Cybercriminals attack schools, the FCC looks to change data breach rules and artificial intelligence alters the cybersecurity landscape. Here are the latest threats and advisories for the week of January 13, 2023.
Threat Advisories and Alerts
How Businesses Can Securely Use MSP Services
Managed Service Providers (MSPs) offer a popular and effective way for businesses to outsource their IT. While an MSP’s service can bring productivity gains and cost savings, they can also pose an added security risk. After all, an MSP customer will typically provide the MSP with administrative access to their data, increasing their attack surface. To stay protected when hiring an MSP, the U.K. National Cyber Security Centre (NCSC) has advised that organizations should only allow enough privileges for the service provider to do their job, evaluate their security standards and require them to provide notice of any breaches.
Source: https://www.ncsc.gov.uk/blog-post/using-msps-to-administer-your-cloud-services
CISA Orders Federal Agencies to Patch Two Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Microsoft security vulnerabilities CVE-2022-41080 and CVE-2023-21674 to its list of exploited bugs. The former can enable remote code execution and the latter is a zero-day vulnerability that can allow elevation of privileges. Though U.S. federal agencies are required to patch the security flaws by January 31st, all organizations are urged to fix the bugs.
Emerging Threats and Research
Bad Actors Use ChatGPT to Write Malicious Code
The AI-powered ChatGPT has become a hot topic in the business world. The tool can be used for everything from writing to coding to understanding complex subjects. However, it can also be used for malicious purposes. Researchers from Check Point Research have reported at least three instances of bad actors using ChatGPT's AI capabilities to write malicious code. How is this possible? The tool enables cybercriminals with no coding experience to write malware, as noted by Check Point’s threat intelligence group manager, Sergey Shykevich.
FCC Looks to Speed Up Breach Reporting for Telcos
The U.S. Federal Communications Commission (FCC) is looking to overhaul its breach notification rules for telecom firms. The current laws, which have been in place for 15 years, require telcos to wait a mandatory seven business days before reporting a breach to customers. FCC Chairwoman, Jessica Rosenworcel, said, “Given the increase in frequency, sophistication and scale of data leaks, we must update our rules to protect consumers and strengthen reporting requirements.”
Source: https://www.infosecurity-magazine.com/news/fcc-accelerate-breach-reporting/
CISA and Homeland Security Build AI Cybersecurity Training Ground
The U.S. Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA) are developing a machine learning-based analytics environment to combat evolving cyber threats. The goal is to create a multicloud collaborative sandbox that will train government experts to test machine learning techniques and artificial intelligence technologies. Data collected from the experiments will be shared across the government, private sector and academic institutions, with a focus on ensuring the platform's security and protection of privacy.
Source: https://www.theregister.com/2023/01/10/dhs_cisa_cybersecurity_sandbox/
Iowa’s Largest School District Hit by Cyberattack
Des Moines Public Schools, Iowa’s largest school district with more than 31,000 students, was hit by a cyberattack earlier this week, causing the cancellation of classes. In response to the incident, all networked systems were taken offline and the school district launched an investigation. While the nature of the attack is yet to be confirmed, it is suspected to be a ransomware attack.
Vice Society Suspected to Be Involved in U.K. Schools’ Data Leak
As cyberattacks on the education system increase, the U.K. has not been spared from attacks. Fourteen schools in the U.K. have now had their confidential data leaked, which includes staff pay scales and contract details, children’s SEN information and pupil passport scans. Vice Society is believed to be behind the leak.
Source: https://www.infosecurity-magazine.com/news/uk-schools-leak-confidential-data/
Royal Mail ‘cyber incident’ may be linked to Russia
In another U.K-based cyberattack, the Royal Mail, the U.K. postal service, has suffered what it called a ‘cyber incident’ on Wednesday, affecting systems responsible for handling international mail items. As a result, all outbound international mail has been suspended and consumers and retailers have been asked not to mail anything destined for a location outside the U.K. The BBC is reporting that the attack is based on the LockBit ransomware and is linked to Russia.
Source: https://www.bbc.com/news/business-64244121
To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog. Please share other alerts and threat discoveries you’ve encountered and join the conversation on the (ISC)² Community Industry News board.