Jack’s Hacks: Volume 3

The Last 30 Days in Cybersecurity: Notable Breaches, Outages & Ransom Demands 

Patient in Leaked Exam Room Photos Drops Demand for Health Organization to pay US $5 million to Ransomware Cybercriminals 

The Wall Street Journal recently reported on a lawsuit filed by a patient against a hospital network in Pennsylvania for refusing to pay a ransom to the cybercriminal and ransomware company, BlackCat. Because of this refusal, the criminals released naked exam room photos of the defendant, a cancer patient, on the dark web.   

The patient involved in the lawsuit wanted the courts to order the health organization to pay over $5 million USD to have the photos removed. However, she dropped the case because the judge did not believe the court could force a party to comply with an illegal act by paying the ransom.  

Despite the unthinkable actions of the BlackCat criminal group and the justified distress of the patient, this is good news. Had the courts forced the organization to pay ransom, they might have set a precedent which could lead to a massive surge in demanded ransomware by cybercriminal groups, as well as the demanded amounts. 

Ransom Demands are on the Rise due to Evolving Cybercriminal Tactics According to a New Report  

If you need another reason to up your security game, this recent data from BakerHostetlet’s 9th Annual Data Security Incident Response Report released in April, found that cyber criminals are using newer tactics to evade stronger cyber security measures like basic MFA, endpoint protection and backups. 

The 2023 report found that cyber criminals are using tactics like MFA bombing, anti-virus evading malware, social engineering and search engine optimization poisoning to gain access to targeted systems. This shows that cybercriminals are adapting their tactics to defeat older and even some newer security measures to execute their attacks. This illustrates the importance for organizations to stay updated on their evolving cyber tactics with the best cyber security measures. 

Other key findings of the report found that: 

• Wire fraud transfers saw a decrease in 2022 but the success rate of recovering lost funds dropped almost in half when compared to 2021 data. 
• Forensic investigation costs increased by 20% from 2021, revealing that the penetration of today’s cybercrime tactics and threat actors on organizations is becoming more complex. 
• Ransom demands increased to US $3.7M and payments increased 15% to just over $600K. The health care industry saw the largest increase in ransom payments to $1.5M, up 78% from 2021.  

These realities underscore the critical importance of safeguarding your systems and why investing in preventive cyber security tools and personnel is your best bet.  

That’s why I recommend implementing a layered security approach using updated technologies and methods to effectively respond to threats at machine speeds with experts on hand 24/7. This unfortunately is the new reality that is needed to protect all organizations, regardless of their size.

OpenAI Confirms ChatGPT Data Breach  

In the first breach for the makers of ChatGPT’s Open AI, there has been a confirmed data breach in the system caused by a vulnerability in the code’s open-source library. This allowed some users to see some parts of other active users’ chat history. They also admitted that the breach may have caused the “unintentional visibility of payment-related information” for premium ChatGPT users that were active between 1-10am PST on March 20.  

Although OpenAI maintains that the number of users affected was low, even a minor cyber incident can cause a lot of damage. From a cybersecurity perspective, when it comes to new technologies like ChatGPT’s it’s important to remember that they have not been “battle tested” in any meaningful way. Early adopters should always be careful about relying too much on new tech tools in the early stages as it’s difficult to predict how their personal info will be stored and eventually be used.  

The Latest Cybercrime Trends 

Lessons Learned from Toyota Production Chain Attack  

In February 2022, one of Toyota’s modest chain suppliers was hacked and it brought the top-selling carmaker to its knees. Toyota had to stop operations at 14 factories and reportedly lost $375 million in revenue. If a large and cutting-edge company like Toyota can be brought to a halt, so can yours. 

A year later, Bloomberg published a recent article that shows how the increase in cyberattacks in Japan can put the rest of the world and global supply chains at risk. Currently, the country produces about 80% of the fine chemicals that are used in electronics and leads the global supply of photoresist, a light-sensitive material that’s used in making semiconductor chips. 

Looking back on this major cybercrime event, there’s a lesson for every organization, as most businesses count on others’ products and services to fuel their operations. By establishing a robust Vendor Management Policy, business can have predetermined protocols for addressing service issues and contingency plans in case of worst-case scenarios. It might also help them choose better equipped vendors to ensure their business’ livelihood and continuity. 

AI-Assisted Kidnapping/Ransom Scams  

It’s a parent’s worst nightmare. Your child is abducted. Your brain stops thinking rationally. You’ll do anything to get your child back and ransom scammers know it.  

Recently, CNN reported a story about a mother in the US who was the victim of a virtual kidnapping scam that targets people with altered audio of a loved one’s voice in distress. In this case, the voice on the phone was identical to the woman’s daughter which was followed by a man’s voice demanding a million dollars to return her safely.  

The mother negotiated with the so-called kidnappers right up until her daughter confirmed via text that she was not kidnapped while away with her father for a ski race training trip, as planned. Her sister was able to contact her during the frightening ordeal.  

In terms of how the scammers were able to get the audio of her daughter’s voice — it’s likely they stole an audio clip from the girl’s public Instagram account and recreated it with the help of AI. 

And unfortunately, with easily accessible AI technology available to most folks, this kind of scam is on the rise. The FBI reports that US families lose an average of $11,000 USD in fake-kidnapping scams. 

To avoid being victimized by these kinds of scams, it’s recommended to create a safe family password or phrase, refraining from sharing upcoming trips on social media and refusing to provide financial information over the phone. If you ever get a call like this, remain calm. Try to contact someone that will help you stay focused so that you can buy time and get to the bottom of the issue.  

Grandparent Scams: Cyber Crimes Against the Elderly 

The FBI reports that people over the age of 60 lost $3.2 billion USD to cybercriminals in 2022. That’s up 84% from the year before and the effects are devastating. 

Seniors are having their bank accounts emptied, losing their homes and are forced to return to the workforce to recoup their losses. This is a real tragedy. Victim blaming is common and many elderly victims are ashamed of being scammed.  

Common tricks cybercriminals use to trick the elderly include tech support and romance scams — and pretending to be their grandchildren via social engineering tactics in desperate need of an urgent money transfer. 

To protect your loved ones, it’s important to educate and talk to our older friends and family members about these types of scams and offer support instead of judgment. Cyberboxx Home TM, our personal cyber insurance offering also keeps the elderly safe by predicting digital threats, preventing personal data breaches and insuring against a cyber event, should one occur. 

Jack’s Top Monthly Hacks 

For Businesses: 

Business Email Fraud 

The FBI has issued a warning about cybercriminals using business email compromise (BEC) tactics to impersonate email domains of US-based companies to initiate bulk purchases. Using spoofed email domains with the names of real employees obtained from LinkedIn and other business directories, cybercriminals are defrauding big businesses and their accounting departments of millions of dollars. 

To enhance their BEC tactics, cyber criminals are camping out in compromised business networks for longer periods to acquire the necessary information to best orchestrate scams that target not only their valuable clients and suppliers, but their employees. 

That’s why I always recommend these five tips, which, if implemented by every company and their vendors, regardless of size, would enhance their cyber resiliency: 

• Managed EDR 
• Multi-factor authentication (MFA) and/or two-factor authentication (2FA) on everything 
• Enhanced cloud security and backup 
• Managed system patching 
• Monthly cyber awareness training and phishing simulations 

And if you’re a vendor being asked to make a payment it’s a good idea to take additional steps to ensure that you are not paying a cybercriminal that might have breached your networks. Preventive measures include calling trusted contacts to ensure the legitimacy of the payment request and to vigilantly checking the source of the email by employees and preventative phishing software. 

For Individuals: 

Tech After Death 

When someone dies, what happens to their data? Who will sweep up your digital footprint?  

This isn’t something you want to leave for grieving friends and family, so it’s important to have a plan to access all the technology and the online accounts you’ve come to rely on. Here’s how I recommend making your valuable information available to your loved ones when the inevitable happens:  

• Have both an encrypted drive and a printed hard copy of your most recent documents in two safe places like a safe, bank deposit box and/or with a lawyer 
• Hardcopies can’t be hacked, but they can burn in a fire or dissolve in a flood. Keep them in a fire-proof safe or stored in an airtight container in the freezer 
• Use an encrypted flash drive and always have a backup copy 

–  Keep both in different physical places 

           – Make sure you print out the pass phrase or word list 

• Have a plan in place for what to do with your accounts and online data. Practicing regular data and password hygiene will also ensure that key personal information isn’t accessible to cyber criminals, so that you can truly rest in peace.