The US Senate approved a bipartisan, one trillion-dollar infrastructure package on Tuesday. In the bill includes not only money for broadband investments, but cybersecurity as well. There is money allocated for state and local governments to strengthen their defenses. There is also inclusion of the Cyber Response and Recovery Act, which authorizes the DHS secretary to declare a significant incident and access a fund to help address it. CISA was given money to invest in sector risk management, and DHS’s Science and Technology Directorate was given funding to invest in research. The bill also funds the White House national cyber director office.
A Congressional commission on looking at America’s cyber defenses does cite progress, as nearly 75% of the 82 recommendations made in the March 2020 report have been implemented. The report specifically calls out “our work is not yet done.”
A study looking at Microsoft 365 has identified that one in every four companies has suffered an email security breach. 62% are caused by compromised passwords and phishing attacks. 68% of companies expect Microsoft 365 to keep them safe from email threats, yet 50% use third-party solutions. Those organizations that use third-party solutions reported the lowest rate of email security breaches in comparison to organizations only using security packages offered by Microsoft 365. 82% of all respondents who use third-party email security solutions reported no breaches.
Microsoft has confirmed another Windows print spooler zero-day bug. The workaround – stopping and disabling the printer spooler service. And, that class of PrintNightmare exploits has been added to ransomware attacks. Crowdstrike has confirmed use of it in the wild. Microsoft has warned again about the BazaCall call center phishing and malware group, all about getting users to open emails. This warning focuses on fake copyright infringement notices.
The universal decryption key for REvil’s Kaseya attack has been leaked on hacker forums and is now in the wild. This is the universal decyptor for those impacted by the attack.
Google updated its Titan security key lineup – bringing NFC to all its keys, and removing Bluetooth.
And, Accenture has revealed it has been breached. The global consulting firm, who has been actively acquiring security companies and is a $45 billion dollar organization, was hit with LockBit, which prevents users from accessing systems until a payment is made. The attackers are threatening to release the company’s data.
Why do we care?
It’s easy to accept that if Accenture can get hit, anyone can. Don’t dismiss that they can afford it. The proportional impact is very different.
Are we in the moment of the changing of attitudes? Maybe – from the government, yes. From industry, I’m less convinced. I would absolutely love to be wrong here. Planning for the worst seems safer to me.