The White House unveiled its national cybersecurity strategy in early March. The updated approach emphasises collaboration between the public sector, private sector, and international allies as crucial to securing the nation against cyber threats. The US national cybersecurity strategy aims to safeguard critical infrastructure, combat malicious threat actors, invest in digital security, and foster international partnerships. The plan also advocates transferring security responsibility to software companies and initiating more assertive campaigns against financially motivated and state-sponsored malicious activities. The strategy named China and Russia-backed attackers the biggest threat to US national security.
Almost one in every 20 employees has submitted sensitive company information into ChatGPT, according to a report. The use of large language models like ChatGPT by employees raises concerns about incorporating sensitive business data into the models. Data security service Cyberhaven detected and blocked requests from 4.2% of workers at client companies to input data into ChatGPT – mainly due to the risk of leaked confidential information. Examples include an executive using ChatGPT to create a presentation using a confidential strategy document and a doctor inputting patient health information. As the use of ChatGPT and similar AI-based tools grows, the risk of data breaches is likely to increase.
The aviation industry is reviewing updated cybersecurity requirements in network segmentation, access control, threat detection, and patching. The attempt to increase industry security comes as the Biden administration aims to strengthen critical infrastructure cyber defences. The aviation sector is also facing threats from emerging digital technologies, like 5G and smart devices. Employees in critical roles, such as pilots and air traffic controllers, have limited training in managing cyber incidents, while the threat surface has increased due to the digital transformation of air traffic management systems and airport functions. While details of the new cybersecurity requirements for the aviation sector remain unclear, they will require companies to keep up with hardware and software patches, strengthen access controls, and build redundancy into critical systems.
Mario Greco, CEO of Zurich Insurance, recently explained that cyberattacks are becoming uninsurable as the industry can no longer absorb losses caused by cybercrime. The biggest issue? Many companies do not use sufficient cyber protections, leaving them uninsurable. One of the most common issues is stolen employee credentials, which can provide attackers with the simplest route into corporate systems. Insurance veteran Gerry Kennedy and Julia O’Toole, CEO of MyCena Security Solutions, explain that practices such as network access segmentation and passwords encryption could make companies insurable again. O’Toole explains: “When it comes to the policy changes, insurers first need to realise the root of cybersecurity problems lie in the reliance of employee-generated passwords, which companies have no control over.” She adds: “The cyber insurance industry has been in a position of vulnerability for too many years now, but it doesn’t need to be this way. With stolen credentials being the most common way for criminals to infiltrate networks, access segmentation, and encryption are a simple and effective way for insurers to take control of the risks they cover.”
Ukraine has seen a threefold increase in cyber-attacks over the past year, with many of them originating from Russia. These attacks have sometimes been used in combination with missile strikes, according to Viktor Zhora, a leading figure in the country's SSSCIP agency. The attacks have often taken the form of destructive wiper malware and have been aimed at Ukraine's critical infrastructure. During a recent visit to the UK's National Cyber Security Centre, Zhora and Ukrainian colleagues discussed how to work together to tackle the Russian threat. A recent analysis by SSSCIP linked cyber-attacks on Ukraine's energy infrastructure last autumn to Russia's sustained bombing campaign, with the aim of causing maximum disruption to everyday life.
Popular social platform Reddit suffered a security incident in which unauthorized access was gained to internal documents, code, and some business systems. The attack was a result of a "sophisticated and highly-targeted phishing attack" on February 5, 2023, that targeted Reddit employees. The phishing attempt involved sending plausible-looking prompts that redirected to a website masquerading as Reddit's intranet portal to steal credentials and 2FA tokens. Although a single employee's credentials were phished, Reddit says there is no evidence that its production systems were breached or that users' non-public data was compromised. The company did reveal that limited contact information for hundreds of employees and advertisers was exposed.
