Blog
Latest Cyberthreats and Advisories - March 17, 2023
Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams. Here are the latest threats and advisories for the week of March 17, 2023.
By John Weiler
Threat Advisories and Alerts
FBI Warning: Cryptocurrency Investment Schemes on the Rise
The U.S. Federal Bureau of Investigation (FBI) is warning internet users of an increase in cryptocurrency investment scam schemes, which defrauded victims of over $2 billion in 2022. Cybercriminals (usually located overseas) use social media platforms, dating apps, professional networking apps and other online means to connect with targets. The criminals then lure victims on to fraudulent cryptocurrency websites or apps to invest with the promise of financial success. However, once money is “invested,” it’s gone for good. Internet users can protect themselves by being cautious of contacts they’ve met solely online and researching cryptocurrency investment opportunities before investing.
CISA Announces Program to Stop Ransomware Attacks on Critical Infrastructure
This past Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the Ransomware Vulnerability Warning Pilot (RVWP). The program is meant to alert critical infrastructure entities, which have been increasingly targeted by ransomware, about vulnerabilities on their systems that could be exploited by attackers. Once CISA pinpoints these security flaws, its regional personnel will notify system owners so they can mitigate the issues before an attack occurs.
NCSC Warns of ChatGPT Privacy Concerns for Users
While technology experts have expressed concerns about ChatGPT’s ability to write malware and convincing phishing emails , less has been said on the potential privacy issues of the chatbot and language learning models (LLMs) in general. Not only could user queries input into the chatbot be read by the LLM provider, but if the tool is breached or acquired by another business, sensitive data could be either publicly exposed or handled differently than originally promised. For these reasons, the U.K. National Cyber Security Centre (NCSC) has warned users to avoid asking ChatGPT or other LLMs questions involving sensitive information.
Emerging Threats and Research
Cybercriminals Pounce on SVB Collapse
Last Friday’s Silicon Valley Bank (SVB) collapse has sent shockwaves through the global financial system. Threat actors are already exploiting the crash. Multiple security researchers have reported that cybercriminals are creating phishing pages, registering suspicious domains and conducting business email compromise attacks in relation to the event. SVB customers should exercise extra caution at this time and take instruction from official communications of the U.S. Federal Deposit Insurance Corporation (FDIC) and U.S. government. The U.K. arm of SVB has been rescued by HSBC and is trading normally.
Recent LA Housing Authority Breach Lasted One Year
The Housing Authority of the City of Los Angeles (HACLA) has released new information on a ransomware attack that was first noticed on December 31, 2022. The affordable housing provider issued a public notice revealing that the attackers had “unauthorized access to certain servers between January 15, 2022 through December 31, 2022.” HACLA member information that may have been compromised includes social security numbers, tax ID numbers and state ID numbers among other sensitive information. The HACLA incident follows the recent News Corp attack , which was another extended breach that lasted for nearly a year or longer.
U.K. Crypto Startup Robbed of $200 Million
On Monday, threat actors stole nearly $200 million from the U.K. cryptocurrency startup Euler Labs in a devastating cyberattack. The criminals exploited a vulnerability in the company’s code, which allowed them to steal a haul of digital currencies, including Staked Ether ($137.1m), USDC ($34.1m), Wrapped Bitcoin ($18.9m) and Dai ($8.8m). The company has notified government authorities and even contacted the attackers in a desperate attempt to retrieve the funds.
To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog. Please share other alerts and threat discoveries you’ve encountered and join the conversation on the (ISC)² Community Industry News board.