August Risk Roundup: Vulns, phishing, and ransomware — the cyber evolution continues

by Stephanie Mangold.
The Risk Roundup is our weekly collection of curated content that relates to all things digital risk management. Members of the Coalition team have pulled together their favorite posts from the week that highlight relevant trends in cybersecurity and cyber insurance. Enjoy our TL;DR and useful snippets on topics we’re keeping a close eye on.

Creating a genuinely robust cybersecurity program is a constantly moving target — it isn't as simple as installing patches, rolling out training, and staying on top of evolving trends. Staying one step ahead of would-be attackers requires flexibility; this may include throwing out old patch management processes for a more frequent schedule or rolling out a robust training program to avoid the minefield of manipulation employed by social engineers.

1. Email security is so complicated even security pros can struggle

The complexity of many internet technologies combined with the fact that we’ve bolted on so much of our security apparatus to make poorly-secured underlying protocols like email secure (SPF, DMARC, and DKIM) means even a PhD struggles. Some security breaches are the result of negligence, but many are due to niche resources/knowledge needed to understand this stuff. – Aaron Kraus, Security Engagement Manager

View tweet here

2. Flaws in John Deere systems show agriculture’s cyber risk

New exclusions are coming out to put more pressure on insureds to fix and patch vulnerabilities quickly. It will be interesting to see if this causes coverage issues on those exclusions. Coalition does not add in exclusions to policyholders based on their patch management policy. – Ross Warren, Production Underwriter

View tweet here

3. PrintNightmare vulnerability weaponized by Magniber ransomware gang

Best practices around patch management are no longer sufficient. Thirty days to test and deploy a patch is way too long because these vulnerabilities are being weaponized in a lot less time (seven days in this case). – Aaron Kraus, Security Engagement Manager

View tweet here

4. Your employment status

Emotional manipulation is a good way to override security awareness training. Phishing emails are becoming far more difficult to avoid, and BEC remains the most widespread type of incident. Having a robust phishing training program and a risk transfer method (like cyber insurance) to protect your business is critical to avoiding and remediating phishing attacks. – Ross Warren, Production Underwriter

View tweet here

5. Hackers steal over $600 million worth of cryptocurrencies

It's important for your exchanges and cryptocurrency custodians to have a robust security program. Once cryptocurrency assets are gone, it is incredibly unlikely they will be recovered. A favorite (and interesting) line from the article: "While the motive behind returning the stolen digital funds remains unknown, in a 'Q&A' held via Ether transaction notes, the hacker claimed it was 'for fun.'" Some people just want to watch the world burn. – Tommy Johnson, Cyber Security Engineer

View tweet here

If you enjoyed this post be sure to check our blog weekly; the Risk Roundup runs Friday mornings in addition to more enlightening content we post related to the ever-evolving landscape of digital risk. Follow us on Twitter (@SolveCyberRisk) and LinkedIn (Coalition Inc). If you have any suggestions for content that we should be adding to our reading list, let us know!