Change can be difficult.
Packt SecPro is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
Recently, we announced that our premium _secpro subscribers—that is, you—will be getting something a little different. We’re switching up the way we approach our education outreach to help you get the regular news in the normal weekly issues and then something extra in our monthly rollouts. And that will include a letter from the Editor, which will go something a little like this…
A month is a long time in cybersecurity. For those of us gifted with the memory of the Log4Shell fallout (exploding, as all these things do, at closing time on a Friday afternoon), we know that a cataclysmic security problem can sometimes actually become known, diagnosed, and remediated in the course of a busy weekend. Sometimes, these things can take weeks and weeks to even get the first real understanding of what is going wrong—such as with the recent calamity that shut down airlines, businesses, and everything in between internationally. Cybersecurity is always a difficult game, it seems, even before we figure out the rules of the particular game we have to play.
With political tensions warming up in America and continuing military conflicts in both Israel and Ukraine, our team has noticed that cyberspace continues to seem like a mirror image of the ongoing aggression on the ground (whether in rhetoric or in war). Take a look at some of these notable cybersecurity concerns from September:
RansomHub ransomware group listed Planned Parenthood on its Tor-based leak site, threatening to leak 93GB of data supposedly exfiltrated from the nonprofit organization.
DNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. Starting in October, threat actors leaked data profiles belonging to 4.1 million individuals in the United Kingdom and 1 million Ashkenazi Jews on the unofficial 23andMe subreddit and hacking forums like BreachForums. 23andMe said in December that data for 6.9 million customers, including information on 6.4 million U.S. residents, was downloaded in the breach.
Lehigh Valley Health Network has agreed to a $65 million settlement in a class action suit tied to a massive data leak, including the publication of images of 600 nude cancer patients. The lawsuit, filed in March 2023, followed the discovery that LVHN data security allowed a hacker to break into its systems and obtain personal data on at least 134,000 people, including cancer patients. The proposed settlement was announced by plaintiffs' lawyer Patrick Howard as he said the nude images and other data were posted to the dark web by BlackCat after LVHN declined to pay the ransom.
Politically motivated hackers linked to Russia and Belarus are targeting the Latvian government and critical infrastructure websites in a new wave of cyber attacks, according to Latvian cybersecurity officials. The goal of the attacks was to disrupt access to websites rather than to steal sensitive data, said Baiba Kaskina, head of the Latvian сomputer emergency response team (CERT).
Sweden’s domestic intelligence agency announced that hackers acting on behalf of the Iranian government were behind a cyberattack last year aimed at provoking divisions in the country following a stunt by a far-right political figure.
It’s concerning stuff, to say the very least. And while the political and geopolitical implications of this job might sometimes fly over our heads, it can be enlightening to remember the context that we operate and write in—one with political implications for people all over the world. Look back over the standard issues of the _secpro as well: how many times have we seen nation state (or, at least, suspected nation state) action over the last month? The last year? Since we started working? Everything we touch seems to be dripping in political context and political implication.
But, we’ll leave you without a moralizing scold to tell you how you view the world around you. We’re just trying to make sure that you have what it is necessary to do your job as well as the knowledge it takes to contextualize and understand the work you do against its political backdrop. For a step towards that, check out our premium resources for this month and kick back for a few hours. We can get back to the political stuff when we clock back in tomorrow, right?
This Month’s Podcasts
Got a question for our experts? Soledad and Shane are kindly taking questions relate to the podcast episodes, their books, and life in cybersecurity in general. Simply respond to this email or leave a comment with your problems, wonderings, and anything else in between and we’ll pass them along.
This Month’s Templates
Ransomware Crisis Protocol
In an increasingly digital world, ransomware attacks pose significant threats to organizations, compromising sensitive data and disrupting operations. This Ransomware Crisis Protocol outlines the procedures our organization follows to prepare for, respond to, and recover from ransomware incidents. By adhering to these protocols, we aim to minimize the impact of such attacks and protect our critical assets.
Cybersecurity Disaster Recovery
Organizations of all sizes face the risk of cyberattacks, data breaches, and system failures, which can have catastrophic consequences. A comprehensive disaster recovery protocol is essential to minimize the damage, restore operations, and protect sensitive information.
For our premium subscribers, we’re offering up a free Packt book to help you on your journey to success. Reply to this email to get your free book.