2022 Week 10 - 12 News Roundup

Summary

Sorry for the delay.  Work, life, and school got in the way.  

As expected, most of the news can be wrapped around the growing war between Russia and Ukraine.  There is growing fear of either intentional or unintentional escalation in the cyber world outside those two countries.

News

SLTT

Several state and local governments were targeted by a Chinese government-backed hacking gang.  The breaches occurred in at least 6 different states in The United States.  It appears that the group used the Log4J (i.e. LogJam) vulnerability.    

Western Australia announced it will invest $25.5 million AU to expand state cybersecurity.  

New Mexico in the United States (U.S.) appointed its first senior advisor for cybersecurity and critical infrastructure.  Annie Winterfield Manriquez will work with stakeholders across the government and private sectors to strengthen standards and best practices.  
Heriot-Watt University in Scotland is in its 2nd week of a "security incident" that is now confirmed to be a cyber attack.  There is still little knowledge about what kind of attacker or what tools were used.

General Infrastructure

The U.S. Federal Bureau of Investigation (FBI) says that at least 649 organizations involved in critical infrastructure were victims of ransomware in 2021.   The report outlined that the top 3 gangs responsible were CONTI, LockBit, and REvil.  
In another advisory, they are warning specifically about currently ongoing attacks against the same targets. 



The White House and UK agencies ALSO sent out messages that they have seen signs that Russia has started working on plans to launch cyberattacks against infrastructure in retaliation for operations in support of Ukraine.

Power

A Kansas (USA) power plant was one of many targets of a Russian spy agency.  The operation was part of a large-scale international operation with the goal of seizing control over the critical infrastructure in the U.S.  The 3 agents are facing several federal charges including computer fraud, wire fraud, identity theft, and causing damage to the property of an energy facility.  

Delta Electronics Energy Management System has several flaws patched.  the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory that outlines 30 security holes.  Some were fixed in September with others patched this week.

CISA advisory

 

The FBI is warning of a growing interest in us energy firms by Russian hackers.  The advisory was short on details but said that at least 5 energy and 18 other companies were scanned for vulnerabilities.


Healthcare

1 million or more Texans have been affected by a data breach of a dental provider.  Jefferson Dental and Orthodontics reported that they have had a data breach that affected their 72 offices.  The loss included such information as Social Security numbers, drivers license numbers, health insurance information and other financial information.  

Legislative actions 

Utah has a new privacy law on the books that seek to protect the personal data of its citizens.  The Utah Consumer Privacy Act will take effect on December 31 2023 and apply to organizations with annual revenue of over $25m US.  

With the signing of the spending bill, the US Cyber Incident Reporting Act went into effect.  This law will require companies involved in 16 industry sectors to report breaches to CISA within 72 hours of it being detected and 24 hours of any payments.

Jobs

Tulsa University is looking for an Identity Access Management Engineer.

Comments

Popular posts from this blog

2021 Week 11 Security Roundup

2021 Weeks 32-40 Security Roundup

2021 Week 29 Security Review