Cybersecurity Chronicles | October 9, 2023
Week in Headlines
HOSPITALITY: Double Down Drama: Casino Cyberattack Scandal
MGM Resorts International and Caesars Entertainment both recently disclosed cyberattacks affecting their operations. MGM suffered a cyberattack on September 11 that disrupted its reservation system, digital room keys, and gambling technology, costing the company over $100 million. In response, MGM apologized to customers, rebuilt its IT environment, and offered free identity protection and credit monitoring services.
INSURANCE: Insurance Co. Notifies Claimants of Data Breach
Builders Mutual Insurance Company Inc. disclosed a data breach affecting 64,761 individuals to the Attorney General of Maine. The breach, discovered on December 14, 2022, exposed sensitive data like names, Social Security numbers, medical and health insurance information, and workers' compensation details. The company conducted an investigation, completed file reviews on August 1, 2023, and sent data breach notifications to affected parties. The exact cause of the breach is under investigation, and Builders Mutual Insurance is based in Raleigh, North Carolina, offering various commercial insurance products with approximately $384 million in annual revenue.
MANUFACTURING: State-Backed Hackers Target Semiconductor Firms
According to research by Dutch cybersecurity firm EclecticIQ, state-backed Chinese hackers are conducting an espionage campaign against semiconductor companies in East Asia. The hackers, linked to a group known as Budworm or APT27, utilized the HyperBro loader to pose as Taiwan Semiconductor Manufacturing Company (TSMC) and trick victims into clicking on malicious links. Once infected, victims' computers were equipped with a Cobalt Strike beacon, allowing remote commands and data theft. This campaign highlights the persistent threat of cyber espionage in the semiconductor industry.
SOFTWARE: Too Simple Non-Password-Protected Database Leaks
3 million records were associated with global B2B CRM provider Really Simple Systems and included sensitive information like personally identifiable information (PII), medical records, and legal documents. The exposed data was publicly accessible, potentially putting both businesses and individuals at risk. This incident raises concerns about the security of customer relationship management (CRM) systems and the potential for cybercriminal activities such as invoice fraud and phishing attacks.
ARMED FORCES: NATO 'actively addressing' Cyberattack on Websites
The North Atlantic Treaty Organization (NATO) is currently investigating a cyberattack on some of its unclassified websites, allegedly carried out by a hacking group called SiegedSec. The group claimed to have stolen 9 GB of data, including thousands of documents, from various NATO portals. NATO stated that there have been no operational impacts on NATO missions or military deployments.
ENERGY: FBI - Sector Heating Up as Cyber Target
The FBI has issued a warning to the energy sector, anticipating increased cyberattacks by Chinese and Russian hackers due to changes in the global energy supply chain and geopolitical factors. The alert highlights the ongoing efforts of hackers to probe and exploit vulnerabilities in critical infrastructure, emphasizing the need for heightened vigilance.
Join The CyberRisk Governance Group
Consider joining risk professional peers in the fast-growing LinkedIn group specifically about CyberRisk Governance.
The aim of the group is to help technologists, risk & compliance managers, and business leaders better manage their CyberRisk.
Would you like to join us?
Here's the link: https://www.linkedin.com/groups/13991569
INSIGHTS & EXPERT PERSPECTIVES
REGULATIONS - Failing Cyber Could Mean Failing to Meet Regulatory Obligations
The Australian Home Affairs Minister, Clare O'Neill, announced a national cyber security strategy that includes six "cyber shields" to protect the nation from cyber threats. These shields encompass education, safe technology, threat-sharing and threat-blocking, critical infrastructure protection, sovereign infosec capability, and coordinated global action. The goal is to have these measures in place by 2030.
In parallel, Joe Longo, the chair of the Australian Securities and Investments Commission (ASIC), emphasized that cyber security and resilience are essential aspects of a board's duties. He warned boards not to subscribe to the "vaccination theory of cyber security," emphasizing that taking an active approach to managing supply chain and vendor risk is crucial. He also stressed the importance of crisis plans, response and recovery plans, and the need for identifying critical information and systems.
INSIGHTS: These statements from Australian officials highlight evolving global trends in cyber and regulatory expectations and the need for proactive risk management. If you are a U.S. firm - stay informed, assess relevance to your operations, and take appropriate actions to strengthen your cybersecurity practices and compliance efforts.
Ultimately prepare for some variation(s) of these statements to reach the US and EU shores; and in the meantime prepare with the following in mind.
Recognize that cyber security is no longer a technical matter but a core Executive & Directorial Duty. Neglecting this responsibility will lead to regulatory consequences and legal liabilities.
It is no longer adequate to believe that minimal is sufficient for cyber security. Boards need to take an active role in managing and being informed about evolving cyber risks.
Develop comprehensive plans for communication with stakeholders in case of (but really WHEN) cyber incidents occur. This includes clear response and recovery plans that involve third-party suppliers and vendors.
STRATEGY - Cyber Budget Cuts and Strategic Challenges
Cybersecurity budget growth among enterprises slowed by 65% in the 2022-2023 budget cycle, reflecting budget tightening due to global instability and inflation.
A study by IANS Research revealed reduced allocation of funds for cybersecurity across various sectors, particularly in tech firms.
CISOs reported flat or declining budgets in 37% of cases, and budget approval rates dropped. Budget increases were often triggered by security incidents or industry disruptions.
INSIGHTS: While this report is primarily relevant to Chief Information Security Officers (CISOs) and IT departments, corporate boards should be aware of these trends as they have implications for overall cybersecurity posture, risk management, and regulatory compliance (see New SEC Rules.)
When budgeting, Executives need to consider if the budget addresses a reactive approach or if a more proactive to cybersecurity risks is adequate. We'd recommend an adaptive approach that provides more flexibility and strikes a balance for the organization to be more agile.
Executives and Boards should ensure that there is alignment between compliance, IT, and cybersecurity spending to maintain a strong security posture.
Wondering where to start and properly plan your budgets?
We'd recommend organizations conduct a thorough risk assessment to evaluate the potential impact of reduced cybersecurity budgets on the organization's security posture.
This assessment should include an analysis of the organization's vulnerabilities and exposure to cyber threats.
We help organizations with their cyber and budgets to realign, reallocate, and reprioritize based on organizational necessity and legally defensible security - not to make a software sale, but to elevate cognizance and resilience.
Ways We Can Help You Elevate Your Cyber Risk Cognizance
Get a Fast and Comprehensive Risk Assessment
Our fully automated Security And Risk Assessment (SARA) performs as an auditor to provide an unbiased audit of your technical and risk controls.
Identify Gaps
Reorient Resources
Prioritized For Network
Contact Netswitch for more info.
Attend a LinkedIn Live Event
We host regular LinkedIn Live Events to provide insights to elevate your cognizance.
Our intent is to facilitate communication and collaboration among stakeholders - Business Executives, Technologists, and Governors – to achieve alignment of technical controls to meet GRC objectives and improve processes to meet both.
Keep up to date about future events by following Netswitch.
https://www.linkedin.com/company/netswitch-technology-management/events/
Signup for Our "Quick Start" Pilot Program
Reduce Control Misalignment
Meet GRC Requirements
Improve Cyber Resilience
Know your risk level in cybersecurity and governance at NO COST.
To find out more just contact Netswitch on LinkedIn for more info. and we'll get a Demo Scheduled
Join Our CyberRisk Governance Group
Consider joining risk professional peers in the fast-growing LinkedIn group specifically about CyberRisk Governance.
The aim of the group is to help technologists, risk & compliance managers, and business leaders better manage their CyberRisk.
Would you like to join us?
Here's the link: https://www.linkedin.com/groups/13991569
DISCLAIMER: Any articles, information, or links are provided by Netswitch for reference only. While we strive to keep the information and links correct and safe, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, articles, or related graphics contained on the destination website. Any reliance you place on such information is therefore strictly at your own risk.