It’s been another busy few weeks in the world of cybersecurity and online scams. We’ve recapped the biggest and most concerning cyber news, including scams targeting the election, and how millions of social security numbers were stolen. Check out our top stories from this week:
Trump Campaign says Iran Hacked Internal Messages
Donald Trump’s campaign said some of its internal communications have been hacked, and suggested it was targeted by Iranian operatives. US news site, Politico, reported on Saturday that it had been emailed campaign documents including research carried out on Trump’s running mate, Ohio Senator JD Vance.
Microsoft’s Threat Analysis Center (MTAC) said the campaign was sent a spear phishing email – a message designed to look trustworthy to get the target to click on a malicious link.
74% of Ransomware Victims were Attacked Multiple Times in a Year
An alarming trend toward multiple, sometime simultaneous cyber-attacks forces business leaders to re-evaluate their cyber resilience strategies to address common points of failure, including inadequate identity system backup and recovery practices, reports Help Net Security.
A survey done by Semperis stated that “83% of organizations were targeted by ransomware attacks in the past year with a high degree of success, sounding alarming trends in attack frequency, severity, and consequences.” Despite widespread adoption of cybersecurity and disaster recovery planning, many companies are dealing with multiple ransomware attacks per year.
Senate Bill Set to Boost Federal Cybersecurity Measures, Implement Mandatory Vulnerability Disclosure Policies
A new bipartisan bill has been introduced in the US Senate to strengthen cybersecurity nationwide by ensuring that federal contractors adhere to guidelines set forth by the National Institute of Standards and Technology (NIST).
Titled ‘Federal Contractor Cybersecurity Reduction Act of 2024’; the legislation would require the Office of Management and Budget (OMB) to oversee updates to the Federal Acquisition Regulation (FAR) to ensure federal safety contractors implement a vulnerability disclosure policy consistent with what is already required by federal agencies.
Ilona Cohen, chief legal and policy officer at HackerOne, says “This bipartisan legislation addresses a critical gap in our nation’s cybersecurity protections by bringing the practices of federal contractors in line with those of the agencies they serve and with the guidelines issues by the National Institute of Standards and Technology.”
Hackers May have Stolen Your Social Security Number
As many as 272 million Social Security numbers are floating around hacker forums after a hacker group stole them from a Florida-based background check company called National Public Data.
The group offered $3.5 million in a forum for hackers as the price to sell the data, which included records from the United States, Canada, and the United Kingdom.
Iranian Election Influence Efforts are Addressed
OpenAI has banned accounts linked to an Iranian influence operation using ChatGPT to generate content focused on multiple topics, including the U.S. presidential campaign.
OpenAI identified and took down a cluster of ChatGPT accounts that were generating content for a covert Iranian influence operation identified as Storm-2035. The accounts associated to the operation have since been banned and OpenAI reports that they will continue to monitor for any further attempts to violate their policies.
This operation does not appear to have achieved meaningful traction or audience engagement. As of August 19th, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released a statement on Iranian Election Influence Efforts.
Stay up to Date to Protect Your Online Security
Tune into our Bolster news round ups every few weeks to get the latest security news insight and attack details. With better knowledge comes better planning, so be sure to catch the latest global cyber happenings to help arm your business against new and evolving threats.
