Feb 10, 2023

Security News This Week in 4 Minutes

Hello, and happy Friday!

This week (week of February 5th, 2023) security and privacy news has been dominated by talks of spy balloons and sanctions on Russian threat groups. But in case you missed it, some other interesting ransomware press was released.

On Thursday, CISA, in conjunction with several domestic and international agencies, issued an advisory noting continued threat from state sponsored ransomware. This week’s publication shared TTPs associated with North Korean actors who are using ransomware to fund state activities.

On the infrastructure side, Amazon’s AWS team published a blog focusing on ransomware attacks on S3 buckets (large data storage used by most organizations).

We have these kinds of conversations with our customers nearly every day. Organizations are increasing their investment in the cloud to streamline the cost of infrastructure in a slower economy. But many of them are still finding their security footing. Meanwhile, threat actors are ramping up ransomware attacks that result in denied availability of cloud data.

As noted in the above articles, access control and response tools need to be in place for cloud-specific attacks. Here are some quick takeaways:

Ensure you’re limiting access to buckets
Manage AWS keys and credentials securely
Ensure you’re updating and patching infrastructure
Have a cloud response plan specifically for ransomware (not just a general one!)
– Note, this should include specific work instructions on how to cut off access, how to restore, and how to maintain operations during an incident
Ensure you have immutable, virtual air-gapped backups

Clumio offers cloud-native solutions that reduce restore time, and incident friendly features, such as the ability to restore to a different account and region that has not been compromised. These features go beyond what native tools can offer.

For more information on how you can protect your critical data from ransomware in minutes, visit our Ransomware Recovery solutions page. Better yet, get in touch with us for a customized demo.

Before signing off, here is a quick bonus “In the news:” the Supreme Court declined to decide on the scope of attorney-client privilege during cyber incidents. See this article from Data Security Law Blog for an excellent analysis of how counsel should be engaged during an incident.

Enjoy the weekend!

Jacob Berry
Field CISO, Clumio

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.