Latest Cybersecurity News 2023-01-16 Edition

ISA Cybersecurity Weekly CyberNews

Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news

Weekly CyberTip: Lessons learned from the LastPass breach

In an report by the North Carolina Bar Association, legal and cyber experts weigh in with an excellent, unbiased analysis of the recent LastPass data breach: what happened, what was stolen, and the options for customers who may now have password vaults (albeit still encrypted) in criminal hands. If you are a LastPass customer, have you assessed how to respond to the incident? If you do not use LastPass, but you are using – or considering – a password locker, what lessons can you take from the breach? Either way, review this article. There are many takeaways, not the least of which is that it is essential for the “master” password for any password locker must be protected with strength and length. In the event that there is another vault breach like the LastPass incident, this may be the only factor buying you time before you can change your credentials.

U.K.’s Royal Mail international services still down after cyber attack

Another high-profile cyber attack against an essential service took place on January 11, with the news that the U.K.’s Royal Mail had experienced a cyber incident affecting international export services.


In updates posted January 14-15, Royal Mail confirmed that they are “temporarily unable to despatch items to overseas destinations,” and urged customers to hold off on mailing items destined abroad until further notice in order to avoid backlogs and further service delays.


Domestic services are unaffected, and Royal Mail’s “import operations continue to perform a full service, with some minor delays. Parcelforce Worldwide export services are still operating to all international destinations though customers should expect delays of one to two days,” according to the latest update.


The LockBit ransomware gang is believed to be responsible for the attack, according to a report by the BBC. Royal Mail has reportedly received ransom notes that appeared digitally and where auto-printed on network printers in various Royal Mail offices; these messages allege that data has been “stolen and encrypted”.  Royal Mail has not confirmed the nature of the attack, only advising that they are working with third parties around the clock to investigate the matter.


The UK’s National Cyber Security Centre issued a terse statement on January 11 confirming their co-operation with Royal Mail in the investigation: “We are aware of an incident affecting Royal Mail Ltd and are working with the company, alongside the National Crime Agency, to fully understand the impact.”


Royal Mail was privatized in 2011 after centuries as a government entity.

UK Royal Mail

Report: Education/Research, Government, and Healthcare most attacked industries in 2022

Researchers from Check Point have issued a year-end analysis of 2022 cyber attack trends.


The report suggests that the global volume of cyberattacks reached an all-time high in Q4/2022, with an average of 1168 weekly attacks per organization; over-all, global attacks were up 38% in 2022 over 2021. In North America specifically, the numbers were even more stark, with a 52% increase in attacks in 2022 over 2021.


The top three industries under attack were reportedly education/research, government, and healthcare. Education/research was the single-most targeted sector, experiencing a 43% increase in 2022 over the previous year.


Two trends were identified as potential causes of the dramatic rise in cyber attacks:

  • a growing and evolving ransomware ecosystem, with “smaller, more agile criminal groups that form to evade law enforcement”; and
  • hackers are expanding their targets within the enterprise, attacking “business collaboration tools such as Slack, Teams, OneDrive and Google Drive with phishing exploits”

LCBO issues statement regarding cybersecurity incident and response

On January 12, the Liquor Control Board of Ontario (LCBO) issued a press release announcing that they had experienced a “cybersecurity incident, affecting online sales through”.


The statement advises that a threat actor had compromised an LCBO website designed to obtain customer information at checkout. Customers that provided personal information on the site between “January 5, 2023, and January 10, 2023, may have had their information compromised. This could include names, email and mailing addresses, Aeroplan numbers, account password, and credit card information,” according to the statement.


The LCBO website and mobile app are now fully operational after “a thorough review and testing,” and “enhanced security and monitoring measures” are now in place.

LCBO cybersecurity incident

Opinion: Why are there more cyber attacks lately?

In interviews with representatives from Check Point and the Toronto Metropolitan University (TMU), a Canadian Press opinion piece offers possible explanations for the rise in cyber attacks in recent months.


Robert Falzon, head of engineering at Check Point Canada, is “absolutely” certain that there are more cyber attacks, pointing the finger at the ready availability of tools and techniques to mobilize hackers quickly and easily.


Meanwhile, Charles Finlay, executive director of the Rogers Cybersecure Catalyst Centre at TMU feels the root cause of the rise in hacking activity is, quite simply, profit. Cyber crime is a multi-billion dollar industry annually, so individual threat actors right up to state-sponsor crime syndicates are looking for a slice of the pie.


The interviews also confirm that today’s criminals are indiscriminate, targeting any organization they feel may be susceptible to attack; or are working in volume by sending out thousands of phishing emails in the hopes of successfully breaching a few victims.


Read the full Canadian Press article, as quoted by CityNews in Ottawa.

Related Articles

Cookie Notice
We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. If you continue to use this site, you consent to our use of cookies.

Technology Partners

Thanks for reaching out, we’d love to hear from you. Fill out the form below and we’ll get back.

Become an Infinity Partner

Thank you for reaching out, we’d love to hear from you. Fill out the form below and we’ll get back to you within one business day.