CSTI
    breachThe Commercial Era (2010-2019) Daily Briefing Landmark Event

    Cybersecurity Briefing: Mitsubishi Electric Breach and Ongoing Ransomware Threats

    Tuesday, June 18, 2019

    Today, we focus on significant cybersecurity incidents that have emerged recently, including a serious data breach at Mitsubishi Electric and ongoing ransomware threats targeting local governments.

    Mitsubishi Electric Data Breach This morning, reports confirm a major data breach at Mitsubishi Electric, attributed to a zero-day vulnerability in their antivirus software. The breach, which occurred several months ago, has resulted in the loss of sensitive trade secrets and personal data affecting over 8,000 individuals, including employees, job applicants, and retirees. Approximately 200 MB of sensitive data was accessed, with the attack believed to have originated from a vendor compromise involving an affiliated company in China. This incident underscores the vulnerabilities that can arise from third-party relationships and the critical importance of robust supply chain security measures.

    SACK Panic TCP Vulnerability In addition to the Mitsubishi breach, the cybersecurity community is on alert for a significant vulnerability known as SACK Panic, affecting Linux and FreeBSD kernels. This vulnerability has raised concerns due to its potential for exploitation, encouraging admins to prioritize patching efforts. The discovery highlights ongoing risks associated with foundational software components in many organizations, emphasizing the need for vigilance in maintaining security hygiene and implementing timely updates.

    Ransomware Attacks on Local Governments Ransomware attacks continue to escalate, with local governments in Florida becoming prime targets. Notably, Rivera Beach recently paid $600,000 to regain access to their systems after falling victim to a phishing scheme that led to the malware infection. Such incidents illustrate the effectiveness of social engineering tactics and the critical need for comprehensive employee training and robust incident response strategies.

    In conclusion, today's events reflect a broader trend in cybersecurity where vulnerabilities in widely used software and the exploitation of human factors are increasingly leveraged by cybercriminals. Organizations must remain proactive, not only in patching known vulnerabilities but also in fostering a security-conscious culture among employees to mitigate the risks associated with social engineering and vendor relationships.

    Sources

    Mitsubishi Electric data breach ransomware SACK Panic