Cybersecurity issues have become a paramount concern for businesses across the globe and particularly in the U.S. with our foreign adversaries. Cyber threats not only pose risks to the integrity and confidentiality of corporate data but also have the potential to disrupt business operations, inflict substantial financial losses, and puts our national security and critical infrastructure at risk.
For Part II of our podcast with Dr. Gerald Auger, we discuss cybersecurity issues and headlines that have impact on businesses today.
One of the primary cybersecurity challenges businesses face is the threat of data breaches. Hackers employ sophisticated techniques to infiltrate networks and access sensitive information such as customer data, intellectual property, and financial records. Such breaches can lead to significant reputation damage, legal repercussions, and financial losses due to the cost of remediation and potential penalties for failing to protect data adequately. Phishing attacks, where employees are tricked into providing access to corporate systems or sensitive information, remain a prevalent method for initiating breaches. Despite awareness campaigns, the human element often remains the weakest link in cybersecurity defenses.
CMMC 2.0
One way to combat some of these threats within the defense sector is the Cybersecurity Maturity Model Certification (CMMC). This framework aims to evaluate defense contractors’ adherence to cybersecurity standards in safeguarding contract data and controlled unclassified information (CUI) from ongoing adversarial threats and cyberattacks. Compliance with CMMC has sparked significant interest among stakeholders in the defense industrial base (DIB).
Cyber Attack Headlines and What We Can Learn
As organizations continue to integrate digital solutions into their operations, the potential for cyber threats grows exponentially. But we can learn a lot from ongoing news releases on cyber attacks.
A joint Cybersecurity Advisory (CSA) released by the Federal Bureau of Investigation (FBI), National Security Agency (NSA), U.S. Cyber Command, and global partners has raised concerns about the exploitation of compromised Ubiquiti EdgeRouters by Russian state-sponsored cyber actors. These actors, identified as the Russian General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center (GTsSS), and also known as APT28, Fancy Bear, and Forest Blizzard (Strontium), have been using compromised EdgeRouters to gather credentials, proxy network traffic, and host spear-phishing landing pages along with custom tools.
This case emphasizes the importance of cyber hygiene from a user and company standpoint – implementing things like using a VPN and auditing your own cybersecurity posture.
China’s cyber attacks have escalated to a level unprecedented in the eyes of the FBI director, raising concerns about the security of US infrastructure. Christopher Wray issued this serious alert during a gathering of intelligence officials and policymakers at the Munich annual security conference as reported by the Wall Street Journal. While discussions at the conference centered on the conflicts in Ukraine and the Middle East, Wray emphasized the importance of not overlooking a more subtle threat.
Hackers possibly linked to China might have been infiltrating critical infrastructure in the U.S. for an extended period, but with current and ongoing diplomacy with allies and continued growth of adversarial threats, companies should take these warnings very seriously.
The government recently warned about the gaining popularity of BlackCat (aka ALPHV) attacks focusing on the healthcare industry. Auger shares with us the history of the healthcare industry being a target and what ransomware attacks are.
Ransomware attacks represent another significant threat, where attackers encrypt a company’s data and demand payment for its release. The impact of such attacks can be crippling, as seen in numerous high-profile cases where companies were forced to halt operations and incur massive recovery costs. Additionally, the increasing sophistication of malware and the rise of state-sponsored attacks add to the complexity of cybersecurity challenges. Businesses must adopt a proactive and comprehensive approach to cybersecurity, incorporating advanced security technologies, regular training for employees, and robust incident response plans to mitigate these risks effectively.
