Cybersecurity Consulting
October 26, 2023
9 minute read
Cybersecurity is a pressing issue for modern businesses looking to carve out a name for themselves in the hyper-competitive and hyper-digitized market of today. The average organization today is dealing with more vulnerabilities than they ever have before.
Staying up to date with the latest cybersecurity headlines, trends, and news stories is a great way to keep your organization on the frontline of your industry and ahead of the cybersecurity curve.
Our October recap focuses on the largest cybersecurity headlines that have come about this month including information on the cyberattack against the Orange County District Attorney, the Okta hack that slashed $2 billion from their market cap, the New York hospital that just got back up and running, and other page one cybersecurity headlines from October.
Reading this on your phone? With the recent advances in smart tech, more people are accessing work data while off-site. To ensure that your out-of-office staff is as protected as possible, check out DOT Security’s Cybersecurity Checklist for When You’re on the Go.
In last month’s news report we discussed the MGM and Caesar's cybersecurity breaches that left the former dealing with nearly 10 days of downtime while the latter shelled out a massive $15 million ransom payment.
Since then, though, more details have come to light which specifically point toward Okta, a cybersecurity firm specializing in identity management, as the source of the main vulnerability leading to the high-profile casino breaches, as well as other data breaches that have happened throughout the year.
Okta focuses on identity management in the cybersecurity space and they have an impressive portfolio of some 18,000 clients including the casino groups mentioned above and even the video conferencing software, Zoom.
While Okta has reached out and communicated with all of their affected clients, it might be too-little-too-late for the cybersecurity firm as one of their own clients mentioned they noticed suspicious activity in their Okta installations weeks earlier and their market cap was slashed by nearly $2 billion between Friday 10/20 and Monday 10/23.
On Monday 10/23 the Orange County District Attorney’s office acknowledged a cybersecurity breach that occurred on Friday 10/20. District Attorney Todd Spitzer and his office have been working to implement solutions suggested by cybersecurity experts who conducted an internal audit back in 2021.
While the DA’s office had integrated 5 of the 11 recommendations made by the experts in the wake of the 2021 cyber risk audit as of February 2023, they were still hit by a cyberattack. However, the difference is in the details.
Had Todd Spitzer’s office simply shrugged off the recommendations made in the cyber risk audit conducted in 2021, they would have been far less prepared to respond in the instance of an actual cyberattack. Rather than having a clear plan of action to follow that would limit the damage and lateral movement of the intrusion, the cyberattack could have gone unnoticed and would have likely done a lot more damage.
Since the DA’s office took the cybersecurity suggestions seriously, on the other hand, they at least had an incident response plan in place which was able to isolate and contain the threat, ultimately significantly limiting the damage.
Upon learning of the intrusion, the compromised system was shut down and an investigation into the source of the breach was launched immediately. The DA’s office also isolated their network communications in order to further restrict the depth of the breach and enacted a series of protocols to keep the Orange County criminal justice system running smoothly.
The Westchester Medical Center Health Network was hit by a cyberattack that affected three of their facilities including HealthAlliance Hospital in Kingston, NY; Margaretville Hospital in Margaretville, NY; and Mountainside Residential Care Center.
The cyberattack happened the week of 10/16, during which ambulances were diverted from the facilities. To address the compromise, the hospital’s IT professionals shut down their IT systems across the three different locations beginning 10:00 pm on Friday 10/20 and started bringing their systems back online as of Saturday 10/21, which is an ongoing process as of writing this.
While the Westchester Medical Center Health Network was able to isolate and address the cyberthreat within a reasonable timeline, they did have to rely on other hospitals within the region for emergency patients as they worked to recover.
As of Monday 10/23, the hospitals have resumed admitting emergency patients.
Last Wednesday 10/18, the FBI announced it had seized 17 domain names and around $1.5 million thought to be associated with an international North Korean scheme rooted in fraud and espionage.
North Korea has long been considered a hostile country by the United States. It is now facing allegations of deploying a massive workforce of thousands of highly skilled IT professionals, with the sole purpose of defrauding businesses across the globe and funneling their salaries into the North Korean missile program.
Investigations into the scale and scope of this scheme are ongoing, but the leading theory is that these IT workers were deployed between Asia and Russia, applied for freelance IT positions in other countries by masking their location or even paying to use a local Wi-Fi network. Not only would these covert professionals funnel salaries back to the North Korean missile program, but would also lurk in networks and siphon sensitive information.
The FBI has not named any victims specifically, but Special Agent Jay Greenberg said, “If a company has hired freelance IT workers, it’s more than likely they’ve hired someone involved in the scheme.”
We saw a lot of movement in the cybersecurity space in October, with a handful of page one headlines that are continuing to unfold.
One of the main throughlines in this month’s cybersecurity news report is how organizations can limit the depth and severity of damage caused by a cybersecurity incident with the proper planning, tech, and processes in place.
This month we saw both the Orange County District Attorney’s office and the Westchester Medical Center Health Network respond and recover from cybersecurity threats without suffering insurmountable damage or significant downtime.
Having an incident response plan and disaster recovery plan in place is paramount in today’s ever-expanding digital landscape.
Cybersecurity isn’t just important on-site. It’s a crucial aspect for every member of your organization. To protect your staff across flexible work environments and travel arrangements, check out DOT Security’s Cybersecurity Checklist for When You’re on the Go.