Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news
Weekly CyberTip: Check your phone permissions on photos and videos
If you use your smartphone to take or save images of sensitive documents or materials, don’t forget that more apps than just your photo album may have access to those pictures. If you have given other apps permissions to access your photos, you may be at risk of unknowingly disclosing private or sensitive information about yourself or others. If you are concerned, check the permission settings on your phone, and restrict access unless it’s necessary. On iOS devices, Go to Settings -> Privacy & Security – > Photos -> Check which apps have access to your photo album -> Toggle the access as appropriate. On Android devices, go to Settings -> Privacy -> Permission Manager, then adjust access as appropriate.
FBI’s New York field office hit by cyber attack
According to a February 17 report by CNN, the U.S. Federal Bureau of Investigation (FBI) is investigating malicious cyber activity on the agency’s network. In a statement to CNN, the law enforcement agency said that it is in the process of determining the full scope and impact of the incident. The incident reportedly involved the FBI’s New York City branch, one of the agency’s largest and highest profile of its 56 field offices.
The FBI declined to confirm any further details on the matter: “The FBI is aware of the incident and is working to gain additional information… This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”
Indigo e-commerce facilities still unavailable nearly two weeks after cyber incident
On February 17, Indigo Books & Music Inc. announced the launch of a “view-only” website as a temporary measure while investigation continues into a cyber incident first detected by the bookseller on February 8.
The announcement came as Indigo has been updating its customers via social media and direct email. While the retailer is once again able to accept payment cards in its physical locations, the Indigo website and mobile app have been modified to operate solely as “shop in store, window-shop online” portals until online transactions can safely be processed. No account logins, personal account information, or online purchase facilities are available on either the web or the app.
Indigo has sought to reassure customers concerned about the security of their data: “Customer credit and debit card information was not compromised by the recent cybersecurity incident. We do not store full credit card or debit card numbers in our systems,” according to the FAQ section of the modified Indigo website. “At this time, we can share that our investigation has found no indication that customer data was compromised by the recent cybersecurity incident. The security and integrity of your data is our top priority. If at any point in the future we determine that personal data has been compromised, we commit to contacting those impacted directly.”
Meanwhile, The Office of the Privacy Commissioner of Canada has said it’s aware of the Indigo cybersecurity incident and is in communication with the organization “in order to obtain more information, including a formal breach report, and to determine next steps.”
Check Point releases 2023 Cyber Security Report
Check Point Research (CPR) has published a new report summarizing the past year in cybersecurity. The 2023 Cyber Security Report “gives a detailed synopsis of the cyber-threat landscape and provides practical take-aways and recommendations to security professionals on how to prevent the next attack.”
According to the report, the number of cyber attacks rose by 38% in 2022 over 2021, with an average of 1,168 weekly attacks per organization in the study.
An interactive online report, the 2023 Cyber Security Report presents a timeline of key cyber events in the previous year, identifies key trends in cyber (like the shifting focus from encryption to data extortion and third-party threats from the cloud), key vulnerabilities to be addressed, insights for CISOs, and more.
Google/Mandiant issue new cybersecurity trends report
As we approach one full year since the Russian invasion of Ukraine, Google and Mandiant have issued a new report outlining how the conflict has changed the world of cybersecurity.
Entitled “Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape,” the report “encompasses new findings, and retrospective insights, across government-backed attackers, information operations (IO) and cybercriminal ecosystem threat actors. It also includes threat actor deep dives focused on specific campaigns from 2022.”
The report focuses on three key findings:
- Russian government-backed attackers have engaged in an aggressive, multi-pronged effort to gain a decisive wartime advantage in cyberspace, often with mixed results.
- Moscow has leveraged the full spectrum of IO – from overt state-backed media to covert platforms and accounts – to shape public perception of the war.
- The invasion has triggered a notable shift in the Eastern European cybercriminal ecosystem that will likely have long term implications for both coordination between criminal groups and the scale of cybercrime worldwide.
The researchers also provide a forecast of what they assess with “a high degree of confidence” that the coming year will hold: they predict that Russian government-backed attackers will continue to conduct cyber attacks against Ukraine and NATO partners; and the foresee Moscow will increase disruptive and destructive attacks in response to developments on the battlefield that fundamentally shift the balance -real or perceived - towards Ukraine.