Tenchi Security’s Post

ICYMI on INDUSTRY NEWS: State actor blamed for cyberattack on B.C. government systems The head of B.C.'s public service recently revealed that the government faced three cyberattack attempts in the past month, suspected to be orchestrated by a foreign state or state-sponsored actor. While investigations are ongoing, officials assured the public that no sensitive data, like health information, was compromised, and there have been no ransom demands. This incident stresses the critical need for robust cybersecurity measures, especially as cyber threats become increasingly sophisticated and frequent. Cybersecurity and risk assessment management are vital not only for government and public entities but also for private organizations. Collaboration between public and private organizations is essential to developing effective security protocols and responding swiftly to cyber threats. By working together, we can enhance cybersecurity resilience and protect against evolving cyber risks, ultimately safeguarding both public and private interests in the digital age. #cybersecurity #BC #CCCS #riskmanagement #digitalgovernment https://lnkd.in/eGtzgft5

#ICYMI - This week's cybersecurity news State-Sponsored Cyberattack on B.C. Government: The B.C. government has confirmed that a sophisticated cyberattack on its networks was likely orchestrated by a state or state-sponsored actor. Initial signs of intrusion were detected on April 10, 2024, and subsequently reported to the Canadian Centre for Cyber Security. Key details include: ❌ Three separate attempts to breach the government's systems were identified, with the most recent occurring on May 6, 2024. ❌ No sensitive or personal data has been reported as compromised. ❌ The attackers used advanced methods to cover their tracks, complicating the investigation. In response, the B.C. government has collaborated with Microsoft's Detection and Response Team (DART) and the Canadian Centre for Cyber Security to mitigate the threat and strengthen defenses. Public Safety Minister Mike Farnworth assured that steps are being taken to secure the systems and review the incident thoroughly Stay updated and secure! 💻🔐 Link for more info: https://lnkd.in/gBDVqzws #CyberSecurity #StateActor #BreachResponse #WiCysOntario #WiCys #Canada #WomeinCyber

To quote Jacob Horne, "that's a spicy meatball." CISA's proposed cyber incident reporting rule is significant, to say the least. By its own estimates, CISA expects the proposed rule, which will require large businesses and critical infrastructure entities to report cyber incidents to the federal government within 72 hours and ransomware payments within 24 hours, to impact more than 316,000 entities and cost over $2.6 billion over the course of a decade. Beth Burgin Waller and I put together an overview of key provisions contained in the sprawling 447-page proposed rule. There is still much to be unpacked. The proposed rule is expected to be formally published on April 4 followed by a 60-day comment period. I expect those comments to be a fun read. https://lnkd.in/gqk44-3F

What we already knew the cyber challenge for UK plc. with telling insight from the UK Government Dept, this report from the Department for Science, Innovation, and Technology (DSIT) within the UK Government sheds light on troubling statistics regarding the adoption of cybersecurity practices by businesses,. Look away if you do not want to know the results. Here are three appalling stats from the report: "Only 22 percent of 2,000 businesses have a formal incident response plan in place, which has "astounded" experts." "Businesses will always have a plan in case of a fire, but will not apply the same due care for a data breach – which is statistically much more likely. It flies in the face of common sense." In most cases (68 percent), organisations don't deem the incidents significant enough to report to anyone. The final point made by this report states "Awareness of the information campaigns run by the NCSC has also been in continued decline for the past two to three years". The opportunity and the challenge. #protectyourprivacy #cyberawareness https://lnkd.in/gchsuJdD

"Workers told to change passwords" Given the vast numbers of articles routinely reporting cyber incidents, it's easy to blink and miss the outdated security advice and its associated implications. For instance, vague reports of state-sponsored attacks are nothing new, but the steps taken to remediate the situation can tell a lot about an organization or agency's #risk maturity. Based on the above quote, one could derive 3 quick - albeit inconclusive - conclusions: > What passes for security "best practices" these days instructs system administrators to "force a change if there is evidence of compromise". That is, not allow users to change their passwords when they get around to it.. >29 years after the invention of #multifactor authentication companies and government agencies still depend on single factor technologies. >8 years after #NIST indicated that regular #password changes are no longer recommended as an effective #security control, it is still considered a "best practice". Despite strong indication that state #cyber actors are routinely poking around government systems, the public is still not presented with evidence to substantiate efforts at attributing #attacks to specific countries or regimes, preferring instead to let the media speculate about the identities of the usual suspects.

We've recently seen several attacks by Chinese threat actors on US telecom companies, with an unnamed entity being number nine. 🛠️ As a nation, what can we do to ensure these private organizations set a foundation for bolstering our critical infrastructure security? --->📝 Establishing industry regulations that mandate basic cyber practices will move the needle, but I think we can all agree that compliance does not mean you're secure. For the many industries that fall into the realm of critical infrastructure, maybe it's time that we look at holding these organizations accountable. 🙋 How can we protect ourselves as individual users of these telecom services? --->📱Many people have the mindset of "Who cares if they see my texts about picking up the Christmas ham?" --->💳 Let me pose this in a different light. What about that time your spouse was filling out a form and needed your SSN or credit card number? You were in the middle of a meeting and sent it out of convenience. --->🔏 If your conversation wasn't protected by end-to-end encryption, you should care about this! There are many things you can do to help educate and protect your family. An easy way to help protect your "Christmas ham" texts is by using apps like Signal that use end-to-end encryption. What are your thoughts? How do you prioritize your privacy?

The more details that emerge about the Salt Typhoon incident, the more alarming its impact on the nation's telecommunications infrastructure becomes. All major carriers (AT&T,Lumen Technologies, T-Mobile, Verizon, etc.) are among those affected, and even today, there is uncertainty about whether the hackers have been fully removed from the telecom networks or if they still have access to sensitive systems and records. Senator Mark Warner, Chairman of the Senate Intelligence Committee, described the attack as “the largest telecommunications hack in U.S. history – by far" dwarfing previous cyber incidents like Colonial Pipeline and SolarWinds. According to Warner, the only way to regain full security is through a massive overhaul: replacing tens of thousands of outdated switches and routers that form the backbone of these carrier networks. The threat actor, Salt Typhoon, underscores a critical truth: cybersecurity is not a “set it and forget it” operation. It is a continuous process of vigilance, adaptation, and improvement. Unfortunately, many organizations, including, evidently, telecom networks, fall short in making the necessary investments to maintain this posture. #SaltTyphoon #CyberSecurity #RiskManagement

🚨 Municipal Attack Alert: Macon-Bibb County Network Temporarily Disabled 🚨   Macon-Bibb County's quick disconnect of their network this weekend highlights the ongoing challenge of cyber threats facing municipalities. Here’s the latest:   ▪ Proactive Measures: Immediately after detecting unauthorized access, county officials took the network offline, impacting essential communications like email and phones.   ▪ Collaborative Investigation: The county is actively working with state and federal authorities to evaluate the breach and enhance future defenses.   ▪ Transparent Communication: The county has been open about the security measures being implemented, although it remains unclear if this was a ransomware attack similar to recent cases.   ▪ Federal Advice: Consistent with federal guidelines, local governments are discouraged from making ransom payments, as these do not assure the recovery or security of data.   For those of us in IT and cybersecurity, this scenario underscores the crucial need for robust incident response plans and strong inter-agency cooperation to effectively counter and recover from cyberattacks. Preparing our networks to handle such disruptions can make a significant difference in operational continuity and security.   Source: StateScoop   #BreachAlert #Ransomware #DataBreach #CybersecurityNews #Cybersecurity   https://lnkd.in/ePvAms-y

🔒🚨 Excited IT pros and cybersecurity whizzes, gather around! 🤓💻 In a plot twist that has us all on the edge of our seats, the largest trial court in the U.S., Los Angeles County Superior Court, was hit with a wicked ransomware attack! 😱💥 Here's the scoop: - All 36 courthouses shut their doors following this unprecedented cyber siege over the weekend. Talk about a digital lockdown! 🔒🔑 - In the era of remote proceedings and digital documentation, this breach is a stark reminder of the cyber threats lurking just a click away. 😳🖱️ - If the big dogs like LA County Court can fall victim, no one is safe! Time to armor up, folks. 💪🛡️ Insightful takeaways: - This brazen attack underscores the critical need for robust cybersecurity measures across all sectors. No room for complacency! 🚫🛡️ - With the rise of ransomware attacks on public institutions, is your organization next in line for a digital heist? Better safe than sorry! 🔒💼 - Let's harness this wake-up call to fortify our defense mechanisms, stay vigilant, and outsmart the cyber evildoers at their own game! 🕵️♂️🔐 Predictions and reflections: - As the tech landscape evolves, cyber threats will only grow in sophistication and scale. Adaptation and innovation are our best weapons! 💡🌐 - Remember the mantra: prevention is the best cure. Proactive measures today can save you from a world of hurt tomorrow! 🛡️🔍 Let's discuss, strategize, and gear up for the cybersecurity battles ahead! Your move, cyber villains. ⚔️💻 #ainews #automatorsolutions 👉 Do you think we'll see more high-profile ransomware attacks in the near future? Sound off in the comments! 🗣️💬 #CyberSecurityAINews ----- Original Publish Date: 2024-07-22 10:26

Merchants aren't equipped to defeat pirates. In one instance, the spies broke into an admin account that then gave them access to more than 100,000 routers, she added. "So, when the Chinese compromised that account, they gained that kind of broad access across the network," Neuberger said. "That's not meaningful cybersecurity to defend against a nation-state actor." Following the intrusion, the White House emphasized the inadequacy of voluntary cybersecurity measures against nation-state threats. The Federal Communications Commission (FCC) launched a public rule proposal requiring basic cybersecurity practices for telecom carriers. The commissioners are expected to vote on the rule by January 15. https://lnkd.in/g-ADQH_3 https://lnkd.in/gWVfFSYt #cybersecurity