WELCOME TO THE June 2024 NEWSLETTER

The IT Insider is KeyStone Solutions monthly newsletter about the latest trends, topics, and articles relating to IT news, support, as well as KeyStone updates. As a Managed Service Security Provider (MSSP), KeyStone’s expert team helps small to medium sized businesses with IT services including virtual Chief Information Security Officer (vCISO), cybersecurity, help desk support, Governance, Risk, and Compliance (GRC), cloud solutions, and KeyStone’s signature service, IT Team as a Service (ITTaaS) which is an all-encompass solution.

A Note From Our CISO [This is an internal section only, not for external news. Internal Security Person or CISSP]

The U.S. government released new guidelines to enhance cyber resilience in the water and wastewater sector (WWS). This response addresses the growing interest of threat actors in this critical infrastructure. The guide, a collaboration between CISA, the FBI, and the EPA, provides comprehensive advice for water utility operators on preparing for, mitigating, and responding to cyber incidents. It includes strategies for incident reporting, available resources, training, and building a cybersecurity baseline.

The guide emphasizes the importance of collaboration with federal partners and local cyber communities. It details the incident response lifecycle, stressing the necessity of a robust response plan comprising preparation, detection, containment, recovery, and post-incident analysis. While prioritizing normal operations, WWS utilities are encouraged to contribute to collective cyber defense efforts.

US Government Publishes Cybersecurity Guidance for Water and Wastewater Utilities

The U.S. government released new guidelines to enhance cyber resilience in the water and wastewater sector (WWS). This response addresses the growing interest of threat actors in this critical infrastructure. The guide, a collaboration between CISA, the FBI, and the EPA, provides comprehensive advice for water utility operators on preparing for, mitigating, and responding to cyber incidents. It includes strategies for incident reporting, available resources, training, and building a cybersecurity baseline.

The guide emphasizes the importance of collaboration with federal partners and local cyber communities. It details the incident response lifecycle, stressing the necessity of a robust response plan comprising preparation, detection, containment, recovery, and post-incident analysis. While prioritizing normal operations, WWS utilities are encouraged to contribute to collective cyber defense efforts.

View Live Cyber Threat Map From Check Point

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report

In 2023, ransomware attacks surged by 128.17% from the previous year, totaling 1837 additional incidents, as per Ransomlooker. This tool, specializing in dark web monitoring, noted seasonal variation: 1253 attacks in spring and 1275 in summer, compared to 611 in winter and 1052 in autumn. An average of 36 attacks occurred daily, with the USA being the most targeted country. The top five victim countries remained consistent over four years: the USA, UK, Canada, Germany, and France, with economically advanced countries like Italy, Australia, and Spain also frequently targeted. Surprisingly, India and Brazil made the top 12, likely due to their limited cybersecurity investments.

LockBit was 2023’s most active ransomware group, responsible for nearly a quarter of the incidents, especially targeting the construction, manufacturing, and retail sectors. In 2023, the IT sector surpassed construction as the most targeted industry, with Stanford University, Volt, and CoinBase being the prime targets in the IT service and consulting sector.