top of page

The CyberDiplomat Daily

Date: 30th May 2024




New TEDCO Study Outlines Steps for Developing Maryland's Cybersecurity Workforce


TEDCO, Maryland's technology economic engine, has released the "Cybersecurity Workforce Analysis and Study" to understand the current state of Maryland's cybersecurity workforce. The study found that only 33% of the demand for cybersecurity workforce is being met. The National Capital Region is the epicenter for cybersecurity talent but faces a significant talent gap. To address these challenges, the Cyber Maryland Program plans to develop a strategic plan focusing on expanding apprenticeships, internships, and cybersecurity education.



BBC cyber attack exposes details of 25,000 current and former staff


The personal data of more than 25,000 former and current BBC employees has been exposed in a cyber attack targeting the broadcaster’s pension scheme. Names, addresses, and National Insurance numbers were compromised after files containing personal details were stolen from a cloud data storage service. The breach has been reported to the Information Commissioner’s Office (ICO) and Pensions Regulator, and investigations are ongoing. No bank details, email addresses, usernames, or passwords were compromised, but members have been advised to remain vigilant for any unusual activity.



Veracode Research Reveals Government Applications at Heightened Risk of Cyber Attack: 59% Have Flaws Left Unfixed for More than a Year


Veracode's research shows that public sector organizations have more security debt in their applications compared to the private sector. This is a concerning finding, as security debt refers to unfixed flaws that have been present for over a year. The report emphasizes the need for organizations to prioritize addressing critical security debt with focused effort to achieve maximum risk reduction. Additionally, the research found that Java and .NET applications stand out as significant sources of security debt in the public sector.



Beyond The Factory Walls: How Manufacturers Can Build Their Cyber Defense


In today's corporate landscape, preparing for cybersecurity incidents like ransomware attacks and data breaches is a top priority. This is especially true given the high-profile incidents affecting institutions such as hospitals, government agencies, and private corporations. Manufacturers are particularly susceptible to such attacks and must prioritize safeguarding their online assets and customer data. By investing in robust security protocols, companies can enhance operational efficiency and resilience against cyber incidents. According to the FBI's Internet Crime Complaint Center 2023 report, critical manufacturing was the second most-targeted industry for ransomware attacks, making these organizations more appealing targets than even government facilities, financial services, and information technology companies. Weaknesses in any part of the supply chain can leave the company vulnerable. Additionally, manufacturing companies often possess valuable intellectual property, trade secrets, and sensitive data, making them attractive targets for cybercriminals.




Pakistani 'Transparent Tribe' APT Aims for Cross-Platform Impact


A cyber-espionage group called Transparent Tribe, linked to Pakistan, has expanded its use of legitimate software techniques to bypass cybersecurity defenses. The group historically targeted government agencies and defense firms in India, compromising Windows systems and Android devices. In its latest campaign, the group has shifted its focus to favoring Linux systems over Windows computers. Ismael Valenzuela, vice president of threat intelligence and research at cybersecurity firm BlackBerry, notes that the group's primary focus remains on India. The South Asia region has an active cyber-threat landscape, with various groups targeting nations such as Pakistan, Turkey, China, the US, and more. Transparent Tribe, also known as APT36 and Earth Karkaddan, has previously used romance scams to distribute the CapraRAT Android malware to target Indian government officials with information on the Kashmir region. Meanwhile, Pakistan has worked to improve its cybersecurity posture by allocating $18 million for cybersecurity research and adding $36 million to its budget to develop better technical cybersecurity capabilities. The Tribe has expanded its targets to include Linux. Their latest attacks involve cross-platform programming languages like Python, Golang, and Rust, enabling them to create programs for both Windows and Linux. They use ELF binaries to distribute a Python-based downloader, leading to a Linux-based exfiltration utility. The group has been targeting Linux systems for at least a year, using "desktop entry files" that mimic Microsoft Office documents. They employ email, compromised websites, and Google Drive to host files, and have also started using VoIP and instant messenger apps like Discord and Telegram. Additionally, they use ISO images to deliver a Python-based Telegram bot that attempts to compromise targets using Windows portable executable (PE) files.



General Dynamics IT secures $185M Air Force cyber contract


General Dynamics IT has officially been awarded a $185 million contract to provide cybersecurity services to the Air Force Civil Engineer Center. The contract was initially awarded to GDIT in January, but it was delayed due to a protest from Serco Inc., which raised concerns about the Air Force's evaluation of staffing plans. The Air Force subsequently re-evaluated proposals and made a new award. On May 17, GDIT announced that it had won the contract to extend its work with the center for another five years. This customer relationship began in 2018. With the protest phase now resolved, GDIT is now able to begin the work. The Air Force Civil Engineering Center oversees facility investment planning, design and construction, property management, and environmental compliance and restoration. GDIT will focus on developing new strategies to reduce cybersecurity risks to Air Force industrial control systems, which are used for building automation, life safety, utility monitoring, and airfield control functions.



Australia Says Engaging With Ticketmaster Over Hacking ‘Incident'


Australia's government announced on Thursday that its cyber security office is in contact with US group Ticketmaster after a hacking group claimed to have obtained the details of 560 million customers. The National Office of Cyber Security is working with Ticketmaster to understand the incident, according to a government spokesperson. The hacking group, known as ShinyHunters, posted evidence of the hack on the dark web and claimed to have stolen the personal details of 560 million clients. The group demanded a ransom payment of US$500,000, describing it as a "one-time sale". Ticketmaster, a California-based company, operates one of the largest online ticket sales platforms globally. Additionally, the US Department of Justice recently filed a major antitrust lawsuit to break up an alleged monopoly held by Live Nation Entertainment and its Ticketmaster subsidiary in the live music industry. Ticketmaster's pricing practices, characterized by high fees and a lack of alternatives, have long been a political issue in the United States, with little historical action taken to open up the market to more competition.



Chinese national among five held for operating mule bank accounts for cyber fraud in Noida


Police have revealed that mule accounts are used for depositing and transferring illegally obtained cash. To stay updated on India's general elections, use the HT App. According to Manish Mishra, additional deputy commissioner of police in Noida, a racket involving the bulk purchase of SIM cards was discovered. Five individuals, including a Chinese national, were arrested for duping people through social media. The gang used mule bank accounts to deposit defrauded money, and the suspects have been sent to judicial custody after an FIR was lodged at the Expressway police station.



FBI Pittsburgh's new special agent in charge discusses approach to fighting cyber threats


FBI Pittsburgh's new special agent in charge, Kevin Rojek, has 21 years of FBI experience, with a focus on cyber crimes. He emphasized cyber threats as a top concern for the area, targeting critical infrastructure, local government systems, schools, and businesses in Pittsburgh. Rojek also highlighted efforts to combat online crimes against children and the rise in sextortion. Additionally, he aims to address the issue of scammers defrauding community members, prioritizing cases with the most significant financial losses. Rojek encouraged everyone in the area to feel comfortable reporting any information to the FBI.




0 views0 comments

Recent Posts

See All

Comments


bottom of page