Author: Chase Snyder, Sr. PMM, Xage Security
Snowflake customers got compromised due to infostealer infections and lack of MFA. A London hospital had to ask its own employees for blood donations after a cyberattack. Chinese hackers were found to have exploited Fortinet firewall bugs to target over 20,000 government systems since 2022. The software supply chain continues to prove itself a minefield of risk. And satellite ground stations finally started getting the cybersecurity attention they deserve.
Welcome to the June 2024 Cyber Risk Roundup.
Lockbit Ransomware Claims Federal Reserve Hacked
The Lockbit ransomware group has claimed to have stolen 33TB of data from the U.S. Federal Reserve. There was speculation that the claims were bogus before the ransom deadline passed. Ongoing investigations seek to validate the incident and new information continues to surface in this breaking story. Read more.
Snowflake Customers Compromised Due To Lack of MFA
Customers of Snowflake are getting hacked. Early reports implied Snowflake itself might be at fault, but subsequent revelations indicated that the attacks were being executed using stolen passwords from as early as 2020, on accounts with no MFA enabled. The lack of password rotation and MFA for remote access continues to leave the door open for cyberattacks against all types of organizations.
CISA Authors Guidance on Modern Network Access Security
CISA has partnered with a bevy of international organizations to publish new guidance on securing modern network access. The recommendations include adopting zero trust access, moving away from VPNs due to inherent risks, and paying close attention to remote access security measures.
Satellite Ground Station Cybersecurity Needs to Get Serious
Satellites are managed and monitored from the ground, and the systems used to conduct this sensitive work often run unsecure legacy operating systems and are not well protected from cyberattacks. This report in Space News from Xage Government head Matthew Heideman makes a strong case for taking satellite ground station security seriously.
London Hospitals Cancel Operations, Seek Blood in Wake of Cyberattack
A cyberattack on Synnovis impacted King’s College Hospital and led to the cancellation of thousands of appointments and operations. Some reports say the hospital asked employees for blood donations as a result of the attack. The impact of the attack is ongoing, and reports have indicated that a Russian cyberattack group has claimed responsibility and is demanding 50 million as a ransom for the data that has been stolen. Read more.
Auto Dealers “Revert to Pen And Paper” as Dealer Management Software Gets Ransomed
A globally used dealer management software from CDK systems went down due to what the company called a “ransom event,” causing auto dealers worldwide to scramble. This illustrates the load-bearing nature of software across enterprises, and the risk any business faces when they rely heavily on software that could be shut down by a cyberattack at any moment. The cost of downtime extends far beyond the company directly experiencing the ransomware in these cases. Everyone who relies on enterprise software needs a backup plan.
Satellite Ground Station Cybersecurity Gets Serious
Satellites are managed and monitored from the ground, and the systems used to conduct this sensitive work often run unsecure legacy operating systems and are not well protected from cyberattacks. This report in Space News from Xage Government head Matthew Heideman makes a strong case for taking satellite ground station security seriously.
Bridge Collapse and Misinformation in Critical Infrastructure Security
The Francis Scott Key Bridge collapsed after being struck by a cargo ship in March, and immediately spawned theories of cyberattack with undertones, or explicit allegations, of international geopolitical conflict as a motive. There’s a gap between perception and reality, but there is also real cyber risk against critical infrastructure. Xage Cofounder and SVP of Product Roman Arutyunov dissects this challenging topic in this DarkReading article.
User First Cybersecurity Is The Key To A Secure Tech Stack
Cybersecurity tools only work if people can actually deploy and use them. Usability is a security issue that deserves a lot more focus than it gets. Xage CEO Geoff Mattson has a sharp perspective on the subject in Forbes this month. Read here.
Manufacturing Needs Security and Productivity in Perfect Alignment
The tradeoffs between security and productivity put manufacturers in a tough spot. Vendors who can align zero trust initiatives with increased productivity will have a competitive advantage in the market. Listen to the whole interview on Manufacturing.net.
The Software Supply Chain is a Minefield
The Verizon DBIR report published in May 2024 indicated a 68% increase in supply chain interconnectivity influence on breaches. After the XZUtils situation, in which a backdoor was nearly introduced by malicious actors into a globally deployed Linux distribution, software supply chain attacks started garnering even more attention. How do you take advantage of the benefits of enterprise software without opening your doors to cyberattackers? Xage’s CEO reveals the way forward in Forbes Tech Council this month.
Follow Xage Security on LinkedIn for daily updates on cyber risk and global events.