Welcome to another edition of the Infosec Monitor. A weekly newsletter covering what's happened, what's happening, and what's coming in cybersecurity.

In this week's edition of the Infosec Monitor — Ransomware gangs get media savvy, U.K.'s risk to a catastrophic ransomware attack, Microsoft takes down Storm-1152, and Delta Dental breached.

News

U.S. Infrastructure under attack by Chinese-affiliated hackers

Chinese hacking groups linked to the People's Liberation Army have been targeting critical U.S. infrastructure as part of the Volt Typhoon cyber campaign. Notable targets include critical assets in Hawaii, a West Coast port, key pipelines, and power grids. Despite no reported disruptions, the attacks raise concerns about potential impacts on U.S. logistics, particularly regarding conflicts in the Pacific region. This situation underscores the increasing use of cyberattacks in global geopolitics. Spiceworks DarkReading

Cybercrime-as-a-service gang, Storm-1152, taken down by Microsoft

Microsoft's Digital Crimes Unit took down domains used by Storm-1152, a Vietnam-based cybercrime group. Storm-1152 was a major provider of cybercrime-as-a-service, notably selling fraudulent Outlook accounts and CAPTCHA-solving services. These services were used by other cybercrime groups, like Storm-0252 and Octo Tempest, to facilitate ransomware and data theft, causing significant financial damage. BleepingComputer

FCC's plan to introduce data-breach notification rules under fire

Congressional pressure continues against the FCC rule proposal. In a letter sent to the FCC chairwomen, Republican senators contest the FCC's proposed data-breach notification rules, citing a 2017 congressional action that nullified similar rules. The FCC maintains it can legally reimpose parts of the nullified order, but the issue could end up in court. ArsTechnica

Ransomware gangs get media-savvy

Sophos has new research on the growing trend of ransomware gangs becoming media savvy. According to the study, "Far from shying away from the press, as so many threat actors did in the past, some ransomware gangs have been quick to seize the opportunities it affords them. Now, threat actors write FAQs for journalists visiting their leak sites; encourage reporters to get in touch; give in-depth interviews; and recruit writers." Sophos

The fastest-growing cybersecurity startups

An interesting list of the fastest growing cybersecurity startups from early-stage to growth stage. Fortune compiled the list along with Lightspeed Venture Partners. Fortune

U.K. Parliament committee finds high risk of catastrophic ransomware attack

According to a parliamentary committee, the U.K. faces a high risk of a devastating ransomware attack. This risk stems from inadequate planning and investment, with recent incidents like the NHS data breach and the Redcar council attack serving as examples. The report criticizes the government's insufficient efforts to prevent such attacks, especially in critical national infrastructure (CNI) sectors, and points out the former Home Secretary's lack of focus on ransomware issues. The NHS is particularly vulnerable due to its reliance on outdated IT infrastructure. Guardian

The changing CISO role, from liability to AI

At the Fortune Brainstorm AI conference, experts discussed the dual nature of generative AI in cybersecurity, aiding both attackers and defenders. Subha Tatavarti, Wipro's CTO, emphasized the rapid pace at which AI impacts cybersecurity, challenging CISOs to innovate quickly. The evolving role of CISOs was a key focus, with the need for new skills and tools, as highlighted by Rodrigo Madanes from EY and Itai Greenberg from Check Point. The discussion also touched on the increasing responsibilities and risks for CISOs, including potential legal liabilities. Fortune

Cyber Security Incidents

Impact of the Idaho National Laboratories breach increases to 45k

New details on the breach, first disclosed in November, at one of the six-national laboratories. The number of impacted people has risen to 45,000, including current and past employees. The breach occurred in their cloud-based Oracle H.C. H.R. management platform. BleepingComputer

Delta Dental breach affects nearly 7 million people

The California branch of the nation's largest dental insurer says it was hit by a Russia-linked ransomware group, exposing almost 7 million customers. The attack used, yet again, the MOVEit Transfer zero-day exploit and exposed data, including driver's license and passport numbers. Cybernews

300k records stolen and released from Toyota Financial in Germany

As a follow-up to a November ransomware attack, 300,000 records from Toyota Financial in Germany have been released. After Toyota refused to pay the ransomware. SiliconANGLE

AboutCybersecurity is at a crossroads, changing more rapidly than we believed was possible just a few years ago. Stay informed on what's going on, what's happened, and what's coming next.I'm Bryan Smith, the author of the Infosec Monitor. I've spent over a decade pioneering changes in how cybersecurity is managed. From helping create the first cyber risk quantification (CRQ) software to advising how to approach cybersecurity pragmatically and proactively.

Data & Research

40% of 3rd parties all use the same other 3rd party

The tangled web weave. New research explores the cyber risk factors across the supply chain. RiskReconLinkedIn

Cybersecurity Mergers, Acquisitions, and Funding

Guardz, an all-in-one security and cyber insurance service for small and medium businesses, has raised another $18 million in a Series A round of funding. TechCrunch

ValidDatum was acquired by ERP Technology Partners for an undisclosed sum. PRWeb