-old Russian national, Igor “Floraby” Dekhtyarchuk, alleged to have operated a dark web marketplace where cybercriminals could purchase stolen data and credentials, was indicted by the US Department of Justice.
Mar. 24: Engadget reported, “Cybersecurity researchers investigating the [Okta] attacks have traced them to a 16-year-old living with his mother near Oxford, England, according to Bloomberg.” Okta and Microsoft are reportedly not the only victims.
Mar. 23: Okta’s CSO David Bradbury said that 366 customers were impacted during the five-day window in January when hackers accessed the laptop of a third-party contractor.
Mar. 23: Together with the Cloud Security Alliance (CSA) and the Bank Policy Institute (BITS), the Cyber Risk Institute (CRI) announced the release of a collaborative cloud extension, a set of cybersecurity and cloud deployment expectations for the CRI Profile version 1.2.
Mar. 23: CSO Online reported, “Spurred by recent attacks, some U.S. states are taking action and allocating funds to boost their defenses against cyber threats.”
Mar. 22: “HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models,” BleepingComputer reported.
Mar. 22: There’s potential that the Department of Defense may have more opportunities to do Zoom meetings as the videoconferencing platform received expanded authorization for Impact Level 4 (IL4) meetings.
Mar. 22: An app that has been downloaded from the Google Play Store over 100,000 times has been removed because it reportedly contains password-stealing malware.
Mar. 21: The Hacker News reported, “A novel phishing technique called browser-in-the-browser (BitB) attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks.”