June 2024 News & Tips | Supply Chain Hits, IoT Security

June 2024 News & Tips | Supply Chain Hits, IoT Security

Welcome back to the monthly TCE Strategy newsletter! A chain is as strong as its weakest link. A supply chain is no different. From car dealerships to Kaspersky users, we have a lot to talk about this month. Let’s see how this month’s cybersecurity news can help us make better decisions about what is Secure Enough for us, the companies we work for, and our families.

Month's Cyber News in Review

Supply chain hits are taking down companies in several sectors

It’s hard to understand how much you need something until it’s gone. We assume that things we have always had access to will be there in the future. We don’t think about the natural gas supply until it stops flowing. We rarely think about sewers, but if they back up it will likely be the most serious problem to solve in your home. Companies have similar supply chain needs. For example, car dealerships have software packages that help them sell cars, order parts, schedule service visits, etc. One of the most popular is from a company called CDK Global, and it is used by 15,000 dealerships in the USA. CDK’s software has been down for the bulk of June as a result of two separate cybersecurity attacks (at least one of them being a ransomware attack), and it is causing genuine disarray at car dealerships around the globe. I’ve spoken with friends of mine that work at dealerships. It’s ugly, and it’s making national news far outside of cybersecurity circles. They can’t order parts. They can only make schedules for service with pen and paper. They can’t get paperwork to register license plates for new cars. I wonder what these dealerships’ contracts with CDK Global say about the availability of their service? I wonder how well the two lawsuits that have already been filed against CDK will go? In the literal definition of irony, CDK Global sells cybersecurity products to dealerships to “stop cyberattacks in their tracks.” If I were to sue them, a screenshot of that website would be in my opening arguments.

Other companies use services to help them manage their data. Often 3rd party companies have special tools to help other companies find sales opportunities, become more efficient, and to better service their customers. If your company uses a service like this, be careful which company you choose and what your contract with that company says about their liability if they lose your data. Snowflake is a company that specializes in these kinds of services. Apparently, Snowflake does not specialize in cybersecurity, as their platform did not support MFA (I've written a little more in-depth about the importance of MFA in this newsletter article). Snowflake has not released details about the breach, but several news sources are stating that Snowflake outsourced their software development to a company called EPAM, and that an EPAM developer was hit with a virus that somehow led them to several customer usernames/passwords of the Snowflake system. Then there appear to be other attackers that are simply trying credential stuffing attacks to guess customers’ credentials into Snowflake data sources, and some of these are successful. MFA would have stopped this whole thing in its tracks. 165 Snowflake customers have been breached, including Ticketmaster (540 million records) and Advanced Auto Parts (79 million records).

Finally, Kaspersky is a well-known antivirus software company, and has had previous accusations of being used as a tool by the Russian government to hack USA targets. Several days ago, the US government banned the sale of Kaspersky in the USA. This is a very significant move by the U.S. Government. My guess is that this is being done in the hopes of Kaspersky not being used in a supply-chain-style attack against targets of interest to the Russian government. 

Finally, some good news!

It’s hard for consumers to know if something is honestly safe to buy or use. There are lots of areas where we have assistance with this as a society: we have access to crash test scores on cars and can choose to let that influence our buying decisions. We have USDA labels on food products that demonstrate that the food in question is unlikely to make you sick. The FAA has succeeded in making commercial aviation the safest means of transportation on the planet. We may have something to start moving in that direction for Internet-connected consumer electronics. Best Buy and Amazon are moving to opt-in to the “U.S. Cyber Trust Mark” program, which is designed to give consumers information about the safety of an Internet-connected device they own or are considering purchasing. This could be a very good thing for consumers. One downside: the mark has a QR code on it that takes you to a website with security information about that product. That is a perfect attack vector for a cybercriminal to make fake “U.S. Cyber Trust Mark” stickers that take people to a malicious website. Time will tell. Until next month, stay safe!

Upcoming Speaking Events

Here is a list of the cities that I will be in over the next few months. Please reach out if you have an event in mind!

July 2-3, Brainerd, MN

August 1-6, Denver, CO

September 10-11, Tallahassee, FL

October 7-8, Brainerd, MN

October 9-11, Cheyenne, WY

October 15-17, Ponte Vedra Beach, FL

December 2-6, Key West, FL

TCE Strategy in the News

Thank you to John Croman and KARE11 for the opportunity to be interviewed about the Ticketmaster breach.

Cybersecurity Tip of the Month

Social Media Awareness During the Summer/Travel Season

As you travel for the summer holidays, embark on summer adventures, and spend more time away from home while the weather is warmer, there are some things you can put into practice while using social media to make sure the things you share with others don’t put you, your home, or your belongings at risk:  

1) Limit posting. Avoid posting your travel plans and, if possible, hold off on posting photos and updates until after you return to your home. This goes for events that are in-town as well. It only takes a few minutes to burglarize a home.  

2) Avoid geotagging your location. Social media platforms often offer this option when users post status updates or photos. It’s best to decline. You can also turn off the geolocation feature on your smartphone and tablet.  

3) Check your privacy settings. You can limit a post’s exposure by setting limits on who can view your profile and updates. For example, in Facebook you can select for your posts to be visible to “Friends”, “Public”, “Me Only”, or “Custom”. You can also choose to have to approve things that friends and family might post to your timeline.  

4) Don’t post your address online. While most of us would not blatantly post our home address online, you should avoid posting photos of the exterior of your house or of your neighborhood that could include things like house numbers, street signs, or unique decorations that could give away the location of your home.  

5) Unplug! Enjoy your time with friends and family this summer and limit your exposure to cybercriminals skimming social media by taking a break from it when you can.




To view or add a comment, sign in

More articles by Bryce Austin, CISM

Insights from the community

Others also viewed

Explore topics