A Review of the Best News of the Week on Cybersecurity Management & Strategy

Business Email Compromise Costs Businesses More Than Ransomware (Dark Reading, Apr 21 2021)
Ransomware gets the headlines, but business paid out $1.8 billion last year to resolve BEC issues, according to an FBI report.

REvil seeks to extort Apple and hits supplier with $50 million ransom (SC Media, Apr 21 2021)
REvil – which has been on a tear the past several weeks – wants Apple to pay an undisclosed ransom by May 1 to “buy back” 15 stolen schematics of unreleased MacBooks and gigabytes of personal data on several major Apple brands they obtained from Quanta.

The Incredible Rise of North Korea’s Hacking Army (The New Yorker, Apr 19 2021)
The country’s cyber forces have raked in billions of dollars for the regime by pulling off schemes ranging from A.T.M. heists to cryptocurrency thefts. Can they be stopped?

Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Note to Self: Create Non-Exhaustive List of Competitors (Krebs on Security, Apr 20 2021)
What was the best news you heard so far this month? Mine was learning that KrebsOnSecurity is listed as a restricted competitor by Gartner Inc. [NYSE:IT] — a $4 billion technology goliath whose analyst reports can move markets and shape the IT industry.

Facebook Catches Palestinian Hackers Targeting Users with Malware (VICE, Apr 21 2021)
Facebook caught two groups of hackers, one of which may be working for Hamas, targeting politicians and human rights activists in the region. Hackers were using Android, iOS, and Windows malware.

New chief of Carnegie Mellon’s CERT: Feds needs to do better with info sharing (SC Media, Apr 22 2021)
Rather than limit focus to indicators of compromise, CERT’s new director, Greg Touhill said government needs "to do a better job of making sure that what information we share has contextual elements, and is timely.

CISO’s guide to automating third-party cyber risk management (Help Net Security, Apr 20 2021)
With increasing dependence on third parties in today’s interconnected world, vendor security risk assessments are more essential than ever. Failing to do them may result in hefty regulatory fines, legal fees, lost business and reputational damage.

Why CISOs at gaming companies need to reimagine security (SC Media, Apr 21 2021)
The hack of Words with Friends in 2019 was high-profile, but today’s columnist, Yuval Elddad of CYE, says CISOs at all gaming companies have to take a closer look at the growing threats to online gaming platforms.

With details sparse, vendors scramble to make sense of Biden 100-day grid security plan (SC Media, Apr 20 2021)
“That can sound like they’re incompetent. They aren’t,” he said. “If you actually look at all the frameworks and best practices and NIST and NERC [standards], and advisories from DHS and ICS CERT, everything is prevention. Application security, whitelisting, firewalls, authentication, antivirus, segmentation — everything [critical infrastructure companies] have been told to do is prevention.”

Japan Says Chinese Military Likely Behind Cyberattacks (SecurityWeek, Apr 20 2021)
Tokyo police are investigating cyberattacks on about 200 Japanese companies and research organizations, including the country’s space agency, by a hacking group believed to be linked to the Chinese military, the government said Tuesday.

University Suspends Project After Researchers Submitted Vulnerable Linux Patches (Dark Reading, Apr 22 2021)
A Linux maintainer pledges to stop taking code submissions from the University of Minnesota after a research team purposely submitted vulnerabilities to show software supply chain weaknesses.

67% of IT pros concerned with teleworking endpoint misuse (Help Net Security, Apr 22 2021)
43.13% of workers will stay remote after the pandemic ends and two out of three IT professionals are concerned with teleworking endpoint misuse, a new Prey study reveals. The report examines the remote work challenges generated by the pandemic year and the number of people working from home far from corporate environments, on insecure networks, in many cases sharing with other unsafe devices in their homes.

Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches (Help Net Security, Apr 22 2021)
CISOs face a rising ‘security debt’ to secure their organizations against an increasing volume of attacks by well-armed criminals. Yet, despite going up against a criminal industry that enjoys advantages when it comes to speed and shared weaponry, CISOs and their teams report turning away increasing volume of attacks and preventing more of them from becoming breaches or compromises, according to a report from F-Secure.

Data Breach at New England’s Largest Energy Provider (Infosecurity Magazine, Apr 21 2021)
Misconfigured data storage folders expose data of Eversource

What IT leaders are prioritizing in network security investments? (Help Net Security, Apr 23 2021)
Distinct priorities have emerged when it comes to responding to the needs of IT security’s rapid transformation, a Pulse Media research has found. The survey of 239 cybersecurity leaders across the EMEA region uncovered the key investments organizations are making and the rationale behind their decisions.