Cyber security update - December

SoftwareOne believes there is a need for additional information when it comes to cyber security, as organisations have made it clear that investment in a proper security strategy is paramount. SoftwareOne’s monthly “Cyber security update” provides information on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Latest security breaches

2023 was a year of new innovations and the explosion of AI technologies. Cyber-attacks, breaches, and ransomware have shown no signs of slowing down. Let's take a look at what happened in December.

The U.S. telecom giant Comcast has confirmed that hackers exploiting a critical-rated security vulnerability accessed the sensitive information of almost 36 million Xfinity customers.

Database software company MongoDB has disclosed a malicious hack of its corporate systems and warned that customer account metadata and contact information was part of the stolen data.

More than 1.3 million files – stolen from Sony-owned Insomniac Games in the recent ransomware attack – have now been leaked online by the Rhysida gang. Part of the 1.67 TB cache includes a treasure trove of sensitive data, including company financial information, dozens of bank account details, credit card account numbers, contractor and HR personnel files, system users, and detailed info on C-Suite executives and board members.

Another disclosure comes from Delta Dental of California, which notified nearly 7 million patients that they experienced a data breach after personal data was exposed in the MOVEit Transfer software case.

Mortgage loan giant Mr. Cooper in the US suffered a major data breach impacting 14.6 million homeowners, representing former and current customers and co-borrowers’ personal information.

VF Corporation (NYSE: VFC), which owns and operates some of the biggest apparel and footwear brands such as Vans, Northface and Timberland, has been hit by a ransomware attack that included the theft of sensitive corporate and personal data. This led to shares tumbling by approximately 7% and hampered the ability to fulfil online orders during this holiday season.

Toyota Germany posted an updated notice on its website, informing visitors that the attackers had gained access to the systems of Toyota Kreditbank GmbH, and that personal information was compromised, without providing details on the types of stolen data.

North Korean threat actors are believed to have stolen more than $3 billion in cryptocurrency to date, according to a report from threat intelligence firm Recorded Future.

Gas stations across Iran experienced a widespread cyber-attack, disabling nearly 70% of the stations and leading to service disruptions. The cyber conflict between Iran and Israel continues to escalate, with both countries engaging in cyberattacks against each other's infrastructure.

In another data breach, Shipbuilding company Austal USA has confirmed that it suffered a cyber.attack and is currently investigating the impact.

In another major data breach, Dollar Tree and Family Dollar stores were impacted, affecting nearly 2 million people, after their service provider, Zeroed-In Technologies, was hacked.

The Central Bank of Lesotho is facing severe outages caused by a cyber-attack, leading to the suspension of systems and delays in payments.

Cyber security awareness

Small and medium-sized businesses (SMBs) are increasingly targeted by cyber-attackers, and their lack of awareness, understanding of security responsibilities, and inadequate protection make them attractive targets.

The U.S. Department of Health and Human Services has released a concept paper outlining its cyber security strategy for the health care sector, focusing on strengthening resilience against cyber-attacks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to eliminate default passwords on internet-exposed systems due to the severe risks they pose to organisations.

A new fraudulent campaign has been uncovered, orchestrated by a group called the Smishing Triad gang. They are impersonating the United Arab Emirates Federal Authority for Identity and Citizenship and targeting UAE residents and foreigners in the country.

The United States, South Korea, and Japan have agreed to launch new trilateral initiatives to counter North Korea's cyber-threats, including targeting cryptocurrency money laundering. The three allies expressed concerns about North Korea's malicious cyber-activities.

Rhadamanthys, an information-stealing malware, has released two major versions with enhanced stealing capabilities and improved evasion techniques. The introduction of a new plugin system allows cyber-criminals to customise the malware's functionality and target specific vulnerabilities.

Cyber security intelligence

A Deloitte report shows that 69% of enterprises believe AI is necessary for cyber security due to increasing number of threats that cyber security analyst can handle, but the report points out that AI is a double-edged sword, both safeguarding and endangering the digital world.

Academic researchers have developed a new attack called Terrapin that exploits weaknesses in the SSH transport layer protocol. This attack manipulates sequence numbers during the handshake process, allowing attackers to remove or modify messages exchanged through the communication channel.

In a bid to improve baseline cyber security and resilience, the UK government has proposed new rules designed to regulate the datacentre sector. Under the current proposals, datacentre providers would have a “duty to take appropriate and proportionate technical and organisational measures” to manage security and resilience risk.

A study commissioned by Apple shows that an estimated 2.6 billion personal records were compromised as a result of data breaches in the past two years, which, according to the tech giant, highlights the need for end-to-end encryption. The report compiles statistics and case studies from more than 200 sources to provide an overview of data breaches over the last two years.

Hot topic of the month: Cyber security outlook 2024

It's been a big year for cyber security news which also marked a transformative journey for the cyber security, IT, AI and cloud industries. Amidst the continuous evolution aimed at countering emerging threats, it’s crucial to ponder on the some of key takeaways from 2023 and what the year 2024 holds for us, a kaleidoscope of emerging challenges and opportunities that will be shaping the future of cyber security.