Threat Focus: CloudBleed & Vehicle Ramming

After analyzing the threat relevant news of the past week, the Gate 15 Threat and Risk Analysis Cell (TRAC) observed four areas of concern in the Threat Focus of Wednesday’s Threat Dashboard. The rise of the CloudBleed vulnerability, a surge in deliberate and accidental vehicular attacks, the continued presence of online scams, especially tax scams, and the need to strengthen electric grid protections are all discussed by the team. The CloudBleed vulnerability is an especially time-sensitive topic, due to the widespread use of the Cloudflare service that it is based off of.

The vulnerability, which was identified and quickly patched, leaked sensitive information including authentication information and credentials, potentially impacting up to 5 million sites, including several of the largest consumer web servers including Uber, FitBit, and OK Cupid.”, says Dave Pounder, “Because of the extent of the vulnerability, several sites have provided mitigation advice, including Kaspersky and popular data breach blogger Troy Hunt. Hunt urges a calm, more pragmatic approach emphasizing that there is not enough information to make absolute statements regarding impact. What can’t be argued is that this is not good information. Some sites have already implemented forced password resets for their customers, but that is not the case across the board. At a minimum, consumers need to exercise proper vigilance and change their passwords, while remaining diligent and alert to potential scams seeking to capitalize on the impacts.”

Further building on the theme in the Torpedo Report, Gate 15 warns, “the cybersecurity impacts of this type of disclosure on an organization and on consumer trust / brand reputation are undeniable. Additionally, from a financial standpoint, a data breach costs an average ranging between $3.8 and $4 million, and that could grow depending on legal actions and the number of records compromised (a lost or stolen record with sensitive or confidential information could fetch upwards of $150 – 200 per record). Additionally, consumers need to remain diligent and alert to potential scams seeking to capitalize on the impacts of the breach.”

Three internationally publicized vehicular incidents demonstrated the threat that law enforcement officials, security professionals, and citizens face from weaponized cars. “In Germany, initial indications are a man deliberately rammed pedestrians – killing one and injuring two. The driver, a German native, was reportedly carrying a knife, attempted to flee the scene. He was shot by police and is now in medical treatment. The driver is not known to have any terrorist ties but does seem to have purposefully conducted this attack. In Louisiana and Alabama, two incidents played out during Mardi Gras. In the first, a drunk driver with a blood alcohol level three times the legal limit, ran into pedestrians partaking in the Mardi Gras festivities in Louisiana injuring several in what appears to be an unintentional incident. The second incident involved an older-aged man who accelerated into a marching bank performing in a Mardi Gras parade in Alabama. Investigators are still trying to piece together what happened, but do not suspect terrorism at this time.” Both malice and inattention can lead to deaths.

The complete Torpedo Report includes additional background and analysis as well as some preparedness and operational ideas for leaders to consider. This week’s reports and previous releases can be linked to from the “Reports” tab of this website.

To help leaders maintain active threat situational awareness, we distribute our (free!) daily paper and the above mentioned weekly products. Our team hopes they can help you achieve a sound background as you assess your organizational risks and then apply a threat-informed, risk-based and prioritized approach to preparedness and operations. If you’re not already signed-up, subscribe to our free products and receive them directly! Free reports include our daily paper, the Gate 15 SUN, with additional detail, focus and analysis in the weekly Threat Dashboard and Torpedo Report.

Follow our Gate 15 team on Twitter: @Gate_15_Analyst; and our Gate 15 page on LinkedIn and subscribe to our free daily and weekly products!