Since the cyber domain witnesses some change every day, it is vital for us to keep abreast of some of them if not all. Here are the primary cybersecurity headlines this week to help you understand the latest developments in the cyber world.
Intel 471 Reports 722 Ransomware Attacks in Q4 2021
A recent report published by Intel 471 states that 722 ransomware attacks were recorded in the fourth quarter (Q4) of 2021, with Conti, LockBit 2.0, PYSA, Grief, and Hive as the most active ransomware strains. This figure marks an increase of 110 attacks from Q3 and 129 attacks from Q2. Thirty-four ransomware variants were detected in Q4, with LockBit 2.0 emerging as the most prevalent ransomware strain, responsible for 29.7% of all reported attacks. LockBit 2.0 was closely followed by Conti (19%), PYSA (10.5%), and Hive (10.1%).
The sectors most affected by the ransomware attacks in Q4 include manufacturing, consumer, and industrial products; real estate; professional services and consulting; technology, life sciences and health care; energy, media, and telecommunications; public sector; resources and agriculture; nonprofit entities and financial services. The countries worst hit by LockBit 2.0 include the US, Germany, Italy, Canada, and France. Most Conti attacks were reported in the US, Italy, and Germany. The US was the worst hit by PYSA and Hive ransomware attacks. The Intel 471 cybersecurity report further stated that ransomware attacks on consumer and industrial products increased by 22.2% in Q4 (compared to Q3), making it the worst-hit sector in the fourth quarter.
Lapsus$ Ransomware Gang To Recruit Insiders
The Lapsus$ Ransomware gang has recently announced that it is looking to recruit insiders employed in major technology giants and ISPs who are willing to sell remote access to their organizations. Lapsus$ is targeting employees from renowned companies like Apple, Microsoft, IBM, and EA Games and telecommunications companies like AT&T, Claro, and Telefonica.
The ransomware gang aims to buy remote VPN access by convincing potential insiders to contact them privately on Telegram. Insiders are lured using financial rewards, and cybersecurity researchers warn that such attempts from adversaries increase the insider threat risk. Such tactics have been used previously and proved to be very successful in breaking through corporate security firewalls. It is speculated that such attack vectors will be popular among dark web actors, especially in post-pandemic times with the existing global geopolitical tensions.
ICO Imposes £98,000 Fine On Tuckers Solicitors
Tuckers Solicitors is a leading legal practice claiming to have the best criminal defense lawyers. It has its offices across the northwest, Midlands, and southern England. However, its cybersecurity policy did not comply with GDPR requirements and enabled adversaries to get into its network and steal sensitive information on several court cases. Because of this noncompliance with GDPR requirements, the Information Commissioner’s Office (ICO) has fined Tuckers Solicitors £98,000.
The UK data protection regulator reported that the adversaries could access the firm’s network owing to a vulnerability that remained unpatched for five months. This negligence helped the attackers to encrypt around 1 million files stored on an archive server. Tuckers Solicitors said that the compromised data includes names and addresses of witnesses and victims, crimes committed by involved individuals, witness statements, and medical files. Sixty court bundles were exfiltrated by the attackers and published on the dark web.
The ICO reported that if Tuckers Solicitors had enabled MFA for remote access and implemented a faster incident response strategy after being warned by the National Cyber Security Center (NCSC) of exploitations in the wild, this attack could have been prevented.
Hackuity Raises $13.2 Million Investment
The Lyon-based vulnerability management platform Hackuity recently emerged from stealth mode with a $13.2 million investment. This increases the company’s total funding collection to $17.2 million. The present Investment was facilitated by the Series A funding led by Sonae IM, where previous investor Caisse des Dépôts actively participated. Founded in 2018, Hackuity aims to assist cybersecurity teams in identifying, resolving, and prioritizing security vulnerabilities before adversaries have a chance to exploit them.
Hackuity has a unique way of dealing with vulnerabilities wherein it tries to aggregate all customer data exposed via third parties into a single place. This is done because the process helps get a complete picture of their security posture. It uses advanced analytics and machine learning to secure a client’s environment and infrastructure. Since its inception, Hackuity has constantly expanded its customer base and even set up offices in Paris and Singapore. The Investment shall be used in its go-to-market strategy and maintain a fast development rate.
Sioux Falls City Council Extends $10M Appropriation To DSU.
The Sioux Falls City Council recently awarded the Dakota State University (DSU) cybersecurity lab a $10 million appropriation. This funding will bring around 650 new jobs to the Madison and Sioux Falls areas. Approved by a unanimous vote, the DSU funding shall be used in the $90m Applied Research Lab (ARL) project, which was first disclosed on 26th January 2022. The primary objective of the ARL project is to prevent cybersecurity graduates from moving out of South Dakota seeking employment opportunities. These graduates will now be able to perform highly specialized work at the DSU lab.
DSU president José-Marie Griffiths hopes that the ARL project will become a cybersecurity hub for the Midwest where national security and defense are supported. A five-year plan has been laid out for the project, with umpteen opportunities for Madison and Sioux Falls. South Dakota businessman and philanthropist T. Denny Sanford has agreed to supply $50m over the next five years to aid the facility’s construction. This facility will be used to expand DSU-ARL in Sioux Falls and is likely to be completed in 2025.
In her fiduciary year 2023 budget request, South Dakota Governor Kristi Noem has provided an additional $30m in state funding for the ARL lab. If approved, this funding will be utilized to introduce the governor’s Cyber Academy statewide in all high schools and double the number of graduates enrolled in The Beacom College in Madison per year. With these fundings as the base, a new nonprofit corporation will be established in Sioux Falls, which shall appoint DSU-ARL staff and run summer cybersecurity boot camps for students from universities within South Dakota.
Cowbell Cyber Gathers $100 Million In Series B Funding
The California-based cyber insurance provider Cowbell Cyber recently announced that it could secure $100 million in Series B funding. Cowbell had previously raised $23.6 million, and the latest investment round (led by Anthemis Group) witnessed participation by all its previous investors. Other investors include Permira, NYCA Partners, Viola Fintech, and PruVen Capital.
The funding will improve go-to-market expansion, claims management, and risk engineering capabilities. Since its inception in 2019, Cowbell Cyber has been offering AI-assisted cybersecurity services to small and medium businesses (SMBs) and helped over 23 million businesses. It claims to have the US’s largest cyber insurance distribution network, with actuarial models, artificial intelligence, and continuous assessment for policy customization as its primary techniques. Cowbell launched its cyber insurance captive – Cowbell Re earlier this year. Cowbell Re aims to meet the increasing cybersecurity demands and help policyholders protect themselves.