Did the Uber CISO get off easy & $1.1 million in taxpayer money, GONE

Thanks to all 16,710 subscribers. It really takes a community to fight against cyberattacks. Help us with our mission of helping 100,000 organizations become cyber-resilient by sharing this newsletter with your network!

‍

In this week's Cyber Weekly:

1. Did former Uber CISO get off easy?
2. The vicious cycle of third-party breaches
3. City of Dallas breach - what does it mean?
4. This is where your taxpayer money is going
5. An offer you might like...

1.CISO gets off easy?

‍

Former Uber CISO, Joseph Sullivan, was sentenced a 3-year probation for covering up one of the drive-sharing apps’ data breaches that exposed the data of more than 50 million users. The former Uber employer previously worked for the US Attorney’s Office, eBay, PayPal and Facebook. When he started working for the Uber in 2016, the company was under investigation for a 2014 data breach. On Nov 6, 2016, he made a statement about their data security including the steps Uber took to keep customer data safe. Ten days after that testimony, Uber was breached again. Sullivan almost immediately knew that Uber did not take proper security measures. (ktvu)

‍

My thoughts: There are two angles with the case. First, a “white-collar” crime once again gets less severe consequences. Second, it seems like Sullivan didn’t want to get in trouble for the second breach – right after giving a testimony. It seems like he covered for a company that didn’t give him all the information.

‍

‍

2.The GoAnywhere breach strikes again

‍

Weeks ago, we reported that GoAnywhere File Transfer service was hacked. As a result, many of their customers were also affected, including Hitachi and Proctor and Gamble. This is the definition of a third-party breach. A company gets hacked and their customers are affected. The GoAnywhere breach is still affecting businesses. It was just confirmed that Toronto-based Mackensive Investments was also compromised because their vendor InvestorCOM used GoAnywhere File Transfer Services. (ctvnews)

‍

My thoughts: The GoAnywhere breach exemplifies the severe ripple effect of ONE cyber attack. This is just ONE cyber attack. But we’ve all heard the stat, indicating data breaches happen every 39 seconds.

‍

‍

3. Is the city of Dallas a test?

‍

The city of Dallas is still scrambling after a ransomware attack. Their website and some of their services were taken down last week. The ransom amount has yet to be revealed and it is not confirmed if they plan on paying the ransom.

‍

“Computer dispatch was still down in the Dallas 911 call center. Police and firefighters were sent to calls by radio using paper and pencil for addresses.

‍

Code enforcement and other non-emergency response to 311 calls were delayed.

‍

City water bill payments were impacted.” (nbcdfw)

‍

My thoughts: In recent months, there have been quite a few cities and municipalities that were hit with ransomware, but this is the first time I hear it actually taking down services. I’m wondering if the cyber criminals are trying a new type attack in order to then use it to take down larger organizations.

‍

‍

4. $1.1 million in taxpayer money is gone

‍

In 2022, nearly half of state and local government hit by ransomware paid the hackers. A lot of taxpayer dollars are driving criminal activity. In the latest attacks, a cyber attack crippled the computer systems of San Bernadino County Sheriff’s Department. Although their insurance helped pay for the ransom of $1.1 million, the department still had to pay over $500,000 which of course comes from taxpayer dollars. Citizens are rightfully asking “what exactly did this pay for?” (LAtimes)

‍

My thoughts: We all know municipalities are often “strapped” for cash so coming up with 500K is never easy. It is ironic how they were able to come up with half a million dollars after being attacked! This is a sad reality we often hear, “Protecting our organization or employing cyber security is too expensive.” I wish there were stats on whether organizations get cyber security after getting hacked.

‍

5. Have you heard?

‍

To cap off this month's Cyber Weekly, I wanted to highlight my excitement about one of our newly onboarded vendors, Abnormal Security. The reason why Assurance IT decided to make this strategic investment with Abnormal was due to their platform's effectiveness at significantly mitigating losses related to business/ vendor email compromise by leveraging advanced user behaviour profiling and behavioural data science.

‍

Abnormal offers a free non-invasion, minimal-overhead, Email Risk Assessment which highlights the residual risk that is bypassing an organization's existing email security controls. If you'd like to learn more about Abnormal and their free Risk Assessment, please send me a direct message and say ABNORMAL. We can discuss in further detail.

‍