This cyber attack is going to cost more than $160 million & Chinese Cyber Intruders

Chinese Cyber Intruders "Embedded" within US Critical Infrastructure

‍

According to a report by the Microsoft Threat Intelligence team, China's "Volt Typhoon" group has been quietly infiltrating the US's critical infrastructure with the goal of creating widespread disruption. The group maintains a low profile by employing stealthy movement, fileless malware, and legitimate employee credentials to avoid detection, occasionally using proxies on compromised systems. They've also created a network of compromised home and office routers, making their activities seem legitimate. Despite China's denial, both Microsoft and Cisco believe this campaign is one of the largest targeting US infrastructure. Analysts warn of the strategic implications, urging stronger US responses to cyber threats. (cpomagazine)

‍

My thoughts: This is terrifying. We have been hearing for several years now. Cyber warfare is a very real threat and can cause widespread damage without spending billions of dollars in ammunition. If countries target US infrastructure and other leading and developed countries, the damage could be costly and of course deadly. Curious why this does not get more visibility on the mainstream news?

‍

$160 Million Loss for CommonSpirit Health after Ransomware

‍

Nonprofit hospital chain CommonSpirit Health has revealed that a ransomware attack in October 2022 cost the company $160 million dollars; $10 million more than initially estimated. The attack forced the company to disable its systems, affecting over 100 facilities nationwide and exposing the personal data of over 623,700 patients. Forensic investigations disclosed that hackers first got unauthorized accessed to CommonSpirit's network on September 16, 2022. The company now faces two class-action lawsuits, accusing it of negligence and inadequate cybersecurity measures, leading to the breach of confidential information. (cshub)

‍

My thoughts: Those are just the beginning of the costs. If they lose those class action lawsuits, they’re looking at least several more million dollars in losses. The subsequent damage and reputation backlash is unquantifiable. Cyber security is no joke.

‍

Organizations' Data Compromised Through Zero-Day Vulnerability in MOVEit Transfer Software

‍

A critical zero-day vulnerability in Progress Software's MOVEit Transfer product has been exploited to hack into organizations and steal data. The SQL injection vulnerability allows unauthenticated attackers to access and alter MOVEit Transfer databases. Progress Software has issued an advisory, providing patches for updated versions to remedy the security gap, and stressing the importance of patching. Cyber security firms reported mass exploitation of this vulnerability began around May 28. This exploit has been used to steal valuable data, suggesting the possibility of a ransomware or extortion group's involvement. Major organizations, including the US Department of Homeland Security, have been affected by this vulnerability. (securityweek)

‍

My thoughts: Make sure to have a solution that scans and identifies unauthorized parties and systems in your network. It’s the best way to act on a situation you might not be privy to.

‍

Proposed Legislation Seeks to Enhance Cyber security Collaboration Between U.S. and Abraham Accords Countries

‍

A bipartisan bill, the Abraham Accords Cybersecurity Cooperation Act of 2023, is being introduced by U.S. senators to enhance cyber security collaboration between the Department of Homeland Security and Abraham Accords nations (Israel, United Arab Emirates, Bahrain, and Morocco). The bill aims to fortify defenses against shared cyber threats, primarily from Iran and other hostile actors. It will authorize information-sharing, provide technical assistance for cybersecurity incidents, and facilitate joint cyber security training and exercises, thereby strengthening collective cybersecurity defenses and regional security. (axios)

‍

My thoughts: I think this is positive and a good way to start combatting cyber attacks and threats in general. Cybersecurity requires many parties to come together in order to properly defend against bad actors. It really takes society as a whole to work together and help each other.

‍

‍