Cybersecurity Saturday

Reflections

  • WIRED Magazine looks back on 2023’s worst “breaches, leaks, ransomware attacks, digital extortion cases, and state-sponsored hacking campaigns.”\
  • Security Intelligence provides a round of federal actions that shaped cybersecurity in 2023.
  • Info-Security Magazine discusses the top five cybersecurity mergers and acquisitions of 2023.

Recent breaches

  • Health IT Security reports on recent health sector breaches.
  • The Cybersecurity and Infrastructure Security Agency did not post news this week.

Ransomware

  • Bleeping Computer did update The Week in Ransomware yesterday.
    • “It’s been a quiet week, with even threat actors appearing to take some time off for the holidays. We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals.
    • “These attacks include ones against Yakult Australia and the Ohio Lottery by the new DragonForce ransomware operation.
    • “The most concerning news is that LockBit affiliates increasingly target hospitals in attacks, even though the ransomware operation says it’s against the rules.
    • FEHBlog note — There’s no honor among thieves.

Looking forward,

  • The Wall Street Journal reports,
    • “Companies in 2023 saw rising cybersecurity threats, rising regulation and rising costs for cyber insurance, while dealing with tight budgets and a tighter labor market. 
    • “The year ahead will bring no letup. 
    • “Both geopolitical adversaries and common criminals will intensify strikes on U.S. companies to steal information and disrupt business, government security officials say. Ransomware remains a significant threat, with new malware strains emerging as quickly as older ones fade. Serious attackers linked to China and Russia are exploiting bugs in the technology supply chain to get into corporate networks through a side door. 
    • “Chief information security officers increasingly are responding by working with the chief risk officer, general counsel, chief financial officer and chief information officer to set cyber risk policies and processes. That collaboration is vital as the Big Four cyber adversaries of the U.S.—China, Iran, North Korea and Russia—show no signs of slowing attacks.”  
  • Info-Security Magazine offers ten cybersecurity predictions for next year.

Happy New Year1