Cyber Intelligence Weekly

Cyber Intelligence Weekly (December 11, 2022): Our Take on Three Things You Need to Know

By Dan Desko
Posted on Dec 11 / 2022

Welcome to our weekly newsletter where we share some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the future of cybersecurity!

To receive these and other curated updates to your inbox on a regular basis, please sign up for our email list here: https://echeloncyber.com/ciw-subscribe

Also, we are always looking for great people to join our team. If you know anyone who fits the profiles for any of our open positions, drop me a line and let us know!

Before we get started on this week’s CIW, I’d like to announce that as our firm is growing, our office space is expanding! We have a new home for our HQ in Pittsburgh at Liberty Center at 1001 Liberty Ave. This bright, open space gives our team a space to come together and collaborate, and the larger spaces will allow us to host our remote team and clients when they are in town. We're excited to go into a new year with a new space, come say hi!

Echelon New Office


Away we go!

1. New Ransom Payment Schemes Target Executives, Telemedicine

Last month, the department of Health and Human Services (HHS) released a bulletin about the Venus ransomware group and how they have been successful as of late at breaching several types of organizations. Per a new Krebs on Security article, they just have not been as successful monetizing their efforts.

New Ransom Payment Schemes Target Executives, Telemedicine

As all good criminal groups do, they adapt and change their methods over time. In this case, the Venus group has been attempting to inject emails into the .pst files of CEO’s of U.S. based public companies to make it appear as if they are involved in and leading elaborate insider trading schemes in an effort to blackmail and extort said executives.

Just when we thought we’d seen it all, the thieves come up with even more dastardly schemes.

2. Majority of U.S. Defense Contractors Not Meeting Basic Cyber Requirements

According to a recent report from CyberSheath, 87% of defense contractors have a sub-70 Supplier Performance Risk System (SPRS) score. This metric shows just how far along defense contractors are in their quest to maintain cyber compliance measures as outlined in the CMMC / NIST 800-171.

Under the Defense Federal Acquisition Regulation Supplement (DFARS), a score of 110 is required for full compliance. Per respondents of the study, one of the biggest issues in non-compliance is a lack of understanding of the cybersecurity regulations and what the organizations must achieve to become compliant.

Majority of U.S. Defense Contractors Not Meeting Basic Cyber Requirements

Across the study, there appear to be some key themes and areas of improvement:

  • Less than 1 in 3 respondents to the study have deployed a SIEM
  • Only 1 in 5 respondents reported having 24/7/365 monitoring in place
  • Only 1 in 5 contractors had an Endpoint Detection and Response (EDR) system in place
  • Only 1 in 5 respondents had any form of multi-factor authentication in place

Some of these statistics are alarming to see when you consider how long these DFARS requirements have been in place and how few contractors seem to have made meaningful progress with some of the most critical security controls that can make a difference. The Department of Defense seems to be committed to enforcing cybersecurity compliance, it will be interesting to see how quicky firms can improve these scores.

3. ChatGPT Unlocking the Potential of AI For Threat Actors?

ChatGPT, a prototype artificial intelligence chatbot developed by OpenAI that specializes in dialogue, has been making waves this past week since it has been released for broad public usage. ChatGPT is being used to write poetry, help develop mathematical models, and even write code.

ChatGPT Unlocking the Potential of AI For Threat Actors?

For several years, many in the cybersecurity have been mocking artificial intelligence because seemingly every vendor under the sun seems to tout their tool’s AI. In the case of ChatGPT, the technology seems to be rather transformational at the current moment. But as with all technology innovations, many are considering the good and evil implications of such a breakthrough. Many are now considering how ChatGPT may be used to write code, malware, or even very convincing phishing messages at scale. The evolution of such fluid AI that is available to the public is definitely a technological breakthrough, it will be interesting to see how it is governed. For now, I leave you with this poem about cybersecurity…

Cybersecurity Poem

Thanks for reading!

About us: Echelon is a full-service cybersecurity consultancy that offers wholistic cybersecurity program building through vCISO or more specific solutions like penetration testing, red teaming, security engineering, cybersecurity compliance, and much more! Learn more about Echelon here: https://echeloncyber.com/about

Sign Up for Weekly Cyber Intelligence Delivered to Your Inbox

Sign Up
Sign up to get Cyber Intelligence Weekly in your inbox.
Latest Intelligence
Cyber Intelligence Weekly (April 21, 2024): Our Take on Three Things You Need to Know
Posted on Apr 21 / 2024
The Latest in FedRAMP Compliance: Breaking Down Red Teaming for Enhanced Security
Posted on Apr 18 / 2024
Cyber Intelligence Weekly (April 14, 2024): Our Take on Three Things You Need to Know
Posted on Apr 14 / 2024