Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news
Weekly CyberTip: Watch out for fake job ads
Cyber criminals are aware of the hot job market in many sectors, and are exploiting these opportunities to attempt identity theft. Fake job postings are appearing with increasing frequency – even on reputable sites like LinkedIn. Some ads even spoof genuine ads, using similar graphics and copy, but linking you to a disreputable site. Watch for the red flags of a potentially bogus ad:
– awkward phrasing, poor spelling, and/or suspicious URL links in the advertisements;
– “too good to be true” salary and benefits;
– request for personal background information (e.g., driver’s license, passport, etc.) early in the hiring process; and
– requests for banking information or even funds transfers presented as recruitment or placement fees.
These may be indications that you are actually being “recruited” by a fraudster looking to gather your personal information to steal your identity online. Verify the opportunity through independent online sources, and report the advertisement if the posting seems suspicious.
Patch now – critical vulnerability identified in F5 BIG-IP appliances
F5 has released a patch for a critical vulnerability in its BIG-IP line of appliances that many organizations use as firewalls, load balancers, and network traffic inspection. The vulnerability could allow an unauthenticated attacker to execute arbitrary system commands, create and delete files, disable services, and serve as a pivot point for wider network compromise.
The vulnerability has been exploited in the wild, so users are urged to patch or isolate their systems as soon as possible.
F5 has provided remediation details for the vulnerability – tracked as CVE-2022-1388 – on its support page to help support customers in their patching efforts.
Ransomware attack, COVID challenges force closure of 157-year-old U.S. college
Lincoln College in central Illinois announced its closure on May 13, citing insurmountable financial challenges brought on by the COVID-19 pandemic and a devastating ransomware attack.
Already reeling from disruptions to operations, reduced enrolment, and the costs of COVID-related remote access technology and campus safety measures, Lincoln College was also a victim of a cyber attack in December 2021. According to a farewell message posted on its website, the attack “thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections. All systems required for recruitment, retention, and fundraising efforts were inoperable. Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester”. When it became clear that those financial arrangements were not forthcoming, the school made the difficult decision to cease operations.
Lincoln is located 35 miles northeast of Illinois state capital Springfield. The historically Black college was established in 1865 and named after President Abraham Lincoln just months before his assassination.
“Five Eyes” cyber intelligence partners issue alert for MSPs and their customers
In a press release and accompanying alert issued May 11, members of the so-called “Five Eyes” cyber intelligence partnership (representing Canada, Australia, New Zealand, the U.K., and the United States) warn managed service providers (MSPs) and their customers about increasing reports of malicious cyber activity targeting MSPs.
According to the release, the advisory “describes cybersecurity best practices for information and communications technology (ICT) services and functions, focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data. Organizations should implement these guidelines as appropriate to their unique environments, in accordance with their specific security needs, and in compliance with applicable regulations.”
“ISA Cybersecurity applauds the recommendations in the Five Eyes alert. We have taken the increased threat of state-sponsored attacks very seriously. We have been on heightened alert since the onset of the war in Ukraine, and have published guidance to help our customers improve their resilience as well,” said ISA Cybersecurity President & CEO Kevin Dawson. “Just as we do internally, we urge our customers to follow best practices for access control, multi-factor authentication, security hardening, and system monitoring and logging in their environments.”
The guidance in the May 11 alert was developed by a collaborative effort from cybersecurity teams at the United Kingdom National Cyber Security Centre (NCSC-UK), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), the United States’ Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI).
2022 on pace to be another record year for data breaches
In an analysis of Q1/2022 data, the Identity Theft Resource Center has reported that data breaches are up significantly over the same period in 2021.
Worse yet, according to Eva Velasquez, President & CEO of the Identity Theft Resource Center, Q1 typically represents the lowest number of data compromises reported each year. “The fact the number of breach events in Q1 represents a double-digit increase over the same time last year is another indicator that data compromises will continue to rise in 2022 after setting a new all-time high in 2021.”
Velasquez warned of “an alarming number of data breaches” due to highly complex and sophisticated cyberattacks. “It is vital everyone continues to practice good cyber hygiene – businesses and consumers – to help reduce the amount of personal information flowing into the hands of cyberthieves.”
The report indicated that cyber attacks were behind 92% of the data breaches reported in Q1, with phishing and ransomware representing the top two root causes for data compromise. Healthcare, financial services, manufacturing & utilities, and the professional services sectors had the most reported compromises in the first quarter.
