Cyber Intelligence Weekly

Cyber Intelligence Weekly (October 9, 2022): Our Take on Three Things You Need to Know

Welcome to our weekly newsletter where we share some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the future of cybersecurity!

To receive these and other curated updates to your inbox on a regular basis, please sign up for our email list here:

Also, we are always looking for great people to join our team. If you know anyone who fits the profiles for any of our open positions, drop me a line and let us know!

Before we get started on this week’s CIW, I’d like to highlight our new series of educational videos for National Cybersecurity Awareness Month (NSCAM). In the video below, Jeff Hoge is busting the myth that moving to the cloud is any more secure or any less secure. Moving to the cloud is what you make of it, and isn’t inherently more or less secure. Check out this tip and several others all month on our LinkedIn page. These videos are ready to share with your employees, friends, and family, should you want to send them out for NSCAM!

Away we go!

1. Former Chief Security Officer Of Uber Convicted Of Federal Charges For Covering Up Data Breach

Last week the DOJ’s U.S. Attorney’s Office for the Northern District of California prosecuted, and a federal jury convicted, Joseph Sullivan, the former Chief Security Officer of Uber Technologies. He was convicted of obstruction of proceedings of the Federal Trade Commission and misprision of felony in connection with his attempted cover-up of a 2016 hack of Uber.

No alt text provided for this image

United States Attorney Stephanie M. Hinds had the following to say in a prepared statement, “Technology companies in the Northern District of California collect and store vast amounts of data from users. We expect those companies to protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission and took steps to prevent the hackers from being caught. We will not tolerate concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.

While most of the uninformed were in outrage of how a CISO could get charged with a crime for their company getting hacked, the U.S. Attorney’s office was busy arguing their case that proved beyond a reasonable doubt that Sullivan mislead a federal agency (FTC) on purpose, in an elaborate cover-up scheme to shield himself and his company from blame. Sullivan also led the efforts to push the hackers into their bug bounty program, where they paid them, rather than report the data breach for what it was. This case has little to do with an actual cybersecurity event and has everything to do with the personal ethics of the charged individual.

2. LA School’s Stolen Data More Sensitive than Expected

New reports about the LA School’s recent cyber attack show that the data stolen by ransomware actors may have been more sensitive that LA School official originally let on. While downplayed in earlier press conferences, new releases of partial data by the threat actors show sensitive data such as social security numbers, contracts, W-9 tax forms, invoices and passports.

No alt text provided for this image

Just days prior, the Los Angeles Unified School District released a statement on their website condemning the acts of the threat actors and noting their stance on paying ransoms. The stated noted, “Los Angeles Unified remains firm that dollars must be used to fund students and education. Paying ransom never guarantees the full recovery of data, and Los Angeles Unified believes public dollars are better spent on our students rather than capitulating to a nefarious and illicit crime syndicate. We continue to make progress toward full operational stability for several core information technology services.

Since that statement, the 500GB trove of data has been released publicly by the threat actors. The argument between paying and not paying a ransom will always be a difficult weighting of protecting the greater good versus funding a criminal enterprise, or worse yet, a criminal nation state.

3. Russian Speaking Hackers Knock US State Government Websites Offline

Several U.S. state-run websites have been experiencing cyber attacks in recent months. A recent report from CNN cited the threat actors behind these attacks as “Killnet.” The group has targeted state government-run websites in Colorado, Kentucky and Mississippi, among other states.

No alt text provided for this image

The group is a known hacktivist type of organization who has stepped up their activity since the Russian invasion of Ukraine. Hacktivists are groups of criminals who unite to carry out cyber-attacks in support of political related causes. It appears to be unknown at this time whether or not this group has any official ties to the Russian government.

Thanks for reading!

About us: Echelon is a full-service cybersecurity consultancy that offers wholistic cybersecurity program building through vCISO or more specific solutions like penetration testing, red teaming, security engineering, cybersecurity compliance, and much more! Learn more about Echelon here:

Sign Up for Weekly Cyber Intelligence Delivered to Your Inbox

Sign up to get Cyber Intelligence Weekly in your inbox.
Latest Intelligence