Skip to main content

Friday Five: A Ransomware Giant Dismantled, Corporate Data Protection, New Critical Infrastructure Security Measures

by Robbie Araiza on Friday February 23, 2024

Contact Us
Free Demo
Chat

While ransomware remains a persistent threat, yet another notable group was taken down this past week. Read about this encouraging development along with other top InfoSec stories in this week's Friday Five!

FBI, BRITISH AUTHORITIES SEIZE INFRASTRUCTURE OF LOCKBIT RANSOMWARE GROUP BY AJ VICENS

An international law enforcement operation dubbed "Operation Cronos" has disrupted the LockBit ransomware syndicate, one of the most widely used ransomware variants responsible for over $144 million in ransom payments, led by the FBI, the U.K.’s National Crime Agency, and global partners. The operation seized servers and took control of various infrastructure components used by LockBit, including a data-leaking site, file share service, communications server, and administrative panel. The FBI gained access to nearly 1,000 decryption keys, potentially allowing for the recovery of ongoing LockBit extortion operations. Two individuals were arrested in Poland and Ukraine, and sanctions were imposed on two Russian nationals, Artur Sungatov and Ivan Gennadievich Kondratyev, indicted for their alleged roles in facilitating LockBit attacks. The U.S. State Department is offering rewards for information related to LockBit leaders and participants in its ransomware activities.

Read more

REPORT: MANUFACTURING BEARS THE BRUNT OF INDUSTRIAL RANSOMWARE BY CHRISTIAN VASQUEZ

The manufacturing sector faced a significant surge in ransomware attacks, with over 900 incidents in 2023, marking a 50% increase from the previous year, according to a recent report. Out of 905 incidents tracked, a whopping 70% targeted the manufacturing industry. Rapid digitization without sufficient investment in IoT security contributes to the vulnerability of this sector. Researchers anticipate a rise in ransomware attacks on other industries, particularly water and wastewater, as they undergo digital transformation. LockBit emerged as the most-used ransomware variant, impacting 222 industrial organizations. The report highlights the need for improved cybersecurity measures, especially as industrial sectors become more reliant on digital infrastructure.

Read more

MISCONFIGURED CUSTOM SALESFORCE APPS EXPOSE CORPORATE DATA BY ROBERT LEMOS

Salesforce users with customized instances are warned of potential security vulnerabilities due to programming errors and misconfigurations in the Apex programming language. The Java-like tool, designed for enhancing Salesforce instances and creating apps, can reportedly result in data leaks, data corruption, or disruptions in business functions if used incorrectly. Researchers found instances where government organizations and companies exposed sensitive information, including phone numbers, addresses, SSNs, and credentials, due to such misconfigurations. Researchers recommend developers avoid the "without sharing" configuration, conduct security assessments of Apex software, and prioritize securing classes accessible to guest and external users.

Read more

US GOVT SHARES CYBERATTACK DEFENSE TIPS FOR WATER UTILITIES BY SERGIU GATLAN

The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and Environmental Protection Agency (EPA) have published a fact sheet outlining top defense measures for U.S. Water and Wastewater Systems (WWS) against cyberattacks. The measures include reducing exposure of assets to the internet, conducting cybersecurity assessments, changing default or insecure passwords, implementing multifactor authentication, creating inventories of assets, regularly backing up systems, patching known vulnerabilities, developing cybersecurity incident response plans, and providing annual cybersecurity awareness training. The guidance aims to enhance resilience and prevent cyber threats to critical water infrastructure, which has been increasingly targeted by malicious actors in recent years, raising concerns about public safety.

Read more

FCC TO VOTE ON AUTHORIZING CYBER LABELING RULES NEXT MONTH BY DAVID DIMOLFETTA

The Federal Communications Commission (FCC) plans to vote on a voluntary cybersecurity labeling program for Internet of Things (IoT) devices and consumer products with internet connectivity. As part of the Biden administration's initiative to label smart devices for cybersecurity, the program will assign a U.S. Cyber Trust Mark to devices meeting specific cybersecurity standards, similar to the ENERGY STAR label for energy efficiency. The label will include a QR code for users to access detailed security information, such as the product's minimum security support period and the manufacturer's update practices. The FCC aims to enhance consumer awareness and security for IoT products.

Read more

Tags:  Ransomware Data Protection Critical Infrastructure Compliance IoT

Recommended Resources

The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention

All the essential information you need about DLP in one eBook.

6 Cybersecurity Thought Leaders on Data Protection
6 Cybersecurity Thought Leaders on Data Protection

Expert views on the challenges of today & tomorrow.

Digital Guardian Technical Overview
Digital Guardian Technical Overview

The details on our platform architecture, how it works, and your deployment options.

Get the latest security insights
delivered to your inbox each week.