This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Gerald Auger Ph.D., Chief Content Creator, Simply Cyber
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
Cyber Health Report: Hacker entry point shifts from email to network
We have been covering a growing number of stories on breaches and attacks on hospitals and healthcare systems on Cyber Security Headlines, and yesterday, Critical Insight released its H1 2023 Healthcare Data Cyber Breach Report. Chief among its findings is that “the first six months of the year saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels.” The report predicts that 2023 is “on pace to break the record for individuals affected by breaches.” Hacking/IT incidents were the primary cause of breaches, with network server breaches accounting for 97% of records affected, with only 2% due to email breaches. The full report is available at Critical Insight, and a link is available in the show notes to this episode.
Deep Instinct study finds significant increase in Generative AI fueled cyber attacks
Cybersecurity company Deep Instinct today releases its fourth edition of its Voice of SecOps Report, based on research conducted by Sapio Research which surveyed over 650 senior security operations professionals in the US, including CISOs and CIOs. Chief among its findings: “70% of security professionals say generative AI is positively impacting employee productivity and collaboration, with 63% stating the technology has also improved employee morale. However, 75% of security professionals witnessed an increase in attacks over the past 12 months, with 85% attributing this rise to bad actors using generative AI. Nearly half (46%) agree that ransomware is the greatest threat to their organization’s data security and 62% admit that ransomware is the number one C-suite concern, up from 44% in 2022.” The full report is available at Deep Instinct, and a link is available in the show notes to this episode.
North Korean hackers suspected of targeting S. Korea-US drills
A joint military exercise between South Korea and the U.S. is scheduled to start today, Monday and run through to August 31. Named the Ulchi Freedom Shield drills, this annual event has this year been attacked by hackers, strongly suspected of belonging to Kimsuky, a North Korean group, have attempted to disrupt the event by carrying out “continuous malicious email attacks” on South Korean contractors working at the allies’ war simulation center.” South Korean police and the US military confirm that the IP address used in this spearfishing attack matches one that the group used in a 2014 attack on a South Korean nuclear reactor.
Google Pixel phones gain certificate of authenticity
Pixel Binary Transparency is the name of a new technology from Google aimed at ensuring that the code within the operating system of a Pixel phone is as it should be. It joins Android’s Verified Boot feature as a technique to ensure that malware has not been inserted into the software code or that the code itself has not been tampered with during its lengthy supply chain process. It uses public cryptographic logs to illustrate what a Pixel installation should look like. New entries can be added to this log when new software is released, but they can’t be changed or deleted, meaning unauthorized edits will be visible.
Thanks to today’s episode sponsor, HyperProof
Brits tipping off ransomware targets
The Record’s Alexander Martin profiled the UK’s Early Warning system, operated by the UK’s National Cyber Security Centre. This provides tips to organizations being targeted by ransomware groups. Over the last three months, Early Warning provided tips to one organization over three days, although this only represents about 2% of detected events. This combines signals gathered by UK intelligence agencies with public, commercial, and other inputs to early stage targets. UK officials say it set up Early Warning as an opt-in service because alerting organizations remains challenging. For those not enrolled, finding points of contact remains challenging, as does convincing organizations the notification isn’t a scam itself.
Hosting firm loses customer data after ransomware attack
A ransomware attack hit the Danish hosting firms CloudNordic and AzeroCloud last week. The two firms belong to the same parent company. A statement from the two firms said ”the majority of our customers have consequently lost all their data with us.” The ransomware attack hit during a data center migration, allowing attackers access to all data silos, backups, and admin systems. The firms say they will not pay a ransom and began working with security experts and law enforcement on next steps. The notices recommend customers attempt to recover data from local backups or the Internet Archive’s Wayback Machine.
IBM puts LLM to work translating COBOL
COBOL remains one of the oldest programming languages with surprising staying power. A survey by The Stack estimated that in 2022, over 800 million lines of COBOL were used in daily production environments, possibly increasing over the last 5 years. This comes as the pool of COBOL programmers continues to shrink. With that in mind, IBM announced Code Assistant for IBM Z, a large language model designed to translate COBOL to Java. IBM expects general availability by Q4. The system offers enough nuance to recommend if a sub-service should stay written in COBOL. IBM recommends company use vulnerability scanners to help ensure translated code doesn’t introduce new security issues.
Parmesan producers fight fakes with microtransponders
The famous and ancient cheese officially called Parmigiano Reggiano is loved around the world for its distinctive flavor, and also holds PDO status, which means that like champagne from France and port wine from Portugal, only the cheese produced in the Italian provinces of Parma and Reggio Emilia can use this name. his has naturally given rise to a flourishing trade in counterfeit parmesan, whose $2Bn/year revenue matches that of the original. PDO producers are now inserting US-made microtransponders the size of a grain of salt into the QR labels found on the rind of the cheese wheels to act as anchors back to where the individual cheese wheel was made.