Consistency is crucial for good cybersecurity because criminals target the places we neglect. For example, if your social media provider changes its multi-factor authentication policy, you might not act quickly to adapt, but the crooks certainly are. And if you've not updated that home router, it might fall prey to a criminal campaign. All this, it turns out, can have serious health implications for you and your people.
These are some of the cybersecurity stories that caught our attention during January:
A surge in X account compromises
Late last year, Twitter/X changed its policies to narrow multi-factor options available to free users. Many people and companies did not address their MFA policies quickly enough. Criminals pounced, leading to high-profile account breaches on the service, including those of several towns and cities. A massive batch of 'verified' X account credentials was also discovered on the dark web, and even the US Security Exchange Commission's X account was hacked and briefly promoted a crypto scam (though the SEC account used proper MFA and was instead breached using a sim swap scam). The takeaway is to keep an eye on security at third-party providers because when they make changes, you might become exposed.
Ransomware is bad for your health A new report from a UK think tank explores how cyberattacks cause harm, including how they stoke stress, fear and anger. It's well-reported that security professionals face a lot of job stress, creating severe burnout and other health problems. We can add post-traumatic stress syndrome (PTSD) to some of the worst cases. But cybercrime impacts many more people. Executives report extreme stress and anxiety due to financial and productivity concerns. IT professionals also experience negative health impacts as they fight to bring systems online. Even other employees struggle during cyberattacks, citing uncertainty, anxiety, and fear, as well as anger at the attackers. The report recommends giving closer attention to mental health during and after cyberattacks.
Home routers become mainstream targets
For years, experts have warned that home routers are not very secure. They are prone to still use the original logins (such as admin/admin) and home users are unlikely to update the device's software and firmware regularly. As working remotely and from home became more popular, so did the risk of criminals targeting those routers. Risk has become a reality: the FBI uncovered a massive campaign it calls the Volt Typhoon botnet. The attack, perpetrated by a well-known state-sponsored criminal group, targets home office routers and infects them with malware to create a botnet to attack other targets. Experts recommend that organisations frequently audit home routers for outdated and end-of-life devices.
Cybercrime group desperately claims fake attack
Fake it 'till you make it. And if you have made it but got caught, go back to faking. This is the latest tactic used by ALPHV/BlackCat, which has gone to ground after a police operation dismantled substantial parts of its crime infrastructure. To keep funds coming in, the group has started making false claims about successful hacks to bolster its reputation and squeeze money from its alleged victims. At least two of the attack claims appear to be bogus, with no evidence of breaches. In one case, the 'victim' company revealed that the leaked data used in breach claims was faked. Unfortunately, several news outlets and even cybersecurity researchers have been taking these claims at face value and spreading them. Still, it's good to see cybercriminals suffer for their crimes