In this issue:
- Russia-Ukraine War: Cybersecurity Implications
- Cybersecurity shorts
- Software updates
Welcome to your March Savvy Cybersecurity newsletter. Read on to learn more about:
- Cyber threats related to the Russia and Ukraine conflict
- Data breaches at Samsung and T-Mobile
- Software you must update today
- And more
Russia-Ukraine War: Cybersecurity Implications
Since the Russian invasion of Ukraine, we have watched troops and tanks fill the streets of Ukraine on the news. Another aspect of the war is happening online—cyberattacks are being launched at Ukraine and NATO countries.
In fact, before the invasion there was concern that Russia would launch serious cyberattacks on Ukraine's infrastructure. While we have not seen attacks of that magnitude yet, smaller phishing and hacking attacks are being linked back to groups associated with Russia.
For example, Google reported phishing attacks being sent to Ukrainian officials and the Polish military. Ukrainian banks and other government agencies appear to be suffering from cybersecurity incidents as well.
Reports of cybersecurity attacks targeted at the United States have begun to trickle in as well. One security company, Resecurity reports a hacking campaign targeted at U.S. companies supplying natural gas.
While it is unlikely that individuals will have their personal cybersecurity targeted, we may begin to see more attacks on infrastructure and private companies. In the past, we have seen the damage these types of attacks can cause, as when the Colonial Pipeline hack disrupted fuel distribution across the United States in 2021 following a ransomware attack.
What can you do?
Whatever the level of threat, we must review the cybersecurity principles that can help keep you safe.
First, be on the lookout for phishing emails—especially coming from utility companies and financial institutions. Experts believe these are the industries most likely to be targets of ransomware attacks. Remember to E.M.A.I.L. your email—Examine Message And Inspect Links. If you are unsure, delete the email and call the company directly.
Implement multi-factor authentication on all of your sensitive accounts. The extra layer of security can protect your password if it is exposed in a data breach. You should have multi-factor turned on for your email, financial accounts, and any other accounts with sensitive information.
Next, be aware of scams. Unfortunately, we regularly see hackers take advantage of crises to prey on generous victims. Before you donate to a cause, be sure to vet the organization to ensure your donation is going to a legitimate cause.
Lastly, keep your software up to date. We know many hacks occur because of outdated software. Don't delay updates when you are notified on your device. And read the updates of the month below.
U.S. warns financial institutions of possible Russian cyberattacks. Officials in the U.S. have already blamed Russia for at least two rounds of cyberattacks in February that have been the largest attacks in the country's history. Financial institutions should be on the lookout for increased cyber activity. Additionally, the U.S. Department of Homeland Security has set up a page specifically warning of attacks originating from Russia. Read more about the warnings of potential cyberattacks on financial institutions here.
The cybersecurity industry has its 'shields up' due to the war in Europe. Due to the war between Russia and Ukraine, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an unprecedented warning that is recommending that "all organizations–regardless of size–adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets." To read more about the steps the industry is taking to protect itself, click here.
Personal information is still spreading from T-Mobile breach. People affected by T-Mobile's August 2021 data breach may still be affected, as their personal information might still be circulating on the dark web. This breach involved tens of millions of current, former, and prospective customers of the company whose stolen data is attractive for those looking to commit identity theft and other financial crimes.
Selfies are no longer required from the IRS. The U.S. Internal Revenue Service (IRS) recently said that taxpayers are no longer required to provide facial scans to create an account on their website. Taxpayers can now opt for a live video interview with ID.me in lieu of providing biometric data. You can read their statement and more information about it, here.
Toyota suspends production after cybersecurity incident. Toyota Motor Corporation recently stalled all domestic factory operations following a cyberattack that hit one of its suppliers. This suspension will cause a production loss of around 13,000 cars. Japanese Prime Minister Fumio Kishida told reporters that his government is currently investigating the issue.
Samsung Galaxy smartphones victim of cyberattack. In a recent announcement, a representative from Samsung said that hackers had breached its internal company data, gaining access to some source codes of Galaxy-branded devices. The hacking group Lapsus$ claimed via its Telegram channel that it has stolen 190 gigabytes of confidential Samsung source code.
Six U.S. state agencies hacked by Chinese hackers. Over the last 10 months, a Chinese government-backed hacking group has breached local U.S. government agencies in at least six states. These targeted state agencies include "health, transportation, labor (including unemployment benefits), higher education, agriculture, and court networks and systems." You can read more about the hacks here.
Senate passes major cybersecurity legislation. Recently, the Senate passed major cybersecurity legation, which moved the industry one step closer toward forcing critical infrastructure companies to report any cyberattacks or ransomware payments. This new legislation still need to pass in the House, would require the report of cyberattacks and ransomware payments to be reported within 72 hours if any Cybersecurity Infrastructure owners or civilian federal agencies experience an attack.
Cybersecurity not mentioned during Biden's State of the Union address. Although they were major priorities in Biden's first State of the Union address, cybersecurity issues were not addressed this time, even though, CISA issued a "Shields Up" address the day prior. Since the war with Russia and Ukraine started in early 2022, base threats have skyrocketed at least 700%. To learn more about what the war with Russia and Ukraine mean for the U.S. cybersecurity industry, you can read more here.
Adobe: Updates were released this month of Adobe Photoshop, Illustrator, and After Effects. Learn more here.
Firefox: If Firefox is installed on your device, be sure to update the browser as soon as possible. Mozilla has released updates closing two critical security vulnerabilities. Be sure you are running Firefox 97.0.2 or greater. You can read more about the update here.
Microsoft: Microsoft released an update closing nearly 70 security issues this month. Only three of the updates are considered critical, but you should still update your devices as soon as possible. For the first time, Microsoft's Xbox is included in the monthly updates. You should be prompted to update automatically but you can learn more here.