There’s rarely a slow day in the cybersecurity world. Between cyber incidents, technological innovations, new government programs, and plenty more, security is frequently in the headlines. In this blog, we’ll explore five of the biggest cybersecurity stories from August, as well as some of our most important takeaways.
A Russian national who tried to recruit a Tesla employee to carry out an insider attack was arrested by the FBI. The Tesla employee was offered $1 million to open a malicious email attachment or run an infected USB drive. He, however, alerted the FBI about the plan to infiltrate Tesla’s networks with ransomware, which foiled the attack and led to the arrest.
The U.S. State Department has announced a reward of up $10 million for information on any person helping a foreign government interfere with American elections through malicious cyber activities. The reward is part of the U.S. government’s Rewards for Justice (RFJ) program.
Capital One has been fined $80 million by U.S. banking regulators over a 2019 data breach that exposed the personal information of over 100 million credit card applicants and customers. The Office of the Comptroller of the Currency concluded that Capital One did not put in place adequate risk assessment procedures before transferring IT operations to the cloud and failed to patch the vulnerabilities in time. The OCC also directed the bank to make changes to its risk management practices and strengthen its cybersecurity defenses.
Travel management company CWT suffered a cyberattack that gave hackers access to its sensitive business files. The company said it had shut down its systems and taken 30,000 computers offline as a precautionary measure. The strain of ransomware used to carry out the attack is known to encrypt computer files, leaving systems unusable. The cybercriminals restored access to CWT after the ransom of $4.5 million was paid via Bitcoin.
The German government created the agency to combat cyber threats to the country and strengthen digital sovereignty. The agency aims to make the country technologically independent and reduce its purchases from foreign companies. The agency will protect Germany’s critical digital infrastructure and sensitive IT systems with national security implications.
What We Learned: August Cybersecurity News
Throughout the month, businesses and governments across the globe had to contend with the risk posed by cybercriminals who work overtime to inflict damage. However, the Tesla incident does offer a silver lining, as do the aforementioned government initiatives. Here are five essential steps that an organization can take to strengthen its defenses against cyberattacks:
- Educate and sensitize the workforce about cyber risks and security best practices
- Enforce strict password policies and enable two-factor authentication
- Store data in encrypted formats, especially customers’ personal data and payment information
- Isolate critical and sensitive files and implement Zero Trust policies to prevent unauthorized access
- Secure endpoints so that they can be remotely locked down in the event of a breach
Get more security pointers by checking out these on-demand and upcoming webinars.