Tag: data privacy
US takes on Chinese hackers
A man alleged to be behind the recent Salt Typhoon US telecoms network and US Treasury department breaches has been sanctioned by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC). Yin Kecheng “has been a cyber actor for over a decade and is affiliated with the People’s Republic of China Ministry of State Security (MSS)”, says the Treasury Office. Yin is alleged to have had direct and associated involvement in both breaches. Two key individuals in President Donald Trump’s new administration, Elon Musk, and the president’s nominee to head the Department of Homeland Security, Kristi Noem, have specifically cited the two devastating breaches as the prime examples of why the nation’s cybersecurity strategy is in pressingly urgent need of being overhauled.
The rising costs of DORA compliance
The European Digital Operational Resilience Act (DORA), which came into force on Friday, January 17, is already having unforeseen costs for organizations right across the financial sector. Although the act is the brainchild of the European Union (EU), the financial services industry has been global for some years, and firms in the US and the UK are also impacted. As of Friday, the new regulations now also apply to US companies providing financial services within the EU or catering to EU customers. California-based cybersecurity company Rubrik has commissioned research that almost half of UK financial businesses report spending over €1 million each over the last two years in trying to comply with the new EU regulation. DORA mandates key provisions such as contractual safeguards and contingency plans to mitigate risks from partners and third parties. DORA compliance also requires regular testing of digital resilience and attack simulations.
WEF predicts perfect storm for cybercrime
The World Economic Forum (WEF) Global Cybersecurity Outlook 2025 reports that several compounding factors are creating an increasingly complex and risky business environment. These include the growing complexity of supply chains, rising geopolitical tensions, cybercriminal's increasing use of artificial intelligence (AI), and the entry of traditional organized crime groups into cybercrime. Ransomware remains the top organizational cyber risk year on year, with 45 percent of respondents ranking it as a top concern in this year’s survey. Over half of the large organizations surveyed worldwide, 54 percent, identified supply chain challenges as the most challenging barrier to achieving cyber resilience, citing the increasing complexity of supply chains, coupled with a lack of visibility and oversight into the security levels of suppliers.
SMEs in urgent need of cybersecurity overhaul
In an exclusive interview with Cyber Intelligence, Brian Buiwe, Technology Specialist at Sage, explains how SMEs and other smaller organizations urgently need to re-address their approach to cybersecurity. There is a huge knowledge gap among C-suite executives of small-to-medium-sized enterprises (SMEs), as well as among other professionals such as senior doctors and lawyers, where cybersecurity is concerned. Many do not yet grasp the urgent need for cybersecurity. The mainstream media has actually done a very poor job of keeping them informed of the growing threat facing all sectors.
China ramps up cyber-attacks on the US
The latest US security breach attributed to systematic attempts by China to compromise US institutions and critical infrastructure has impacted the US Treasury. The intrusion is being billed as “a major cybersecurity incident”. According to a letter from the US Department of the Treasury: “The threat actor was able to override the service’s security, remotely access certain Treasury Departmental Office user workstations, and access certain unclassified documents maintained by those users… Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”
AI gives the game away
The latest threat for companies using large language (LLM) AI software to replace human staff is the software’s innate gullibility. LLM software can be likened to some cowardly bank clerk in an old Western hold-up who not only willingly opens a back door for the bad guys but also willingly tells them the combination of the safe. The methods for persuading LLMs into naively disclosing the keys to the corporate kingdom are known as ‘LLM Jailbreak’ techniques. Palo Alto Networks Unit 42 researchers have named one such LLM Jailbreak, “Bad Likert Judge”.
Security minefield ahead for GenAI users
In an exclusive interview with Cyber Intelligence, Gadi Bashvitz, CEO of cybersecurity testing firm, Bright Security warns of the security challenges facing organizations in the wake of widespread adoption of GenAI. Cyber Intelligence: Are there any specific dangers of which companies using GenAI to generate new code should be particularly aware? Gadi Bashvitz: There are multiple considerations here. On one hand, any solution developed leveraging LLMs is prone to LLM-specific vulnerabilities such as Insecure Output Handling and Broken Access Control and it is critical to make sure organizations are aware and can detect such vulnerabilities before releasing LLM-based solutions.
The data currency time bomb
Corporations are not only amassing huge amounts of personal data on their customers as never before but also trading that data, frequently without the customer’s knowledge. As yet, the general public is largely unaware of the uses to which their personal information is being put or whose hands it ends up in. At the same time, companies holding the data must tread an increasingly complex regulatory minefield. According to Chris Diebler, Security VP at cybersecurity company DataGrail: “Companies are all terrified of not having enough data as data is the new currency. However, companies need to think seriously about reducing these vast mountains of data. The value of data must be balanced against the cost and security risk of maintaining it." Companies that fail to secure personal data effectively or trade customer data with third parties face considerable potential brand damage when the details are obtained by bad actors and they suffer identity theft or financial fraud as a consequence.
INC Ransom Hits Three UK Health Orgs – December 4th
German authorities have made arrests linked to drug-selling platform Crimenetwork, seizing over $1 million in crypto assets. Crimenetwork is alleged to be the largest darkweb marketplace in the country and enabled users to buy and sell drugs, and offered illicit services such as the forging of documents and trading of stolen data.
How can companies deal with data overload?
Sanjaya Kumar, MD, is the CEO of cybersecurity company SureShield, Inc. Dr. Kumar has more than 25 years of healthcare compliance, risk management, and security experience. In an exclusive interview with Cyber Intelligence, he outlines the challenge presented by the current environment of data overload and some of the steps organizations should take to mitigate the associated risks from it.
Disgruntled ex-Disney employee highlights insider threat
The Walt Disney Company, which has long had a history of troubled labor relations, recently found itself the victim of a disgruntled former employee. According to an affidavit in support of a criminal complaint against the former employee, Michael Scheuer, Disney discovered a security breach allegedly used to make its menus unusable, together with the redirection of QR codes to direct Disney customers to a website calling for a boycott of Israel. More seriously, it alleged that the threat actor manipulated allergen information on Disney menus, indicating that certain menu items were safe for people with peanut allergies when, in fact, they could have been potentially deadly for some diners. Scheuer is also alleged to have conducted denial of service attacks on four former colleagues and to have paid visits outside the home of one of them.
US is top target for mobile cybercrime
The US is the top target for cyber-attacks focusing on mobile devices and those connected by the Internet of Things (IoT) plus the operational technology (OT) systems than run facilities such as power plants. According to cybersecurity firm Zscaler’s ThreatLabz 2024 Mobile, IoT, and OT Threat Report, mobile remains a top threat vector, with 111% growth in spyware and 29% growth in banking malware. Technology (18 percent), education (18 percent) and manufacturing (14 percent) continue to be the sectors most targeted by mobile malware. The education sector saw the most dramatic rise in blocked transactions, with a 136 percent increase on the previous year.