Friday Five 9/4
Owning an "OG" email account, lessons from the Garmin ransomware attack, and Emotet's new 'Red Dawn' attachment - catch up on the week’s news with the Friday Five.
1. Gartner expects more CEOs to be personally liable for cyber-physical security incidents by Asha Barbaschow
Gartner predicts that by 2024 the liability for failing to protect systems from cyber incidents will fall directly on most CEOs. The theory is that regulators and governments are going to increasingly crackdown on data incidents and that pushing personal liability onto CEOs will incentivize the decision-makers at companies to better secure data. It’s unlikely that insurance policies will cover the massive expense of cyber-physical systems (CPS) attacks, which Gartner predicts to hit 50 billion by 2023. If this prediction comes to pass, it could significantly change the incentive structure for protecting data within a company and likely lead to more spending on cybersecurity to cover liability. It’s also part of a larger trend of trying to regulate large corporations into working for the public benefit by putting liability on executives, as there have been similar efforts to put the liability on investment bank executives to try to reduce risky financial behavior.
2. The Joys of Owning an 'OG' Email Account by Brian Krebs
An OG email is an email that is short and desirable, from the early years of the various email providers. Brian Krebs, who owns one of these accounts, wrote about the unintended joys and consequences of owning such an email. Some are obvious: he gets an enormous amount of spam. Others are more concerning, many people put his email as a joke for their secondary email, thus inadvertently giving Krebs access to their accounts. His email has been used by numerous strangers when signing up for services as odd as pet food accounts - though it can be argued some damage could still be done with a large order - and as serious as bank and web hosting accounts. Until recently, Krebs’ account had been, “receiving the monthly statements intended for an older gentleman in India who had the bright idea of using my Gmail account to manage his substantial retirement holdings.” Because Krebs' account name has a hacker term in it, he’s constantly receiving requests to hack people. Despite the more humorous aspects of owning an OG account, the article’s main purpose is to caution against using an OG email that you do not own (as a joke or throwaway email) as it can have serious unintended consequences.
3. 8 lessons from the Garmin ransomware attack by John P. Mello Jr.
A number of cybersecurity experts reflected on the recent ransomware attack that shut down technology company Garmin’s system for five days in July. The main takeaways from the experts were that ransomware can affect any organization, regardless of size, and that though it is ultimately not the best policy to pay the ransom, they understand why about 70 percent of companies end up paying. The experts noted the carefully timed nature of the attack and the reality that attacks that affect customer operations are the most effective, as frustrated customers pressure the company into paying. Further, a lack of transparency within a corporate infrastructure can give attackers cover to launch an attack, and that most corporations lacking a playbook for a ransomware attack exasperates the problem. Finally, the experts noted that human error is an enabler of ransomware attacks and that so far, sanctions have proven ineffective in preventing payments. As one of the most significant cyberattacks of the summer so far, it’s valuable to learn lessons from it in the hope of reducing the effectiveness of attacks in the future.
4. Google-Facebook ditch plans to dock giant data cable in Hong Kong by BBC News
Google and Facebook have ditched plans for an underwater data cable between Los Angeles and Hong Kong after the US government expressed fears that China could steal data from it. This is despite the fact that the 8000-mile cable has already been laid. Instead, new plans only mention links to Taiwan and the Philippines. The announcement is the latest escalation between the USA and China, the outcome of a colder relationship between the two nations that's increasingly spilled into the cybersecurity and tech world. Despite the US government being relatively quiet on Chinese intervention in Hong Kong, the decision is an implicit acknowledgment of China’s increasing influence in the city-state. Some experts feel that the US is shooting itself in the foot with the move, as the original plan intended to encourage US tech firms to open offices in Hong Kong to gain more Asian customers. However, the scrapping of the cable will surly disincentivize investment from US firms.
5. Emotet malware's new 'Red Dawn' attachment is just as dangerous by Lawrence Adams
Emotet returned last month and its latest trick is just as dangerous as ever. The malware attaches to spam emails as a Word (.doc) attachment or a link to download. These spam emails pretend to be shipping information, invoices, resumes, financial documents, scanned documents, and COVID-19 information. Emotet has been using a document template that tells users that the document cannot be properly viewed unless the 'Enable Content' button is clicked. If a user clicks enable, it downloads the malware. The malware is being called Red Dawn because of its red accent colors. Emotet is considered the most widely spread malware targeting users today and is especially harmful as it installs other dangerous malware such as Trickbot and QBot onto a victim's computer. It is vital to recognize the malicious document templates used by Emotet so that you don't accidentally become infected.
The Definitive Guide to DLP
- The seven trends that have made DLP hot again
- How to determine the right approach for your organization
- Making the business case to executives
The Definitive Guide to Data Classification
- Why Data Classification is Foundational
- How to Classify Your Data
- Selling Data Classification to the Business