Another week, another dizzying array of headlines in cybersecurity. Our field is marked by so many shocking discoveries and bizarre twists we could be mistaken for a soap opera if the situation didn’t appear so dire (or if we had more inexplicable bouts of amnesia).
Consider this article an update on all the biggest headlines of the past few days, with some reflections on what it all could mean for cybersecurity in the future.
Tesla, Los Angeles Times Servers Hacked, Used to Mine Cryptocurrency
Last week we wrote about cryptojacking—the practice by which victim servers are used to mine cryptocurrency against their will. That proved prophetic with the revelation that automotive and solar panel manufacturer Tesla had one of their cloud servers cryptojacked. The server in question, a Kubernetes administration console, was public and did not have any form of password protection, making it easy to infiltrate. Digital security company Redlock discovered the problem and alerted Tesla.
Meanwhile, a similar cryptojacking attack occurred on the Los Angeles Times Homicide Report page, operating at such a low capacity that it went unnoticed for (possibly) weeks.
Takeaway: Our colleagues explored the details about the Tesla hack already. but the biggest takeaway we found is that digital hygiene best practices are not givens. Even a billion dollar company or a major newspaper can become careless if they don’t practice due diligence. Never assume your enterprise is safe online; your cybersecurity team should be constantly evaluating your perimeter, monitoring for any signs of penetration, and working with your solutions provider to investigate security incidents. Furthermore, your team needs to know what assets are where and who has access to them so as to ensure they receive the same treatment.
Also, and this should go without saying, make sure your servers and networks have adequate authentication protocols.
SEC Releases New Cybersecurity Guidelines
The U.S. Security and Exchange Commission (SEC) issued a new guidance demanding public companies to be more forthcoming about disclosing their cybersecurity breaches and risks. The guidance:
- Serves as a prevailing interpretation of existing federal securities laws and therefore will influence how those laws are enforced.
- Is the first expansion of the cybersecurity guidance originally issued in 2011.
- Prevents executives from selling shares when important cybersecurity information, such as a breach, hasn’t been disclosed to the public.
- Prevents companies from claiming an “ongoing investigation” as an excuse to delay informing the public of a breach.
The guidance was voted in unanimously by the SEC board, which is nonpartisan.
Takeaway: The update to the guidance parameters is an indication of just how serious cybersecurity is becoming to the economic world, and how much more seriously enterprises need to view their own security policies. Both Equifax and Intel’s cybersecurity disclosures have been coupled with suspicions of executives selling shares beforehand; that kind of practice shows a wild disregard for consumers that may come back to hurt their reputations and bottom lines in the future. Treat public disclosure as an essential component of any incident response plan your enterprise create so you can be in full compliance with the SEC guidance.
Intel Ships New Spectre Patch
Microprocessor manufacturer Intel announced a new patch for the Spectre speculative execution flaw. The patch only applies to devices 2015 and newer. Others will have to wait for patches from their computer manufacturer.
Takeaway: Another part of the Spectre saga. Given the history of previous patches it’s hard not to be cynical about how this one might turn out, especially if a hardware replacement is the only real solution. Keep an eye on your processing speed if you have a patched device, and be sure to alert Intel if you experience more system crashes than usual.
- Best Books for Defending the Digital Perimeter - September 14, 2021
- Apple Vulnerability Places All of Apple iOS at Risk - September 14, 2021
- CrowdStrike Releases 2021 Threat Hunting Report from Falcon OverWatch - September 13, 2021