Securing the Digital Landscape: Key Takeaways from Cyber Security Today’s 2023 Review

With me for the first time together are commentators Dinah Davis, vice-president of research and development at managed service provider Arctic Wolf, and Terry Cutler, who heads Montreal’s Cyology Labs, a training and incident response firm. Hello to you both.

Hey, everyone. Here is a link to Cyber Security Today, Year in Review for 2023, with Howard Solomon, the host of Cyber Security Today, and David Shipley, head of Beauceron Security in Fredericton, New Brunswick.

In 2023, the central cybersecurity event discussed was exploiting a zero-day vulnerability in Progress Software’s MOVEit file transfer application. The incident led to a global hacking spree affecting 2,686 organizations, resulting in data theft from over 90 million individuals. The Clop ransomware gang claimed responsibility, focusing on data theft rather than deploying ransomware.

The discussion highlighted several key points:

  1. Rise in Zero-Day Vulnerabilities: There is an increasing trend in discovering zero-day vulnerabilities, posing challenges for organizations in implementing effective cybersecurity measures.
  2. Lack of Holistic Cybersecurity Approach: Many organizations need comprehensive technology with detection and response capabilities, leading to a limited view of their cybersecurity environment.
  3. Importance of Basic Cybersecurity Practices: Emphasis was placed on adhering to fundamental cybersecurity practices, such as regular patch management, security updates, and holistic monitoring environments.
  4. Vendor and Organizational Accountability: The conversation addressed the responsibility of both vendors and organizations in preventing cybersecurity incidents. For example, The MOVEit vulnerability, identified as a SQL injection, was criticized as a preventable issue that should not have occurred.
  5. Data Governance and Hygiene: The incident underscored the importance of proper data governance and hygiene. Organizations were urged to understand the intended purpose of technologies like MOVEit and to maintain good data hygiene to reduce the impact of cybersecurity breaches.
  6. Role of Change Management: The architectural building blocks and planning of IT networks were likened to city planning, emphasizing the importance of change management in securing digital environments.
  7. Government Involvement and Investigations: The swift communication by the Nova Scotia government regarding the incident was commended, and there was a discussion about the potential investigation by the U.S. Securities and Exchange Commission (SEC) into companies’ disclosures concerning their cybersecurity risks and management practices.
  8. Lessons from Clop Ransomware Gang: The Clop gang’s sophisticated approach, including advanced planning and sequencing in their cyber operations, highlighted the need for defenders to work smarter, not just harder.
  9. The year also saw an interesting angle with the Clop gang exploiting a vulnerability in another file transfer application called Go Anywhere MFT before targeting MOVEit, demonstrating strategic innovation in cybercriminal activities. The overall sentiment emphasized the need for continuous improvement in security protocols, employee training, and incident response plans to address evolving cyber threats.

To listen to the full podcast, click here

Posted in

Terry Cutler

I’m Terry Cutler, the creator of Internet Safety University, an educational system helping to defend corporations and individuals against growing cyber threats. I’m a federal government-cleared cybersecurity expert (a Certified Ethical Hacker), and the founder of Cyology Labs, a first-line security defence firm headquartered in Montréal, Canada. In 2020, I wrote a bestselling book about the secrets of internet safety from the viewpoint of an ethical hacker. I’m a frequent contributor to National & Global media coverage about cyber-crime, spying, security failures, internet scams, and social network dangers families and individuals face daily.