Ransomware returned to headlines this week, with the White House hosting the Second International Counter Ransomware Initiative Summit. According to a press release, “Throughout the Summit, CRI and private sector partners discussed and developed concrete, cooperative actions to counter the spread and impact of ransomware around the globe.” The CRI established a series of initiatives, including creating an International Counter Ransomware Task Force and building stronger relationships with private-sector partners to actively share information.
While defenders were busy planning their strategies for enhancing cyber capabilities, attackers continued to target victims. A new report published by the US Treasury Department’s Financial Crimes Enforcement Network found a sharp increase in ransomware attacks in 2021. Similarly, the UK’s National Cyber Security Centre (NCSC) noted the pervasive threat of ransomware in a report released this week. Additionally, cybersecurity researchers identified a new analysis tool being used by the Black Basta ransomware operation, indicating they could be linked with another threat group dubbed FIN7.
To learn more about the most dangerous new attacks and how to prepare for cyberthreats in ICS, visit the RSAC Library, where you’ll find thousands of webcasts, podcasts, blog posts, and more.
Now let’s look at what else made cybersecurity headlines this week.
Nov. 4: “A business email compromise (BEC) group dubbed ‘Crimson Kingsnake’ has recently been spotted impersonating well-known international law firms to trick recipients into approving overdue invoice payments,” Infosecurity Magazine reported.
Nov. 3: Australia’s Cyber Security Centre reported the agency saw a 13% increase in the number of cybercrimes with attackers targeting businesses, government agencies, and citizens.
Nov. 3: The Record reported, “Jeppesen, a wholly-owned Boeing subsidiary that provides navigation and flight planning tools, confirmed on Thursday that it is dealing with a cybersecurity incident that has caused some flight disruptions.”
Nov. 3: Biometric monitoring technologies are being deployed across multiple sports stadiums around the world in advance of the 2022 World Cup.
Nov. 3: An attacker reportedly targeted a US media company with malware resulting in a supply chain attack that impacted more than 250 news sites across the country.
Nov. 2: CNN Business reported, “The US government should ban TikTok rather than come to a national security agreement with the social media app that might allow it to continue operating in the United States, according to Brendan Carr, a commissioner at the Federal Communications Commission.”
Nov. 1: CISA Director Jen Easterly asserted that the election infrastructure is well protected in advance of midterm elections and warned that normal mishaps and glitches that are not typically nefarious could be leveraged to spread disinformation related to elections.
Nov. 1: Dark Reading reported, “With the vast majority of business leaders expecting a recession in 2023, cybersecurity firms are bolstering their operations and cash flow by laying off workers.”
Oct. 31: “The Army is exploring how to use Software Bills of Material requirements in contracts, potentially putting the military department at the leading edge of federal organizations looking to use “SBOMs” to secure their software supply chains,” according to Federal News Network.