Cyber security update, January

Despite 2023 ushering in cutting-edge technologies like AI, the cyber security landscape painted a starkly contrasting picture. Companies across diverse industries faced a chilling wave of high-profile hacks, ransomware attacks, and exposed personal identifiable information (PII) vulnerabilities. This surge in cyber-crime serves as a potent reminder: malicious actors operate relentlessly, 24/7, 365 days a year.

In our monthly "Cyber threat bulletin", we aim to equip businesses with the, latest breaches, knowledge and insights necessary to bolster their digital defenses and prepare for the ever-evolving threats lurking in the digital shadows.

Latest security breaches

The personal details of over two million Japanese insurance policy holders have been exposed after attacks on insurance companies Aflac and Zurich. It’s thought the breach occurred when a file transfer vulnerability on a third-party contractor in the US was exploited. It’s unclear if the two attacks are related.

Twitter is being investigated by Ireland's Data Protection Commission (DPC) after a hacker claimed to have stolen the private details of over 400 million accounts. The DPC is looking into whether Twitter was in full compliance with EU data protection laws. The accounts include high-profile users such as US Congresswoman Alexandria Ocasio-Cortez and presenter Piers Morgan.

Almost one million users of Norton Password Manager are being urged to change their passwords after Gen Digital, formerly Symantec Corporation, became aware of a security “incident” in December.

T-Mobile has suffered its second major breach in two years after around 37 million customer records were compromised in a credential stuffing attack. Stolen details include customers’ names, addresses and dates of birth.

Cyber security awareness

According to the UK's National Cyber Security Centre (NCSC), the near-term impact of AI on the cyber-threat assessment, concludes that AI is already being used in malicious cyber-activity and will almost certainly increase the volume and impact of cyber-attacks – including ransomware – in the near term.

According to a study by Veeam, 92% of organizations will increase 2024 data protection spend, to achieve cyber-resilience amidst continued threats of ransomware and cyberattacks.

Reflections on the state of cyber security from Davos 2024: Cyber-insecurity remains prominently among the top risks in the 2024 edition of the World Economic Forum’s Global Risks Report 2024, both over the two and 10-year time horizon.

2024 will be the year of deception, Charles Henderson, Global Head, IBM X-Force predicts. 2024 is going to be a busy year for cyber-criminals amid ongoing geopolitical tensions, major elections in the U.S. and European Union and the biggest sporting event in the world (Paris Olympics) all taking place within a few months of each other. It’s a perfect storm of events that’s going to see disinformation campaigns on a whole new level.

Cyber security intelligence

US federal authorities have warned that criminals are using business email compromise (BEC) techniques to steal large shipments of food and ingredients. Although BEC is more typically used to steal money by deceiving company employees the FBI warns the technique is being used to steal food products.

The Iranian government was behind an advanced persistent threat activity on US federal organisation. According to a joint cyber security advisory from the US government, hackers exploited the Log4Shell vulnerability to compromise the federal network and deploy a crypto miner and credential harvester.

The FBI has warned that pro-Russian hacktivists are using DDoS attacks on critical national infrastructure (CNI) to support the invasion of Ukraine, albeit with limited success. The private industry notification provides advice to CNI companies on how to stay secure.

Hot topic of the month

Over the past 20 years the most common web vulnerabilities have hardly changed, with social engineering being the most common attack vector. Last year, targeted phishing attacks were responsible for exposing brands including Dropbox, Marriott International and Uber – and 2023 is expected to bring more of the same.

Phishing has evolved from easy-to-spot ‘419’ advanced-fee scam emails that contained basic grammar and spelling mistakes into highly sophisticated targeted attacks that have fooled the most astute employee. Phishing attacks are also no longer limited to email, with SMS-based attacks on the rise.

According to the World Economic Forum, 95% of successful attacks are due to human error, and most could have been prevented with proper cyber security education.

Cyber crime as a service is a growing industry, with criminal actors collaborating to provide more effective hacking services, and being paid in cryptocurrency. These services mean that almost anyone can launch a cyber attack by simply employing the growing number of hacking groups that are openly advertising their services.

Apart from cyber education, two-factor authentication provides some of the most effective protection. Apps like Google Authenticate and Microsoft Authenticator create an additional layer of security that was previously only available to large corporations and government agencies in the form of RSA tokens.

Automation, artificial intelligence and machine learning tools are also increasing in popularity to tighten up security. However, since its inception, the security industry has been in an arms race with cyber criminals, and these technologies are also being used by the bad actors to find and exploit vulnerabilities.

Finally, the reliance on third-party infrastructure software solutions has increased as more companies migrate to the cloud. Security experts are warning that attacks on these third-party applications are expected to increase in the coming months.