Cybersecurity News: ChatGPT Concerns for Cybersecurity, Cloud Security Trends
In this episode:
Clean Energy Accelerator Program
Updates on Healthcare Cyber Attacks
Cloud Security Trends
ChatGPT and Cybersecurity Concerns
Clean Energy Cybersecurity Accelerator Program
As attacks on critical infrastructure have increased around the globe, the US Department of Energy (DOE) and National Renewable Energy Laboratory (NREL) have opened applications for the second cohort of the Clean Energy Cybersecurity Accelerator program. The program aims to identify the most urgent security gaps in the modern electrical grid and expedite disruptive solutions to market. Cohort 2 will assess solutions that actively identify all industrial control system assets connected to a utility’s infrastructure, both physically and virtually, so that a utility can understand the totality of assets that need to be monitored and protected within the environment. The Cybersecurity Accelerator is a key component of Department of Energy’s strategy to ensure America’s critical energy infrastructure remains reliable, resilient, and secure as physical and virtual threats continue to evolve, and to achieve President Biden’s ambitious vision of a 100% clean electricity sector by 2035 and net-zero economy by 2050.
Cyber Attacks on Healthcare
And as we talk about critical infrastructure, we can’t overlook healthcare.
Cyberattacks– specifically ransomware– targeting healthcare have doubled in the last five years, and the situation appears to be only getting worse. Dave Stapleton, CISO at CyberGRX notes that attacks on healthcare have increased due to “a higher than normal pressure to pay threat actors. In the case of healthcare the potential impact of a prolonged cyber attack is literally loss of life.” He also adds, “It's not a matter of if, but when. Healthcare organizations must take the time to plan for, and test, their ability to respond to a cyber attack. That includes the technical response, of course, but also the critical non-technical response such as timely and valuable communication to patients and providers.”
According to Fortified Health Security’s 2022 Mid-Year Horizon Report, attacks on healthcare providers accounted for 72% of healthcare data breaches in the first half of 2022, and breaches impacting business associates rose in 2022 compared to the prior year. The most notable attack occurred in June of last year, when a major breach was discovered involving a third-party printing and mailing vendor, impacting 38 healthcare brands.
And 2023 is already off to a rocky start for millions of insurance customers in Japan. Aflac and Zurich insurance companies have both reported breaches, with attackers gaining access through a third-party provider. A spokesperson for the Zurich Insurance Group said the incident was an example of the dangers major companies face when entrusting personal customer information to third parties that often have lax security policies. The incidents also emphasize the importance of assessing the security controls of third parties, to provide healthier security for everyone.
Cloud Security Trend Shifts
Cloud applications are widely used by businesses, and cyber attackers are well aware of the opportunities for hosting malware and causing harm. In fact, over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, according to Netskope. Ray Canzanese, Threat Research Director at Netskope Threat Labs, cautions organizations, “Attackers are increasingly abusing business-critical cloud apps, bypassing inadequate security controls. It’s imperative that organizations inspect all HTTP and HTTPS traffic for malicious content, including company and personal traffic for popular cloud applications.”
The research found cloud-delivered malware is increasingly more prevalent than web-delivered malware, and varied by region and industry. Both Australia and Europe saw 10% increases in cloud-delivered malware, and certain industries also experienced significant increases, including telecom, manufacturing, retail, and healthcare. Netskope recommends organizations enforce granular policy controls to limit data flow, including flow to and from apps, between company and personal instances, among users, to and from the web, and adapt policies based on device, location, and risk. Additionally, organizations should deploy multi-layered, inline threat protection for all cloud and web traffic to block inbound malware and outbound malware communications, and enable multi-factor authentication for unmanaged enterprise apps.
The Rise of ChatGPT and Cybersecurity Concerns
ChatGPT has become the rage of the internet, so popular that the site often results in an over capacity message. But while this new technology can provide helpful assistance to employees, cyber criminals are accessing the tool to improve their techniques, too. Israeli cybersecurity company Check Point demonstrated how the web-based chatbot, when used in tandem with OpenAI’s code-writing system Codex, could create a phishing email capable of carrying a malicious payload. As ChatGPT has more advanced language and grammar features than its predecessors, the new technology enables foreign bad actors to improve their English and write more convincing scam emails.
How can an organization protect themselves from a potential increase in phishing scams?
We posed that exact question to ChatGPT and the answer it spit out was to focus on the fundamentals: implement email filtering systems to detect and block phishing emails, prioritize employee education to recognize and report suspicious emails, and use anti-phishing tools such as browser extensions, email gateways, and endpoint software, and implement Domain-based Message Authentication, Reporting & Conformance (DMARC) to help identify and block phishing emails that impersonate a legitimate domain. However, ChatGPT also advised us “It's important to note that even with these measures in place, it’s still possible for phishing emails to slip through. As such, it's crucial to have a plan in place for how to handle a suspected phishing email, and to always be vigilant.” Well said, ChatGPT.
Get Cyber Risk Intel delivered to your inbox each week: