Reading Roundup September 2023
MSFT Identifies Root Cause of Gov Breach
Senior Officials at the US State and Commerce departments were the victims of Chinese-based Storm-0558. Microsoft recently dropped a blog admitting that hackers were able to extract a cryptographic key from an engineer’s account, which was used to access email accounts. Obviously, folks are calling for a review of Microsoft’s security practice. You can read more via Reuters.
Your New Car Is Spying on You
Mozilla’s new Privacy Not Included project reports that new cars are data nightmares. For example, cars now log if you’re wearing a seatbelt and how hard you pump the brakes. Not so bad. But, they likely also track your race, weight, facial expressions, health information and locations of drives. Data is being harvested from microphones, cameras and phones you connect to the platform, which is then sold to third-parties. I’ll be biking from now on. You can read more via Gizmodo.
British Electoral Commission Fails Security Assessment and Gets Breached
I’m going to say something controversial; Governments typically suck at cybersecurity. Last month the British Electoral Commission confirmed a breach that granted access to nearly 40 Million emails of voters. This comes on the heals of learning that the Commission failed a Cyber Essentials Audit. The Commission has yet to receive a passing grade. You can read more via the BBC.
Minneapolis School System Notifies Victims 7 Months After Breach
100,000 students had their personal information and highly-sensitive data stolen by bad actors seven months ago, but Minneapolis Public Schools recently started notifying the victims by mail. The system was breached on February 18th, and data was posted online by March 17th. Luckily, the kids get free credit monitoring! You can read more via ABC-KSTP.
Cisco Buys Splunk for 28 Billion
This is the third-largest software acquisition deal in history. Splunk was in the process of transitioning from a licensing model to subscription model. Today, Splunk generates approximately $4 billion in annual revenue. Cisco has seen its hardware sales begin to tighten and this move aligns with their strategic goal of moving towards a residual revenue model. If you thought Splunk was expensive before…Read more via Reuters.
Verizon Fined $4 Million by Feds
Verizon received this heavy fine after findings revealed that they failed to comply with required cybersecurity standards. The service related to this fine is Managed Trusted Internet Protocol Service (MTIPS), which is the offering specifically designed for Federal Agencies to meet compliance. Essentially, Verizon sold a “compliant” solution designed for the government that wasn’t compliant. Yikes. You can read more via The Office of Public Affairs.
Mom’s Meals Goes Down
Mom’s Meals makes meals for folks with chronic health conditions. Bad news for Mom’s, because they suffered a massive data breach that impacted 1.2 million users. That includes health information and Social Security numbers. Mom’s Meals was slow to disclose the breach. Adding insult to injury, Mom’s Meals also told employees to take paid time off and failed to fully pay employees for days the crew was impacted by the breach. You can read more via KCCI.
AI Could Be Security Risk, Experts Say
My cybersecurity pals just called me Captian Obvious under their breath. There’s been a massive number of technology vendors who rolled out generative AI features to organizations, whether they paid for it or not, and this is ramping up concern by security professionals. Very few security professionals have visibility, monitoring or a firm grasp on these features. You can read more via The Wall Street Journal.
Public Sector and Ransomware
Local and state governments often struggle to afford the security measurements needed to create layers of defense. It’s only September, and we’ve already broken the record for ransomware attacks in the public sector. This Google executive believes public sector can fend off many of these threats by abandoning their MSFT environments in favor of Google. Of course, you’d expect a Good executive to say that, but it’s worth a read if you’re considering a jump from MSFT. YOu can read more via TechCrunch.
Struggling to Hire? Automation Can Help
I have daily conversations with organizations who complain that they can’t hire qualified candidates to fill vacancies. The talent gap in Information Technology is real and it’s growing. Organizations can offset these challenges with managed/shared services and automation. This article from Forbes highlights this trend across all verticals of the economy and the potential impact of automation. You can read more via Forbes.
FBI Requests Aid from Private Sector
The current FBI Director notes that the government simply can’t keep up with the volume of threats it encounters. He goes on to state that it’s growing far more difficult to discern where the criminal activity ends and nation-state assault begins. You can read more via CNBC.
Trends in IT Service Spend
Spending was quite high in Q1, but April saw a delay in projects due to uncertainty in the economy. Signs seem to indicate that money will be released to tackle upcoming projects. This article notes that cloud migrations and modernization efforts, which have been extremely popular over the last three years, have slowed. You’ll likely see businesses prioritize services that meet their OKRs and cost-optimization goals. You can read more via Forbes.
Identity Attacks on the Rise
MFA is not a silver bullet. This article highlights how sophisticated cross-tenant impersonation attacks can overcome tools, such as Okta. The article also provides an overview of the steps bad actors, such as ALPHV and Scattered Spider (infamous due to the MGM breach), take to threaten end users. Again, there is no silver bullet for security. You can read more via Dark Reading.
IT Teams, Your Duties Have Changed
If you’re a professional in the field of IT and cybersecurity, you’re likely facing fresh job requirements that weren’t required of you five years ago. Wholesale cloud adoption, from SaaS adoption to holistic lift-and-shifts, and remote work trends have drastically expanded the boundaries and attack surfaces for security teams. It also adds numerous responsibilities to IT teams. If you want to attract and retain top talent, you have to train them for these new roles and provide the tools, such as automation and managed services, they need to be successful. You can read more via ZDNet.
Endpoints are Hard to Secure
A study by CyberRisk Alliance notes that 58% of organizations shared that endpoints were compromised in the last year. 36% of these are due to vulnerability exploits on the endpoints. The article highlights the need for MFA, patching (actually patching everything), backups that work, 24/7/365 monitoring and response, and Zero Trust adoption. You can read more via SC Media.
Will AI Replace Your Job?
Wired dropped a doom-and-gloom article, y’all. This article suggests that 50% of jobs could be at risk of being replaced by AI in the coming decades. It does highlight a growing trend of organizations deploying “spyware” coupled with the desire to replicate these workflows. Have you ever watched Wall-E? One day Buy n Large will rule the world! This article requires a subscription to Wired.
Cloud Posture Security Management
This article compares seven leading software vendors in the CPSM space. These tools automate and continuously monitor your cloud environments, including SaaS, for misconfiguration and compliance issues. This is handy, because the demand for cloud architects outpaces availability of resources. You can read more via TechRepublic.
A DevOps Approach to Securing Containers and Kubernetes
Very few organizations run containerized workloads in the Southeast. For example, only 40% of organizations utilized containers in 2021, and most weren’t in Alabama. It’s predicted that the number will jump to 90% in 2027. This article suggests that we should weave automation and security into every stage of the journey on the road to containerization. You can read more via VentureBeat.
Lessons from Uber’s CISO Going Down Hard
This is a great listen. Joe Sullivan, then CISO of Uber during the famous breach of 2016, was sentenced to three years’ probation and 200 hours of community service. He was fortunate to avoid jail time, where I’m sure he would have thrived like Dr.Evil (hit this link to brighten your day). This interview covers the case, trial results and what we learned. You can listen here via SC Media.
USB Drives and Bars
It’s 2023 and bad actors are still finding success with USB drives. These devices are being left at watering holes and bars in hopes that an assuming victim takes the bait. I honestly can’t believe this is still a problem, but I’ll leave the link so I can validate the threat is real. You can read more via TechRepublic.