Feds focusing on wrong Investigation after a Member of the Legislative Assembly of Edmonton hacked the vaccine records of the province.
A Member of the Legislative Assembly of Edmonton came out and admitted that he hacked the vaccine records of the province. He breached the website and accessed the records to demonstrate how easy it was to get to the information. He initially attempted it because someone told him there was a weakness in the system. (CBC)
THOUGHTS: Well, the investigation by the RCMP cybercrimes unit is now investigating this individual. Although he should be investigate, to me, there should be more to this story. Why is no one investigating how easy it is to breach the vaccine records? I presume / hope, the incident response exercise digs deep to identify the root cause of this vulnerability and breach. Companies pay experts thousands of dollars to ethically hack their systems and help them find vulnerabilities. Did he tell anyone he would try the breach? Following this story closely to understand if more details emerge.
Last Tuesday, Microsoft confirmed they were hacked by ransomware group Lapsus$. They accessed the company internal systems, but allegedly did not access customer data. Microsoft’s cyber security response teams quickly engaged. Since this ransomware group previously attacked Nvidia (we discussed in earlier cyber weekly), their team identified the same patterns they used for previous attacks.
“Microsoft described Lapsus$ as having a sophisticated grasp of technology supply chains, understanding how to use one organization’s relationships or reliance on another to its advantage. In addition to tech, telecom and IT support firms, Lapsus$ has “also been observed targeting government entities, manufacturing, higher education, energy, retailers, and healthcare,” Microsoft said.” (CNN)
THOUGHTS: The ransomware groups are applying the same strategies to multiple large enterprises. That means, companies can predict an attack like Microsoft did. Not every business has the resources Microsoft has to defend and mitigate, but this is reassuring and gives companies hope to stop an attack before it gets out of control.
This ransomware group is said to have 7 members. It was just announced that one of them may be a 16 year old boy. (WindowsCentral)
The state-owned providers of postal services in Greece, ELTA, detected a ransomware attack last Sunday. Their services needed to remain offline. Their immediate response of isolating their entire data center helped mitigate the impact. They also found out how the cyber criminals got in.
“It’s IT teams have determined that the threat actors exploited an unpatched vulnerability to drop malware that allowed access to one workstation using an HTTPS reverse shell.”
They found out the attackers’ goal was to encrypt the critical infrastructure. ELTA cannot currently perform shipments and their team is trying to review over 2500 computers. (BleepingComputers)
THOUGHTS: When major critical infrastructures are hit, the whole country is affected. This is a great example. For those working in public sectors, this is really NOT the time to overlook cyber security.
The National Rifle Association in the US had to explain a financial discrepancy where they failed to report thousands of dollars in donations to the government. That is when the organization admitted that the ransomware group called “Grief,” attached them in October 2021. Around that time it was difficult for them to track donations. It doesn’t seem like we know the truth as to why there was a financial discrepancy, but the New York attorney general has sued to dissolve this organization for alleged financial misconduct. (Gizmodo)
THOUGHTS: This is a tricky one. Is the NRA being truthful about this attack?
A cyber security researcher was at a hotel in Qatar when he unexpectedly discovered a technical vulnerability exposing private information of hundreds of hotels and millions of guests worldwide. The information included 629 hotels across 40 countries in the Middle East and North Africa. Unfortunately, this danger goes beyond the personal information of the hotels and guests.
“It is not just guests’ personal information that is at risk. Mohsin said a hacker could use the vulnerability to access the guests’ computer and mobile devices, as well as the hotel’s security footage, ventilation systems, and electronic door locks.” (Aljazeera)
THOUGHTS: Luckily, it seems like no information was stolen. But in the future, I think hotels and other establishments offering common WIFI will be huge targets. Let’s see how this unfolds.
The best cyber security strategies also protect your company from employees. Unfortunately, the largest marketing and CRM platform, HubSpot, had an employee download information from 30 customers. Thankfully, it didn’t go further and they caught the perpetrator quickly. Those customers were notified and the employee has since been fired. (ThreatPost)
THOUGHTS: Everyone’s worst nightmare is an employee doing this to you. Limited access is one way to prevent this and having multi factor authentication sign-in to access very important data can also help.
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.