The summer might be in full swing, but that doesn’t mean hackers are taking any vacations. Over this last month, we have seen a litany of developments in the realm of cybersecurity – ranging from a data breach in a New Jersey school, to the G7 announcing tighter security regulations. Here’s a quick recap of some of the most important cybersecurity stories of June 2024.
The G7 Moves to Increase Cybersecurity
G7 nations have agreed to develop a collective cybersecurity framework for specifically operational technologies in energy systems, targeting manufacturers and operators. Announced by US National Security Advisor Jake Sullivan at the G7 Leaders’ Summit in Apuliu on June 18, the framework aims to enhance the cybersecurity of the global supply chain for technologies used in electricity, oil, and natural gas systems. Sullivan stressed the need to secure new digital clean energy technologies against cyber-attacks to prevent service disruptions. The G7 includes Canada, France, Germany, Italy, Japan, the UK, and the US.
Coinciding with the G7 announcement, the US Department of Energy (DOE) released new Supply Chain Cybersecurity Principles. These principles provide foundational actions and approaches for robust cybersecurity across global supply chains for energy automation and industrial control systems (ICS), emphasizing the complexity of energy ICS with numerous subcomponents from global suppliers. Security is a shared responsibility among engineers, manufacturers, integrators, service providers, and system operators.
The principles condense international cybersecurity regulations into 20 high-level objectives for supply chain cybersecurity, including secure development, lifecycle support, and proactive vulnerability management. Supported by prominent suppliers like GE Vernova, Schneider Electric, Hitachi Energy, and Siemens, the G7 agreement builds on US efforts to strengthen supply chains critical to economic and national security. On June 14, 2024, President Joe Biden issued an Executive Order establishing the White House Council on Supply Chain Resilience, reinforcing the focus on long-term supply chain resilience, a key component of the US National Cybersecurity Strategy published in March 2023.
Cyber-Breach Impacts New Jersey Schools
Names, social security numbers, dates of birth, financial information, and medical and health insurance information of Shore Regional High School District students may have been exposed in a cyber-attack last year. The Monmouth County school district reported the breach occurred around April 13, 2023, prompting an extensive forensic investigation and manual document review. On March 28, 2024, the district concluded that some files containing personal information might have been removed by unauthorized individuals. Notification letters were sent to potentially affected students, detailing the incident and providing resources to protect their information. Shore Regional High School District, located in West Long Branch, has 573 students in grades 9-12.
Cyber-attacks are increasingly common and costly for local governments, medical centers, and small businesses across the U.S. Earlier this year, Freehold Township canceled school due to a cybersecurity event, and in 2022, Tenafly Public Schools had to cancel some final exams after a similar attack. Under a new law signed by Gov. Phil Murphy, state agencies and organizations like schools must report cyber-attacks directly to the homeland security office. Shore Regional High School District is offering complimentary identity monitoring and protection services for individuals whose social security numbers were involved in the incident. Potentially affected students or anyone with further questions can contact 888-387-8750, available Monday through Friday from 9 a.m. to 7 p.m., excluding holidays.
New Malware Targets Chrome Users
Cyber experts have issued warnings about a highly sophisticated malware that is masquerading as Google Chrome and Microsoft programs, posing a significant threat to Microsoft device owners. The hacking campaign, flagged by cybersecurity firm Proofpoint since March, highlights the evolving tactics of cybercriminals devising varied and creative attack chains.
Recent observations by Proofpoint have indicated a surge in the distribution of this malware, which promotes fake updates within internet browsers like Chrome and mimics programs such as Microsoft Word. Victims are duped into downloading harmful code, granting the malware access to sensitive data including cryptocurrencies and personal information through a Trojan horse type attack. The attackers use tactics like fake update prompts on compromised websites and techniques resembling phishing attacks, with emails containing HTML files that mimic Microsoft Word and urge users to open PowerShell and copy malicious code.
This extensive campaign, involving over 100,000 messages and targeting thousands of organizations globally, even replicated Microsoft’s cloud storage platform – OneDrive. The sophistication of the fake error messages, providing both the problem and a solution to prompt immediate action, underscores the complexity of the software.
It’s crucial for users to remember that legitimate browsers and programs like Chrome and Word will never prompt them to manually input code into another application for basic functions.
What is Quishing?
There’s a new scam on the rise known as quishing, a term derived from QR code phishing, designed to trick users into giving up their personal information such as Social Security numbers, usernames, passwords, birthdates, and credit/debit card details. Scammers, perpetually innovating their methods to extract money from unsuspecting victims, employ various tactics. They distribute QR codes via email, text messages, or display them prominently in public places to lure individuals into scanning them. Once scanned, these QR codes redirect users to fraudulent websites impersonating reputable organizations like banks or government agencies. Victims are prompted to enter personal details, exposing them to identity theft and financial fraud. To protect against falling victim to quishing, it is essential to verify the source of QR codes before scanning, exercise caution with unsolicited QR codes from emails or public spaces, refrain from scanning unexpected codes demanding urgent actions, report suspicious activities to the relevant organizations, safeguard personal information diligently, and utilize carrier services to block spam messages effectively.
Contact the Experts Today
Staying on top of cyberthreats can be an overwhelming ask for a business of any size. Fortunately, when working with SWK, you don’t have to. Contact SWK today and get access to a team of cybersecurity experts who make staying ahead of cyber related news and events their job. Preventing an attack could mean the difference between a significant financial loss or operating at full capacity.