SWK’s Cybersecurity News Recap for May through June 2022 includes a complex – and occasionally eclectic – collection of local, national and international stories from the recent news cycle that all cover various aspects of where the state of infosec stands halfway through the year. In the below, we will go over some of the most critical regulation, vulnerabilities and attacks seen over recent months and how they can impact your cybersecurity going forward.
CISA May & June 2022 Updates
For those unaware, the Cybersecurity and Infrastructure Security Agency (CISA) is a federal agency under the DHS (Department of Homeland Security) that is the de facto government body overseeing national cybersecurity under the auspices of its parent agency. With the Biden administration’s simultaneous focus on network security in the public sector and enforcing protections among critical infrastructure industries, CISA is increasingly responsible for monitoring and alerting the American public of pending cyber threats.
CIRCIA 2022 Reporting Rules Revealed
The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022 passed in March of the same year as a landmark legislation that would require every business in an industry providing critical infrastructure services – which includes financial services, healthcare and others – to report a cyber incident within 72 hours. CISA has released several rule proposals that signal which requirements and what steps organizations will need to take when reporting an incident as of March 2024.
China-backed Cyber Attacks
A joint alert released by both CISA and the FBI warned the public of ongoing malicious activity by hackers sponsored by the People’s Republic of China (PRC) found targeting uncovered common vulnerabilities and exposures (CVEs). The release noted that the bad actors involved have been noted to have been observed exploiting these and similar CVEs since at least 2020, when state-sponsored cyber spies from both China and Russia were found to have infiltrated US government systems.
CISA Vulnerability Alerts
CISA released multiple alerts between May and June 2022 on critical vulnerabilities found being actively exploited in various sectors and channels, with various types of software and hardware products discovered to be affected, putting whole application stacks and often entire device supply chains at risk.
State Cybersecurity News June 2022
Network security initiatives and support at the state and municipal level has been a constant topic of discussion as the federal government slowly ramps up a response to the growing cyber crisis. SWK’s home port of New Jersey also has seen its fair share of cybersecurity news in recent months, with new updates on the fallout from cyber attacks and response throughout 2022.
Joint Programs
Several state governments, both individually and as part of collaborative efforts, have launched their own security education, intelligence-sharing and counter-response programs in their jurisdictions. Some of these are new initiatives like New York’s Joint Security Operations Center (JSOC), while others are expanding upon pre-existing efforts in reaction to mounting cybercrime activity.
NJ Cyber Attacks (& Lawsuits)
The state of New Jersey has experienced frequent cyber attack attacks in both the private and public sectors, with May 2022 being no different. Yet another municipality and state government were breached this year, in addition to two local businesses facing the consequences of exposing data in what seems like a repeat of previous episodes. Here are a few top cybersecurity stories from the Garden State:
- The Tenafly school district had to cancel June final exams after ransomware infection knocked out their computers
- A ransomware breach took down Somerset County’s email system and potentially exposed resident’s voting information
- The township of East Windsor offers identify theft services for those affected by a hack that exposed data of 900 residents
- A recruiting firm in North Brunswick was reported after their candidate database was discovered open to outside access
- Real estate company seeks to reopen a lawsuit against a NJ bank for failure to prevent them being defrauded of $1.4 million
Ransomware June 2022 Updates
Ransomware continues to grow as an existential threat to governments and businesses around the world, both from the costs and the severity of the impacts they cause, the latter of which is directly influencing new regulations. Here is a quick update on the ransomware news as of June 2022:
Attack Rates Rise Yet Again
Cyber extortion has risen steadily year over year (YoY), and despite many efforts to curtail the impact of those attacks, the rates are still growing. Even as the pace has picked up, the effects and sheer boldness of many attacks – and their perpetrators – has noticeably expanded as well, with such a wide range of victims in private and public sectors that it appears as if no one is safe.
Increasing Boldness of Attackers
The effective shutdown of Costa Rica’s computer systems by the Conti gang – which was supposed to have shut itself down previously – was an unprecedented incident and signaled the start of yet another new era of cyber extortion. Despite a similar resignation of the DarkSide gang and ostensible dismantling of the notorious REvil, the top syndicates are still claiming victim after victim with new players constantly entering the scene. This is likely less a reflection of skill than of the ease of entry into this ecosystem, as well as for deployment of open toolkits, as demonstrated by the appearance of groups like “GoodWill.”
Cyber War News – June 2022
As the Russian ground invasion of Ukraine continues, so too does the clandestine cyber war between both parties and allies. Actions in cyberspace have remained relatively quiet, and/or short-lived, compared to the worst-case predictions made before the situation escalated into open conflict, though the biggest story continues to be the tension between Russia and nations involved by proxy.
Ukrainian Cyber Resilience
Despite the disparity in scope between the devastation experts predicted in the digital space and how many gains Russia has actually shown (and losses they have taken), the factor that is easy to overlook is the considerable efforts by Ukraine and volunteers abroad. The country had been a victim of persistent cyber attacks for almost a decade beforehand, all suspected to be orchestrated by Russia, and so were prepared for attempts like the initial malware wave and subsequent DDoS attacks.
Russian Disorganization
On the other side of the Ukrainians’ cyber counterattack is the lack of apparent organization on the Russian side, echoing similar circumstances seen with their ground forces. Observers have noted that it seems that the poor communication in the frontline military is suffering from looks to be systematic enough that it has spread to coordination with any cyber warfare strategies Russia made have had.
Chinese Involvement in Ukraine
What complicates the situation in Ukraine even further is the amount of parties involved by proxy, including China, which has both joined Russia’s continued open threats of retaliation over the cyber war and shown signs of infiltrating Ukrainian systems. However, in May 2022, Chinese hackers were caught using spoofed emails with messaging on geopolitical topics to spy on Russian defense and space agency officials while they were distracted by the war, so even this alliance is fraught with intrigue.
NFT Hacking Grows
Whatever your stance on the viability of non-fungible tokens (NFTs) as a medium of value, there is no denying that they have generated considerable capital flows from those who are investing, and this has inevitably attracted the attention of cybercriminals. Just as with the increasing number of cyber attacks against cryptocurrency exchanges, hackers are actively pursing ways to gain access to NFTs and ultimately steal them.
Phishing for Tokens & Transactions
The incident with actor Seth Green highlights the susceptibility of many collectors and investors face when targeted by scammers seeking to break into their digital wallet, and how expensive and complicated the aftermath can become. There are a few different methods, but most revolve around some form of tried and true phishing techniques that get the victim to drop their guard and take an action that will grant access to the token. In Green’s case, he at least was able to negotiate with the final holder (who claims to have bought it “fair and square” from an unnamed party) of just one of his stolen NFTs for a price close to the whole collection’s value – many victims will lose thousands to millions with no restitution.
NFT Used to Serve Lawsuit to Hacker Suspect
In a strange variation within an already esoteric market, a law firm served a restraining order to a suspected hacker who had defrauded their client via a NFT (a “service token”) that was air dropped to the defendant. It was the first move of its kind and could create all kinds of legal and business precedents for the new Web3 world.
Get More Cybersecurity News from June 2022
2022 is proving to be a busy year for cybersecurity news, and there are new stories to watch out for almost every day, many with serious implications for how businesses like yours will need to adjust your cyber hygiene. SWK Technologies will help you stay on top of the latest developments and let you know what you need to do to protected yourself against modern cyber threats.
Contact SWK today to get more updates on the most important cybersecurity news from June 2022 and stay informed of developing situations that could impact your company’s network security practices.
Learn More About the Latest Cybersecurity News