Diaxin Ransomware, Windows Zero-Day Threat, 6G Tech, Cybersecurity Insights - Ukraine War
In this episode of GRXcerpts, we keep you updated on interesting and trending headlines in cybersecurity including new emerging threats, 6G technology and the impact on your attack surface, and insightful cybersecurity takeaways from the Ukraine War. Watch now:
Emerging Threats: Diaxin Ransomware
The ransomware group Daixin, which has been targeting the healthcare and public health sectors since June of this year, is now using VPN servers to gain access, then SSH and RDP to spread through networks. The FBI,Cybersecurity and Infrastructure Security Agency (CISA), and Department of Health and Human Services (HHS) are warning health providers to secure VPN services, enable multi-factor authentication, locking down RDP, turning off SSH, and securing wide area networks with strong passwords and encryption when enabled.
New Zero-Day Threat: Windows
Technology Update: 6G
New technologies always bring new threats to light, and 6G technology is no exception. The next generation of cellular technology promises improvements in bandwidth utilization, data delivery and application enablement, as well as new ways for people to interact with their surroundings. But cybersecurity is also a focus of the new technology. Researchers are prioritizing 6G as a means to optimize cybersecurity in the internet of things and user data security. Additionally, they are looking into ways to better leverage machine learning and artificial intelligence to train cybersecurity systems and algorithms. But a word of caution. For cybersecurity teams, 6G also translates to an increase in the attack surface, as 6G technology is expected to accommodate up to 10 million IoT devices in the same area. These devices represent new attack vectors that unauthorized users can access to extract data. As security and risk professionals know all too well, every increase in connected devices has a corresponding increase in exposure to risk events. Beyond phones, devices under threat include health care equipment, industrial machines, computers, and the network infrastructure itself. As 6G advances, the research is focusing on preventing cyber crimes, and combating threats inherent in the growing multi vendor marketplace.
Cybersecurity Takeaways from the Ukraine War
The Ukraine war, now in its ninth month, caught the cybersecurity world by surprise. Still, Rob Joyce, director of the NSA Cybersecurity Directorate, shared an unexpected lesson learned, citing that sharing intelligence on cyberthreats with industry and critical infrastructure providers “can really make a big and decisive difference.” Joyce stressed the need for greater knowledge, sharing that despite the competitive nature of business, it’s necessary for everyone’s mutual benefit and safety. In his words, “we can share the insights about what we know without putting at risk how we know it.”
Sharing cybersecurity knowledge is a primary driver behind Cyber Risk Nation, a community of security and risk professionals. Launched by CyberGRX earlier this year, Cyber Risk Nation provides the platform for members to discuss the challenges of third-party risk in a crowdsourced environment. For more information on how you can join, go to our website at CyberGRX.com.
All information is current as of October 31, 2022. Subscribe to receive future episodes as they are released.
Get Cyber Risk Intel delivered to your inbox each week: