News

Expert Insights Cybersecurity News Recap: November 5-12, 2024

The top 5 biggest cybersecurity news stories this week.

Last updated on Nov 19, 2024
Joel Witts Written by Joel Witts
Laura Iannini Technical review by Laura Iannini
News Update Dec 17

Welcome to your weekly Expert Insights cybersecurity news recap.

In this series we give you a snapshot of the biggest stories driving the news in the world of cybersecurity this week.

Got a story to share with our team? Email [email protected]

1. Trump’s Second Term Cybersecurity Strategy

President-Elect Trump is putting together his second term transition team and cybersecurity policy experts are keenly watching the new appointments.

The key tech areas to watch will be cloud market oversight and anti-trust regulations of the big tech companies, AI regulations, cybersecurity regulations and semiconductor funding, reports Cybersecurity Dive.

A shake up of cybersecurity policy under a new administration?

Axios reports that, Trump’s cybersecurity strategy is likely to be a continuation of his first term agenda. This means a hard line against China, and possibly a review of the dynamic among the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the National Cyber Director (ONCD), and the White House’s National Security Council (NSC).

Cybersecurity incident reporting regulations may also not be as tightly enforced as they would have been under the Biden administration.

Trump is likely to bring a mix of former officials and experts at prominent think tanks into his administration – but broadly cybersecurity is a ‘second or third-tier priority for the transition team,’ reports Axios. Politico spoke to nine Republican and Democratic cyber policy experts this week for their predictions on who would be likely to make the cut.

Axios has in the past reported that Trump could be planning a major overhaul of the US approach to cybersecurity – such as reworking key agencies like the US Cyber Command.

But broadly cybersecurity strategy is a rare area of cross-party agreement in the United States. Biden has kept many of the first Trump administration’s national security and cybersecurity policies in place.

There is likely to be a continuation in many key areas of cybersecurity policy with the new incoming administration.

2. Ransomware attack hits a major oilfield supplier based in Texas

Newpark Resources, a Texas-based oilfield supplier disclosed that it was hit by a ransomware attack in a regulatory filing with the SEC this week.

As reported by SecurityWeek, Newpark has not shared details on how the attack took place or who the threat actors were. But Newpark’s security response plan was quickly activated, and the attack was limited.

“The incident has caused disruptions and limitation of access to certain of the company’s information systems and business applications supporting aspects of the company’s operations and corporate functions, including financial and operating reporting systems,” Newpark said.

The oil and gas sector has increasingly been a major target for ransomware gangs. BleepingComputerreported this week that Halliburton, a global energy provider, was hit by a ransomware attack in August that led to $35 million in losses. SecurityWeek reports that based on indicators of compromise, the ransomware group RansomHub was the most likely culprit behind this attack.

Earlier this year, Expert Insights spoke to Zscaler’s Senior Director of  Threat Intelligence, Brett Stone-Taylor about the recent trends they were seeing in the ransomware space. He outlined that despite numerous law enforcement operations, arrests and criminal sanctions, ransomware attacks rose by 18% last year – including the largest ransomware payment ever recorded at $75 million USD.

To protect against ransomware, Stone-Taylor recommends:

“Employ two-factor authentication, require strong passwords that you rotate, maintain offline backups. Monitoring network traffic is incredibly important from a number of perspectives. Utilize endpoint solutions and make sure your software is up to date. And use a zero-trust architecture to make sure that when someone authenticates, you’re connecting them to an application, not the network.”

3. Pro-Russian Hackers Are Attacking South Korea After North Korea Became Involved In The Ukraine War

Pro-Russian hacker groups have been ramping up their attacks on South Korean businesses following South Korea sending observers to Ukraine after North Korea has joined Russia’s war-effort, reports The Record and Infosecurity Magazine.

Pro-kremlin groups have target South Korean government websites and private companies with DDoS attacks, causing some websites to be temporarily taken offline.

“Cyber ​​attacks by pro-Russian hacktivist groups on our country have occurred intermittently in the past, but have become more frequent since North Korea dispatched troops to Russia and participated in the Ukraine war,” the office said in a statement, Reuters reported.

Ukrainian President Volodymyr Zelensky has stated that there are “currently 11,000” North Korean soldiers present on Russian territory near the Ukrainian border.

4. Nigerian Cybercriminal Sentenced To 10 Years For Stealing $20 Million USD Via Business Email Compromise

A Nigerian citizen has been sentenced to 10-years in US Federal prison for a series of business email compromise scams that stole a total of nearly $20 million, reports the Record.

Business email compromise scams involve stealing employee credentials and then monitoring email communications until a payment was due to be taken. The hacker then sends their own bank details or a link to a fraudulent invoice.

These scams are extremely hard to spot as to the recipient, everything looks totally legitimate and part of their expected business transactions.

The Nigerian national – a 33-year-old man living in the UK – was reportedly able to scam more than 400 victims. Along with two other hackers, he allegedly sent phishing emails with malicious links to companies, real estate agents, and real estate attorneys across the U.S.

Many victims were people who had saved up money to buy a home. At least two victims lost more than $114,000 and $42,000, and 231 victims were unable to retrieve the stolen funds. In total $19,599,969.46 was lost.

Investing in strong email security and multi-factor authentication is critical for businesses to prevent their customers being hit by business email compromise scams. Email security tools can help to detect email account compromise and suspicious emails, while MFA helps to improve account security and prevent account compromise. 

For end users, we highly recommend confirming bank details before making purchases over the phone or in person, just to be sure.

5. Air fryer app accused by consumer rights group of spying on users through “excessive smart device surveillance”

And to close out this week – consumer rights group Which? Has warned shoppers to be aware that your air fryer might be spying on you.

Which? Claims they have found evidence of excessive surveillance across the smart device app market, including air fry apps requiring to know your precise location and record audio from your smartphone. 

The investigation by Which? highlights a troubling trend of excessive data collection across various smart home devices and their associated apps. Many users are unaware of the extent to which these apps access and store personal information.

In addition to potential breaches of user privacy, Which? raised concerns about how this data might be shared with third parties, potentially even crossing international borders.

“Our research shows how smart tech manufacturers and the firms they work with are currently able to collect data from consumers, seemingly with reckless abandon, and this is often done with little or no transparency,” Harry Rose, Which? magazine editor, said.

Which? has been calling for proper guidelines outlining what is expected of smart product manufacturers and the ICO has confirmed a code is being introduced in Spring 2025 – this must be backed by effective enforcement, including against companies that operate abroad.”

Expert Insights Q&As Published This Week:

We’ll be back on Thursday (November 14) for your cybersecurity vendor news roundup. Until then! 👋

Expert Insights Cybersecurity Resources

Joel Witts
LinkedIn Email

Content Director

Joel Witts is the Content Director at Expert Insights, meaning he oversees all articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel is a co-host of the Expert Insights Podcast and conducts regular interviews with leading B2B tech industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.
Laura Iannini Laura Iannini
Email

Cybersecurity Analyst

Laura Iannini is an Information Security Engineer. She holds a Bachelor’s degree in Cybersecurity from the University of West Florida. Laura has experience with a variety of cybersecurity platforms and leads technical reviews of leading solutions. She conducts thorough product tests to ensure that Expert Insights’ reviews are definitive and insightful.