The Colonial Pipeline attack is the latest to show that ransomware is increasingly encroaching on everyday life, say Vice. According to many experts it was only a matter of time before an attack like this hit, and millions felt the effects. Rob Lee, CEO of security firm Dragos, commented that “this is the largest impact on the energy system in the United States we've seen from a cyberattack.” In the recent past ransomware has been responsible for compromising services provided by hospitals, police databases, and now energy providers, with governments concerned for their critical infrastructure.
An executive order was issued by the Biden Administration on May 12th which aims to increase the level of cybersecurity in the United States. Seen by many as a reaction to the Colonial Pipeline attack, the order has actually been in the works since Biden took office, mostly as a reaction to the SolarWinds attack in 2020. Most of the sections of the order are directed at protecting U.S. government systems, stating that zero-trust models and two-factor authentication should be used wherever possible. Other measures include better collaboration between departments against cyber threats, and more stringent tests on software safety.
The Transport Salaried Staffs’ Association (TSSA) union has hit out at West Midlands Trains after an employee phishing test took place. Around 2,500 employees were sent an email which thanked them for their work during the pandemic and promised a bonus, however, those employees who clicked a link within the email were then told that they had failed a company security test. The message said, “This was a test designed by our IT team to entice you to click the link and used both the promise of thanks and financial reward.” Phishing is a huge risk to companies everywhere and employee awareness tests are common practice, however, the TSSA called the exercise “cynical and shocking.”
Around 15% of all UK adults use their pet’s name in their password, a survey from the National Cyber Security Centre (NCSC) has revealed. The report has come at a time when remote working has become commonplace, putting extra importance on password security. The results of the survey showed that pets’ names were the most common form of password at 15%, followed by family members’ names (14%), important dates (13%), and favourite sports teams (6%). Along with these results, the report included examples of the most commonly used, and most predictable, passwords.
This month, MyCena Security Solutions CEO Julia O’Toole lent her thoughts to Ciso Mag on the single points of failure in any digital infrastructure. Julia warns that just one vulnerability can lead to large-scale chaos, citing the SolarWinds hack and how one lost password led to a massive espionage operation. Julia advises “going back to the drawing board” and removing these single points of failure to prevent long-term cyber damage.
Following the leaked account details of more than 533 million users, Facebook has come under fire once again. An email sent by internal teams was ironically at the centre of another privacy misplay – this time, the email was accidentally sent to Data News in Belgium. The email suggested that the social network “expected” incidents like this and that it would issue limited statements. Facebook told the BBC they understood people’s concerns and are doing everything to strengthen systems.
