skip to top

Hot Topics in Information Security

Our OSINT experts have put together a list of the top Corporate & Information Security articles they've found this month to help keep your security team informed.

CEOs Could Face Jail Time for IoT Attacks by 2024

“Corporate CEOs could soon be personally liable if they fail to adequately secure IT systems connected to the physical world, Gartner has warned.

The analyst firm predicted that as many as 75% of business leaders could be held liable by 2024 due to increased regulations around so-called “cyber-physical systems” (CPSs) such as IoT and operational technology (OT).

Gartner defines CPSs as “engineered to orchestrate sensing, computation, control, networking and analytics to interact with the physical world, including humans.”

In this world, cyber-attacks can lead to human fatalities rather than mere data loss or service outages. For example, a medical device could be hijacked to prevent life-saving drugs from being dispensed, or a connected car could be remotely directed to crash.”

Read More

Key Takeaway

Despite many CEOs not being fully up-to-date on their company’s security strategy, they are still one of the main people in an organization held accountable for cyberattacks.

It’s integral that everyone within an organizational structure is informed on their firm’s security practices, with the CEO being the utmost important, in order to become more cyber resilient and avoid the financial and brand damage that occurs from a cybersecurity incident.

Tesla Insider Works with FBI to Turn the Tables on Russia’s Million Dollar Attempt to Hijack the Network

“On August 25, the Department of Justice announced the arrest of Egor Igorevich Kriuchkov, a citizen of Russia, for conspiring to breach the network of Tesla operations in Sparks, NV and introduce malware into the company’s network. Kriuchkov was arrested on August 22 as he tried to depart Los Angeles for Russia, and has been detained pending trial.

Unpacking the criminal complaint filed by the FBI Las Vegas Field office, it is clear this isn’t an ordinary attempt to infuse malware into a company’s network, but rather an effort led by a well-financed and logistically nimble organization.”

Read More

Key Takeaway

In this scenario, the Tesla employee did the right thing by reporting the threat actor’s attempt at introducing malware into the company’s network despite being offered a $1 million reward. In many cases, when there is a financial reward this significant offered to an employee, they would oblige.

Despite the insider’s cooperation with Tesla, this was only a starting point for the investigation. The counterintelligence efforts by the FBI, involving open-source information, were able to uncover additional pieces of relevant information, including identifies of other individuals involved.

23% of Tor browser relays found to be stealing Bitcoin

“For users really concerned about government surveillance and privacy in general, the Tor browser offers a suitable escape anonymizing your internet activity. However, just like any piece of technology, it too comes with its flaws.

One of these is that the Tor network uses 3 different nodes or relays for any communication that occurs on it to hide the real source of the traffic. The last of these relays is an exit relay which gets to see where the data is being actually sent. Yet, what happens when this exit relay is malicious?”

Read More

Key Takeaway

While many people use the Tor network to protect their privacy, technology always provides a way for threat actors to maliciously access and tamper with data.

Security teams that incorporate information from the Dark Web into their investigations require additional safeguards to protect their personal information and company data secure.