Cyber Connections News Roundup: November 30

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

November 30

Interpol Crackdown Results in More than 1,000 Fraud Arrests

According to a report on www.interpol.int, more than 1,000 arrests and USD 27 million were intercepted recently in massive financial crime crackdown. The coordinated operation, code named HAECHI-II, transpired over four months, from June to September 2021. Police units from 20 countries, as well as from Hong Kong and Macao, targeted specific types of online fraud, including romance scams, investment fraud and money laundering associated with illegal online gambling. In total, the operation resulted in the arrest of 1,003 individuals and allowed investigators to close 1,660 cases. Read more.

Who Is Accountable for Cybersecurity? Gartner Report Finds Lack of Clarity

A recent article on www.techrepublic.com discusses the lack of clarity on who is accountable for security incidents. Citing a recent Gartner survey, the members of various boards of directors finds that, while 88% believe that cybersecurity should be classified as a business risk instead of a technology one, the actions they’ve taken don’t necessarily reflect that. The report found that organizations that classify cybersecurity as a business risk would have a senior-level non-IT person accountable for it, but only 10% of leaders reported that to be the case in their organizations. Read more.

North Korea Hackers Remain on the Attack

According to email security firm Proofpoint, and as reported on www.cyberscoop.com, a North Korean cyber espionage group that targets think tanks, advocacy groups, journalists and other adversaries around the world, has been launching near-weekly attacks in 2021. According to Cyberscoop, ProofPoint examined the activities of a group it refers to as TA406, which it considers to be one of the components of an organization known more broadly as Kimsuky that has been active since at least 2012. That organization’s campaigns remained low in volume until the beginning of January 2021. Then from January to June 2021, the group launched “almost weekly campaigns. Read more.

Upon G7 Endorsement Central Bank Digital Currencies Now Vulnerable to Cyber Attacks

According to a recent article on www.weforum.org, now that G7 officials have endorsed principles for central bank digital currencies (CBDC), widespread deployment is imminent. Like any digital payment system, CBDC is vulnerable to cybersecurity attack, account and data breaches and theft, counterfeiting, and even farther-off challenges related to quantum computing. For citizens to be comfortable adopting CBDC, they will need to be confident in its security. The article enumerates four dimensions of CBDC cybersecurity that must be addressed, including credential theft and loss and user roles. Read more.

Cyberattacks on Two Bio-manufacturing Companies Raise Concerns

A recent article on www.cyberscoop.com reports that a group of likely foreign government-sponsored hackers is behind cyberattacks on two bio-manufacturing companies that occurred this year. The Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) dubbed the malware “Tardigrade” after the resilient micro-animal, and said it looks like the work of an advanced persistent threat group, a term that most often refers to government-backed attackers. The biomanufacturing sector encompasses makers of coronavirus vaccines and treatments, although BIO-ISAC has declined to say whether the firms hit in the spring and then in October were involved in battling COVID-19. Read more.