2023-10-15
Subscribe to get the latest
Digital Transformation this Week for October 15, 2023, reports ongoing cyberattacks during the Israel-Hamas conflict and the compromising of the 'Red Alert System' app. Additionally, generative AI has been shown to reduce cloud migration efforts while the UK's CMA investigates the public cloud market.
Keywords
#compute #edge #israelcyberattacks #hamasconflict #redalertsystemapp #powerplantcyberthreats #generativeai #cloudmigration #cmauk #publiccloudinvestigation #avoslocker #ransomeware #criticalinfrastructure #ecybersecurity #embracingdigital #edw37 #zerotrustarchitecture
Cybersecurity
Israel battles cyberattacks during the Hamas conflict. The ‘Red Alert System’ app was compromised to send false alerts and political messages. Israeli power plants were also hit. CEO of Secure Cyber Defense, Shawn Waldman, warns of ongoing cyber threats, highlighting recent intelligence on foreign actors targeting critical U.S. infrastructure. He emphasizes the need for continued progress in cybersecurity. Read More
Israel and Palestine saw a surge in internet traffic after Israel declared war on Hamas on October 7, 2023. Cloudflare’s data reveals that cyberattacks targeting Israel increased, including DDoS attacks on Israeli newspapers. In Palestine, internet disruptions were observed, potentially related to power outages. Cloudflare is monitoring these trends and offers tools for tracking internet traffic patterns. Read More
Ransomware attacks are becoming more sophisticated, with networking devices being increasingly exploited for delivery. Protected Health Information in the healthcare sector is a prime target. High-income organizations, especially in the US, are preferred targets. Newer groups are emerging, and languages like Rust and GoLang are being adopted. Organizations are enhancing cybersecurity measures, and Cyble Vision is recommended to stay ahead of ransomware threats. Read More
Edge Computing
The AvosLocker ransomware gang has been implicated in attacks against critical infrastructure sectors in the U.S. Their tactics include using legitimate software and open-source remote system administration tools to compromise networks, followed by data extortion threats. AvosLocker emerged in mid-2021 and employs techniques to disable antivirus protection, affecting Windows, Linux, and VMware ESXi environments. The group is known for using open-source tools and living-off-the-land (LotL) tactics to avoid attribution. CISA and the FBI recommend mitigation measures for critical infrastructure organizations, including application controls, limiting remote desktop services, restricting PowerShell use, and maintaining offline backups. Ransomware attacks have surged in 2023, with attackers deploying ransomware rapidly after initial access. Read More
The NSA has released ELITEWOLF, a repository of signatures and analytics on its GitHub, to enhance the security of Operational Technology (OT) and counter malicious cyber activity targeting critical infrastructure. Given the increasing threat to OT systems, the NSA recommends OT infrastructure owners and operators use ELITEWOLF as part of vigilant system monitoring. This initiative follows the Protect Operational Technologies and Control Systems against Cyber Attacks Cybersecurity Advisory. Read More
NATO has vowed to respond firmly to any confirmed deliberate attack on critical Baltic Sea infrastructure. The pledge comes in the wake of damage to underwater infrastructure in the region. Finland is investigating the incident, which may have involved external forces, including Russia. If proven to be a deliberate attack on NATO’s critical infrastructure, the organization will respond with a united and determined effort. Read More
Cloud Technology
Generative AI reduces cloud migration efforts by 30-50%, leveraging large language models (LLMs). LLMs can assess infrastructure, move workloads, and verify migration effectiveness. McKinsey’s Bhargs Srivathsan noted that generative AI and the cloud are mutually beneficial, as the cloud enables generative AI, which in turn accelerates cloud migration. LLMs can be utilized for content generation, customer engagement, synthetic data creation, and coding. Read More
Enterprises with on-premises technology solutions face disruption while moving to full cloud. To address this challenge, the Hybrid Cloud approach allows companies to maintain core services on-premises. This approach adds new cloud capabilities to legacy infrastructure, reducing disruption and preserving tried-and-tested technology. For instance, a Hybrid Cloud can be used in contact center operations to layer chat and social digital channels on top of existing infrastructure, allowing organizations to handle fluctuations in call volume without significant disruption. Read More
The UK’s Competition and Markets Authority (CMA) investigates the public cloud market to ensure fair competition for businesses and individuals. The probe will scrutinize the operations of providers like AWS, Microsoft Azure, and Google Cloud to address concerns about anti-competitive behavior, data use, and barriers to entry. The CMA aims to encourage innovation, offer competitive prices, and provide customer choice. Read More
Embracing Digital Transformation Podcast
In this week’s episode of the Embracing Digital Transformation Podcast, Darren interviews Rachel Driekosen about how AI is being used to safeguard children online and bring perpetrators to justice. Stay tuned for an upcoming series on Zero Trust Architecture in the next few weeks. Read More