Blog
Cybersecurity Industry News Review - March 28, 2023
The U.K. writes a cybersecurity prescription for the NHS and for social care, data protection hardware is becoming a big security gap, security specialist MITRE partners up to tackle supply chain security threats, while the E.U. turns its cyber attention to transport.
UK Prescribes Dose of Cyber Security for Health Service
The U.K. government has sketched out a strategy to protect the National Health Service from cyberattacks. The plan, which also covers social care services, has five key pillars, including identifying areas where disruption could produce the most harm to patients, building unified responses, and embedding security into the framework of emerging technology. Full details will be laid out this summer, with the strategy implemented over the next two to three years. Health providers are a tempting target for cyber attackers, particularly with ransomware, as they combine deeply personal information and they are often perceived as having weaker security infrastructure, while any disruption can be life threatening.
NCSC Gives Small Businesses Tools to Build Up Cyber Defenses
Meanwhile the U.K.’s National Cyber Security Centre has launched a campaign to help small businesses tighten up their defenses. The Cyber Action Plan is an online tool which allows small businesses, as well as individuals and families, to answer a series of questions and generate a tailored action plan. A second tool – Check Your Cyber Security – offers IP address, website, and browser checks to identify common vulnerabilities. Further checks for businesses’ email domains are in the pipeline.
Data Protection Devices Are a Major Security Hole
Storage and backup devices are central to ensuring data protection and overall cybersecurity. Unfortunately, they often represent a significant security gap in their own right, research from storage software vendor Continuity suggests. The average enterprise storage and backup device typically has 15 vulnerabilities, researchers found, three of which are high or critical risk. The top risk is insecure network settings, followed by unaddressed common vulnerabilities and exposures (CVEs), access rights issues, as well as insecure user management and authentication. The firm pointed out that unpatched vulnerabilities in storage and backup kit are a key attack point for ransomware.
MITRE Shepherds Community to Tackle Supply Chain Security
MITRE has debuted a platform and prototype community around its System of Trust (SoT) framework for defining and quantifying supply chain cybersecurity risks. The cyber security specialist said its Risk Model Manager is designed to help organizations assess supply chain risk. The firm evolved SoT as a way of quantifying and defining risks, giving the security industry a common language for supply chain threats. The initial “community engagement group” has 30 members, spanning hardware, software and component vendors, security specialists, industry groups, and key users.
Fraudsters Generate Fake ChatGPT Extension to Hijack Facebook Accounts
Researchers at Guardio have flagged up the danger of fake ChatGPT browser extensions, as users get carried away about the potential of the generative artificial intelligence (AI) platform. The researchers said threat actors had produced a fake extension – ChatGPT For Google – by forking a legitimate open source ChatGPT extension. They then used sponsored search results to trick users into downloading the malicious extension. Once installed it allowed them to snatch session cookies and compromise users’ Facebook accounts. The researchers said that after they informed Google, the fake extension was removed from the Chrome store, but not before over 9,000 users had installed it.
CISA Issues Warnings On 13 ICS Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued two sets of warnings on vulnerabilities in industrial control systems last week. The first batch consisted of seven advisories, covering systems from vendors including Siemens, Rockwell and Hitachi Energy. A second batch covered half a dozen advisories covering vendors including Schneider Electric, ABB and RoboDK. The government agency also highlighted a raft of security advisories from Cisco covering nine separate vulnerabilities, seven of which related to its Cisco IOS XE Software.
ENISA Maps Out Cyberattacks on Transport Sector
Europe’s transport sector saw a doubling in ransomware attacks in 2022, making it the dominant cyberthreat facing the sector, according to ENISA. Between January 2021 and October 2022 ransomware was involved in 38% of attacks, the report said, while data-related techniques were used in 30%. DDoS attacks were 16% of the total, while phishing and supply-chain attacks were each involved in 10% of attacks. The threat actors with the biggest impact were state-sponsored actors, cybercriminals, and hacktivists. The aviation sector faces the widest range of attacks, with data-related attacks the most common. However, state sponsored actors regularly attack ports and vessels to cause operational disruption, while Russia’s invasion of Ukraine has spurred increasing attacks on railway companies.
To stay updated on the latest cybersecurity industry news, look for weekly updates on the (ISC)² blog. Please share other news or industry insights that are relevant in your sector and join the conversation on the (ISC)² Community Industry News board.