Be Alert to All Threats

While the world watches Russia invade Ukraine, those of us in the cyber security arena has been on high alert for cyber attacks from Russia. However, we must not forget that many bad actors will take advantage of a crisis to attack where we aren’t looking.
A perfect example is the recent attacks on state governments by a Chinese government hacking group. According to Mandiant, at least six state governments have been hacked by this group since early 2021. The states that were attacked have not been named. However, what we do know is that the recent Log4j vulnerability was utilized in some of these attacks.
We often talk about the importance of patching vulnerabilities immediately upon notification that a vulnerability has been discovered and a patch is available. The Log4j is a classic demonstration of why that is so important. Mandiant determined that “within hours” of the public notification of the Log4j vulnerability, the Chinese group began to exploit the vulnerable systems before they were patched. Within hours!
While the Chinese government has a tremendous cadre of cyber attackers ready to pounce, we must not assume that we are safe from attack. As I have said many times, hope is not a strategy. Assuming you are too small to be attacked is not reality. Everyone is at risk, especially if you do not implement even the most basic of cyber security protection.
CYBER NEWS
Russia weighs risks of launching cyberattacks against the West
Russia weighs risks of launching cyberattacks against the West
Although the United States is bracing for retaliatory Russian cyberattacks, experts in the field say the Kremlin is likely still weighing whether destructive action in cyberspace is worth the blowback.
thehill.com • Share
What Is the State of Ransomware Threats for State and Local Agencies?
What Is the State of Ransomware Threats for State and Local Agencies?
A 2021 report finds that government agencies are facing a ransomware “national emergency.”
statetechmagazine.com • Share
Ukraine Situation Drives New Cyber Attack Reporting Mandates
New mandated reporting of major cyber incidents for all owners and operators of U.S. critical infrastructure seems closer than ever, thanks to new bills that are supported by the White House.
www.govtech.com • Share
Cybercriminals are posing as Ukraine fundraisers to steal cryptocurrency
The scams have picked up on Telegram.
www.cyberscoop.com • Share
TIP OF THE WEEK
Reporting Cyber Breach
Although we don’t like to think about it, most of us will be the victim of a cyber breach of some sort at some point. This includes attempts to trick us (i.e., via social engineering) into giving up information or money. Even if we are smart enough to detect it before falling for it, all cyber hacks/breaches/scams, etc. as well as attempted attacks should be reported. This will allow law enforcement to detect trends and even in some instances retrieve funds that you may have lost. Here are some of the reporting that you should make:
Your company’s IT or cyber security team. This may be your Chief Information Security Officer, Chief Information Officer, etc. Or if your company doesn’t have a dedicated security team or IT department, notify your immediate supervisor who will know how to contact your IT or cyber security consultant.
Notify the FBI Internet Crime Complaint Center (IC3). This is the federal law enforcement repository for all things cyber crime-related including ransomware, phishing/vishing, business email compromise, tech support scams, etc. The IC3 has been collecting this data for 22 years and can evaluate trends to help educate the private sector and law enforcement. They can use it to go after the bad guys and can even help to respond to ransomware (they may have a decryption key) or freeze funds via their Recovery Asset Team (RAT).
Contact your local law enforcement agency
Contact any regulatory or government agency that you are required to notify by law
VOCABULARY WORD
Defense-in-Depth: A cyber security strategy used to protect people, operations, information, etc. within a company via implementation of layers of security including: technology devices (firewalls, anti-virus, monitoring, etc.), physical security, policies, employee security awareness training, and more.
CYBER HUMOR