One of the UK’s most prestigious newspapers has spent weeks trying to recover from a major security incident. Security staff at the Guardian newspaper have been working since mid-December when the breach was found. Since then, the Guardian Media Group’s chief executive, Anna Bateson, has confirmed that they suffered a ransomware attack which stole staff data and took critical services offline. Bateson also explained that the breach was probably caused by stolen credentials from a phishing attack, allowing unauthorised access to specific sections of the Guardian network. While news production was unaffected, staff are still anxiously awaiting investigations into where their personal data may have ended up.
The year 2022 was a landmark year for data breaches, and companies could face the same trajectory in 2023 if they overlook corporate network access. In an article for Strategic Risk Europe, MyCena CEO Julia O’Toole presents attacks at Uber, Optus and Medibank as a cautionary tale. She notes the perils of employees having the keys to an organisation’s most valuable assets, and the human error involved in phishing attacks. For 2023 and beyond, organisations should reassess how employees can access their networks.
For many years, companies and organisations around the world have come to rely on cyber insurance as a financial safety net. Should a company suffer an attack that impacts finances, they could claim on their cyber insurance policy. However, recent developments have left companies wondering about the extent of their protection. This comes as Lloyd’s of London, a popular insurer, has removed nation-state attacks from their coverage – with more exclusions on the way. This leaves many companies wondering what attacks are covered, and what aren’t. In a recent article, Julia O’Toole, CEO of MyCena Security Solutions, and Gerry, CEO of Observatory Strategic Management, discussed how password security and access control will be key to any future insurance claims. Should a company fail to provide the correct protections, they may not be covered.
In a recent report from Deloitte and the Manufacturers Alliance for Productivity and Innovation, cybersecurity has been named as the top threat to the food and beverage sector. The report also singles out cybersecurity as the key issue for smart factories. These factories, which rely on connectivity, IoT devices and productivity tools, can work quicker and produce goods faster than traditional factories – but are also more open to cyber-attacks. With many cyber criminals targeting key supply chain industries, this report highlights the potential for further threats. To mitigate attacks, it says, factories should address weak passwords, access controls and outdated security tools.
The Finance Department of California has been hit by a ransomware attack. The breach, confirmed on 12 December by the Cybersecurity Integration Center (Cal-CSIC), is one of the latest in a trend of attacks targeting government institutions and critical industries. Within hours, the attack was claimed by Russian-backed ransomware gang LockBit. In a blog post claiming responsibility, LockBit said they had accessed various networks and servers, stealing sensitive personal and legal data totalling 76GB. LockBit initially gave the Finance Department until 24 December to pay a ransom before they will begin to leak data.
Researchers have taken down an established DDoS botnet by accident. The security team from Akamai made the breakthrough by mistake when analysing threats, according to a report. Members of the Akamai Security Intelligence Response Team (SIRT) were analysing the KmsdBot malware behind the botnet, which was using infected devices to mine for cryptocurrency and target web servers with DDoS attacks. SIRT were able to study the malware as it had infected one of their honeypot servers. While investigating, SIRT sent commands to the bot to test its capabilities – accidentally creating a syntax error that took the entire botnet offline.
