Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • 10 Benefits of Running Cybersecurity Exercises

    • Cybersecurity exercises are useful simulations of specific cyber attack scenarios that enable organizations to gain valuable insights into their real-world response.
    • Despite their importance, 74% of respondents to the ISF Benchmark stated that they do not subject critical systems under development to cyber attack simulations or exercises. This may be because cybersecurity exercises are perceived as time-consuming, expensive to run, and potentially disruptive.
    • It's common sense to accept that rehearsals serve an important function in readying people for the actual event.
    - Steve Durbin | December 28, 2020
  • Petco Cyberattack Serves as Useful Reminder of Best Practices for Preventing Data Breach

    • Between February and August an “unauthorized plugin” on the PupBox website caused the personal and credit card information of approximately 30,000 consumers to be stolen by an unauthorized third party.
    • The complaint asserts, on information and belief, that the cyberattack resulted from the defendants’ failure to encrypt payment card data (PCD) at the point of sale and/or that the defendants “failed to install updates, patches, and malware protection or to install them in a timely manner to protect against a data security breach; and/or failed to provide sufficient control employee credentials and access to computer systems to prevent a security breach and/or theft of PCD.”
    • Sensitive data should be retained for only as long as necessary and stored in an encrypted database with limited access. Contracts with service providers should mandate strong data security practices as well. The time and effort expended on data protection have proven to be well worth the investment.
    JDSupra | December 28, 2020
  • ‘Very difficult to defend’: What happens if hackers are inside the Pentagon’s networks?

    • If Russian hackers suspected of a vast cybersecurity breach slipped into the Pentagon or military’s computer systems, the strength of protective network blockades is key to keeping them from burrowing in to try to access increasing amounts of information.
    • Overall, the Pentagon has been largely silent about the breach publicly as it works through the long process to assess fallout from the intrusion, saying early on that no breach had been detected yet, despite media reports that said the agency was among government offices compromised through widely used software from SolarWinds, a network management company.
    • Authorities believe that hackers had extensive access to some government or business networks for as long as nine months. With that time, could the hackers have figured out how to jump the air gap meant to block computer system users from accessing classified systems?
    - Andrew Eversden, Joe Gould, and Mark Pomerleau | December 27, 2020
  • The State Of Data, December 2020

    • Data is eating the world and there are many indicators of its ubiquitous presence in our lives. From fueling the recent success of “artificial intelligence” (AI) and the rise of “digital transformation” to its accelerated growth due to Covid-19 to new approaches to its “monetization” (finding money in mining data, a growing practice since at least the 1970s) to how it makes businesses and consumers both anxious and animated, data dominates our deeds, debates, and dreams.
    • 51% of CIOs and CTOs that report accelerating the adoption of machine learning and AI due to covid-19.
    • 55% of American adults that are worried about government agencies tracking them through location data generated from their cellphones and other digital devices.
    • 71% of small and medium-size businesses that do not have a formal plan/protocols in place to deal with any potential cyber-attacks.
    - Gil Press | December 27, 2020
  • Sangoma Conti Ransomware Attack: About 26 GB Data of Popular FreePBX Developer Breached Online

    • Sangoma is a particular voice over IP software and hardware provider that is more popularly known for its open-source Free PBX phone system that reportedly allows the organization to create a cheaper corporate phone system on their own network.
    • The Conti ransomware gang had published a significant 26 GB or more of the data on their own ransomware data leak site. This was the data that had been stolen from Sangoma during its more recent cyberattacks.
    • The whole ransomware operation said to be behind this recent attack is more popularly known as Conti. They were first spotted in certain isolated attacks that took place during the end of December last 2019 with even more attacks that started to pick up in June of 2020.
    • This particular ransomware shares its code with the known Ryuk Ransomware and is also known to be distributed by the cunning TrickBot trojan.
    - Urian B. | December 27, 2020
  • Former FBI Supervisory Special Agent, John Caruthers Joins EVOTEK's Cybersecurity team

    • EVOTEK (www.evotek.com), the nation's premier enabler of secure digital business, announced that it has hired former FBI Supervisory Special Agent (SSA) John Caruthers as Business Information Security Officer (BISO) and Executive Advisor.
    • Caruthers's hire exhibits EVOTEK's longtime commitment to further expand and strengthen their cybersecurity capabilities, protecting US businesses from cyberthreats of all kinds.
    • "John is an outstanding addition to our cybersecurity team," said Jeff Klenner, President of EVOTEK. "His vast experience in federal law enforcement, including everything from drug cartels, crimes against children, and cyber-terrorism, give him unique insights and perspectives that we are excited to see impact and improve EVOTEK's ability to protect our clients' assets."
    | December 21, 2020
  • Just how bad is that hack that hit US government agencies?

    • Since at least March, hackers likely working for Russian intelligence have embedded themselves without detection inside the unclassified networks of several U.S. government agencies and hundreds of companies.
    • Jake Williams, a former NSA hacker and founder of Rendition Infosec, said hackers would have gone for the targets that got their “biggest bang for their buck,” referring to FireEye and government targets.
    • “I have no doubt in my mind that had the Russians not targeted FireEye we would not know about this,” Williams said, praising the security giant’s response to the attacks. “We’re going to find more government agencies that were breached. They’re not detecting it independently. This only got discovered because FireEye got hit,” he said.
    - Zack Whittaker | December 17, 2020
  • Hacking campaign targeted US energy, treasury and commerce agencies

    • In a statement on Thursday, the Cybersecurity and Infrastructure Security Agency (Cisa) also warned that it will be difficult to remove the malware inserted through network software.
    • “Removing this threat actor from compromised environments will be highly complex and challenging for organizations,” the agency said.
    • The true scale of the breach is still unknown, but looks to have extended beyond the US government. On Thursday, Reuters reported that Microsoft was also hacked as part of the suspected Russian campaign, according to people familiar with the matter.
    • SolarWinds, the company behind the software targeted by hackers, said earlier this week that up to 18,000 of its more than 300,000 customers had downloaded the compromised software.
    - Kari Paul | December 17, 2020
  • People's Energy data breach affects all 270,000 customers

    • Co-founder Karin Sode told BBC News an entire database had been stolen by hackers and included information on previous customers.
    • Data stolen included names, addresses, dates of birth, phone numbers, tariff and energy meter IDs, she said.
    • People's Energy has contacted the Information Commissioner's Office, the National Centre for Cyber-Security, the energy regulator Ofgem and the police.
    BBC News - Zoe Kleinman | December 17, 2020
  • Lithuania Suffers "Most Complex" Cyber-attack in Years

    • On the night of December 9, cyber-criminals breached multiple content management systems to gain access to 22 different websites operated by Lithuania's public sector. The attackers then published articles containing misinformation on the sites.
    • In a statement published on Wednesday, Lithuania's defense minister, Arvydas Anušauskas, described the digital assault as one of the "biggest and most complex" cyber-attacks to hit the republic in recent years. 
    • Anušauskas added that the attack, which took place “on the eve of the government’s transition [...] was prepared in advance and with a goal in mind.”
    • Following the attack, the NKSC has submitted a number of cybersecurity recommendations to municipalities. These include actively searching for vulnerabilities, limiting access to content management systems, installing a firewall, and avoiding the use of passwords that are easy to guess. 
    - Sarah Coble | December 16, 2020

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017