Components of DOT Security’s Services
Explore each of the core elements that combine to form DOT Security’s complete offering
See how it all comes together
DOT Security’s holistic service- A plan to get back up and running if a problem occurs
- Comply with data security laws and industry regulations
- Expert planning and training to improve overall security
- Protection for a controlled internal environment
- Coverage for individual systems and devices
- Control who can get into your networks
- Improved insight into data and communications
- Extra fortification for your most sensitive data
Risk Assessment
InsightsCybersecurity insights and analyses
Dive into the world of modern cybersecurity with explanations, predictions, and expert opinions
Find blogs, infographics, videos, and more
DOT Security insights- Definitions for industry terms and acronyms
- The complete beginner’s guide to everything cybersecurity
Cybersecurity Consulting
Cybersecurity News and Headlines from February 2024
February 27, 2024
8 minute read
The cybersecurity space is always buzzing with industry updates and technological evolutions. Staying on top of these stories will keep you informed and up-to-date on compliance regulations, major industry trends, and the largest headlines in both cybercrime and cybersecurity.
In this month’s cybersecurity news recap, we take a look at the LockBit lockdown, security cautions around Microsoft Copilot, the Change Healthcare breach, and the $16.5 million FTC fine against Avast.
Sign up for our newsletter!
We break down each of these stories in depth below.
If you’re interested in cybersecurity and want to stay on top of the biggest headlines each month, subscribe to the DOT Security blog and make sure to check back regularly!
The LockBit Lockdown
The most prolific ransomware cybercrime gang in the world, LockBit, had their dark web domain seized by authorities on Monday, February 19th. This monumental win in the fight against cybercrime was a joint effort between the U.K.’s National Crime Agency, the FBI, Europol, and several other international agencies including the international law enforcement task force, ‘Operation Cronos’.
The LockBit group has been responsible for a staggering number of ransomware attacks over the years, as they’ve been linked to almost 2,300 attacks since 2019 while the second largest player in the ransomware industry, Conti, has only been linked to 883 attacks.
“For years, LockBit associates have deployed these kinds of attacks again and again across the United States and around the world. Today, U.S. and U.K. law enforcement are taking away the keys to their criminal operation, and we are going a step further — we have also obtained keys from the seized LockBit infrastructure to help victims decrypt their captured systems and regain access to their data. LockBit is not the first ransomware variant the Justice Department and its international partners have dismantled. It will not be the last.”
- Attorney General Merrick B. Garland -
While the dark web domains for the LockBit group are currently seized and inoperable, guests are greeted with a message from international authorities, that reads, “We can confirm that Lockbit's services have been disrupted as a result of International Law Enforcement action — this is an ongoing and developing operation.”
Now, authorities are pursuing key players, leaders, and affiliates of the LockBit group with legal action and The Department of State has even offered a reward of $15 million ($10M for leaders and $5M for affiliates) for information leading to the arrest and/or conviction of individuals participating in LockBit ransomware attacks.
While the LockBit gang is undoubtedly pivoting, researching and developing new cyberattacks and ransomware, and working on rebuilding its infrastructure, this major win in the fight against cybercrime shows an international dedication to investigating and shutting down cybercrime syndicates no matter how large, profitable, prolific, or invisible they may seem.
Microsoft Copilot Cautions
Artificial intelligence continues to find its way into cybersecurity headlines as the new-aged technology is seeing more and more implementation and development. Microsoft Copilot is an AI model that’s native to the Microsoft 365 suite and is designed to help users get more out of their day-to-day activities by streamlining tasks without compromising quality.
The potential of an AI like Copilot is essentially astronomical, as the program is more than capable of completing complicated tasks like drafting an entire proposal based on specific notes and past presentations.
However, because Copilot is integrated into Microsoft 365, there are security concerns revolving around the depth of data access allotted to the program. These are three main concerns around Copilot and data security.
- Copilot will use all the data that an employee has access to within the Microsoft 365 suite.
- Copilot does not inherit security provisions from source files, creating a major vulnerability that puts sensitive information at risk.
- Additional security burdens are put on the employee to prevent data leaks and system compromise.
Organizations can mitigate this type of risk by customizing access and employee security provisions, but it’s vital to have a clear understanding of how AI models are using company data before a wide-spread implementation.
UnitedHealth Subsidiary Change Healthcare Breached
The recent cybersecurity breach at Change Healthcare, a subsidiary of UnitedHealth, has been causing disruptions in prescription processing for various pharmacies. Smaller pharmacies are being hit the hardest, but larger operations like Walgreens is also experiencing some delays caused by the cyberattack.
By Thursday, February 22nd, it was confirmed that a cyberattack had indeed prompted a network outage that has yet to be fully addressed.
According to an 8-K filing with the SEC, more than 100 Change Healthcare applications were compromised by the attack which affected operations across pharmacy, medical record-keeping, clinical, dental, patient engagement, and payment services.
As Change Healthcare and UnitedHealth Group work to address the cybersecurity breach, the incident underscores the vulnerability of healthcare systems to cyber threats and the far-reaching consequences such breaches can have on essential services like prescription fulfillment.
This story also highlights the importance of a robust and layered cybersecurity strategy designed to safeguard sensitive data, maintain compliance, and ensure uninterrupted operations.
A Fine for Avast
Cybersecurity software company Avast is facing a hefty $16.5 million fine after storing and selling customer information without proper notice or consent. The Federal Trade Commission (FTC) announced the fine alongside a ban on Avast from selling user data for advertising and marketing.
The investigation revealed that in the period from 2014 to 2020, Avast had been collecting user web browsing data through its antivirus software and browser extension, amassing details on sensitive topics like religious beliefs, health issues, political affiliations, geographical locations, and even financial standing.
This data was then stored indefinitely and sold to over 100 third-party entities without customers' awareness or consent, according to the FTC's complaint.
The issue gained significant attention in 2020 when a joint investigation by Motherboard and PCMag shed light on Avast's questionable data privacy practices, prompting the company to shut down its data harvesting arm, Jumpshot.
Avast claimed to have removed identifying information before selling user data, but the FTC discovered that the anonymization process was inadequate, as data was still being sold with unique identifiers attached. This allowed purchasers to access detailed browsing histories, including visited websites, timestamps, device and browser information, and location data.
In addition to the substantial fine, the FTC's proposed order mandates that Avast cease misrepresenting its data practices and refrain from selling or licensing browsing data from its products to advertisers. Avast is also obligated to delete all web browsing data obtained through Jumpshot and notify affected customers about the unauthorized sale of their data.
Despite disagreement with the FTC's allegations, Avast spokesperson Jess Monney expressed the company's commitment to resolving the matter and continuing to serve its global customer base. This is just one of the FTC's recent crackdowns on data privacy breaches, as other entities like Outlogic and InMarket have also recently reached similar settlements around the sale of user data.
Wrapping Up on Cybersecurity News from February
In today’s digital-first world, data security has become a priority for businesses, not because they want it to be, but because it has to be. In order to keep consumers, employees, and the company itself safe, a thorough and layered cybersecurity strategy is a necessity.
By staying up-to-date on the latest cybersecurity news headlines and major stories, you can prepare yourself for industry shifts, install defenses for trending attacks, and maintain a powerful security strategy.
Subscribe to the DOT Security blog to get regular monthly news recaps in cybersecurity along with a whole library of content breaking down cybersecurity concepts.