Weekly Security Sprint EP 60. Cyber news and breaches, security mindfulness, all-hazards and more!

Please enjoy our newest podcast, the Weekly Security Sprint, on SpotifyApple, as well as other locations accessible via the Spotify for Podcasters link or almost anywhere you listen to your favorite podcasts.

In this Week’s Security Sprint, Dave and Andy talked about the topics below. For more of these and other security updates, subscribe to our free daily report, delivered directly to your inbox, the Gate 15 SUN. To subscribe, please email [email protected].

Main Topics

  • US Environmental Protection Agency hack exposes data of 8.5 million users. The US federal arm tasked with environmental protection matters, the Environmental Protection Agency (EPA), is allegedly experiencing a data breach affecting over 8.5 million users. The breach, which has reportedly exposed personal and sensitive information belonging to EPA’s customers and contractors, was claimed by a hacker operating under the alias USDoD on Sunday… This isn’t the first time USDoD has sneaked into a federal system. Previously known as “NetSec” on RaidForums, USDoD has gained notoriety since the threat actor’s “#RaidAgainstTheUS” campaign targeting the US Army and Defense contractors. In December 2022, USDoD posted hacked data from InfraGard, a partnership between the FBI and private sector firms, which consisted of personal details about 87000 members of InfraGrad. A subsequent breach included a data leak of 3200 Airbus vendors that USDoD managed to capture using the compromised credentials of a Turkish Airline employee.
  • Sophos – Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector. While all ransomware attacks have negative outcomes, those that start by exploiting unpatched vulnerabilities are particularly brutal for their victims. Organizations hit by attacks that began in this way report considerably more severe outcomes than those whose attacks started with compromised credentials, including a higher propensity to:
    • Have backups compromised (75% success rate vs. 54% for compromised credentials)
    • Have data encrypted (67% encryption rate vs. 43% for compromised credentials)
    • Pay the ransom (71% payment rate vs. 45% for compromised credentials)
    • Cover the full cost of the ransom in-house (31% funded the full ransom in-house vs. 2% for compromised credentials)

They also reported:

  • 4X higher overall attack recovery costs ($3M vs. $750k for compromised credentials)
    • Slower recovery time (45% took more than a month vs. 37% for compromised credentials)
  • Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden. SiegedSec, the hacking group allegedly compromised of “gay furries,” claims to have breached a U.S.-based church and used its funds to purchase at least 100 inflatable sea lions. The hack—which also resulted in the leak of roughly 15,000 user accounts from the ministry’s website, including detailed prayer requests—was aimed at the River Valley Church in Burnsville, Minnesota. In a post on Telegram, SiegedSec said it targeted the church after receiving “a report via email of a church pastor” making anti-transgender remarks. The post specifically cites the church’s lead pastor Rob Ketterling as “causing problems with transgender individuals, as well as publicly posting transphobia.” Screenshots shared by SiegedSec show some of the prayer requests made by the church’s members, as well as a link to access the data. Another screenshot shows what appears to be the church’s Amazon account and 100 inflatable sea lions being sent to its Minnesota address by SiegedSec, totaling $999.00.
  • CSU: Forecast for 2024 Hurricane Activity.“We anticipate that the 2024 Atlantic basin hurricane season will be extremely active.” 
    • Colorado State University hurricane researchers are predicting an extremely active Atlantic hurricane season in their initial 2024 forecast. The team cites record warm tropical and eastern subtropical Atlantic Sea surface temperatures as a primary factor for their prediction of 11 hurricanes this year. 
    • The CSU Tropical Weather and Climate team is predicting 23 named storms during the Atlantic hurricane season, which runs from June 1 to Nov. 30. Of those, researchers forecast eleven to become hurricanes and five to reach major hurricane strength (Saffir/Simpson Category 3-4-5) with sustained winds of 111 miles per hour or greater. So far, the 2024 hurricane season is exhibiting characteristics similar to 1878, 1926, 1998, 2010 and 2020… The team predicts that 2024 hurricane activity will be about 170% of the average season from 1991–2020. By comparison, 2023’s hurricane activity was about 120% of the average season. The most significant hurricane of the 2023 Atlantic hurricane season was Hurricane Idalia. Idalia made landfall at Category 3 intensity in the Big Bend region of Florida, causing $3.6 billion dollars in damage and resulting in eight direct fatalities. 

Quick Hits

  • CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk CommunitiesCISA published a new dedicated High-Risk Communities webpage comprised of cybersecurity resources to support civil society communities at heighted risk of digital security threats, including cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tools and services. Despite their vulnerability to advanced cyber threats, many civil society organizations operate on lean budgets and cannot significantly invest in cybersecurity. 
  • DHS: Mitigating Harm from Violent Visual Content: CP3 Prevention Resource. In the wake of an act of targeted violence or terrorism, individuals and communities may be exposed to violent images, videos, and other disturbing content. This Prevention Resource provides practical, evidence-based guidance to help protect communities, families, and individuals, while also decreasing the likelihood of violence.

Read more about Gate 15’s full podcast menu at our Podcast page. You can subscribe and enjoy all the Gate 15 Podcasts on Spotify for PodcastersAppleSpotify, as well as other locations accessible from the Spotify for Podcasters link. Week-to-week, you can hear and learn more about our all-hazards threats, risks, mitigation and other issues impacting homeland security risk management from our team as well as our regular and special guests. The full podcast menu includes:

  • The Security Sprint is our weekly rundown of the week’s notable all-hazards security news, risks and threats and some of the key focus areas for organizations to consider behind the headlines. Gate 15 team members discuss physical security, cybersecurity, natural hazards, health threats and other issues across our environment.
  • Nerd Out! Security Panel Discussion, moderated by Dave Pounder, focuses on physical security topics including terrorism, extremism, hostile events, and other pertinent topics.
  • The Gate 15 Interview, is a monthly interview between Gate 15’s founder and Managing Director, Andy Jabbour and guests from throughout the homeland security risk management community addressing a wide range of all-hazards topics and issues.
  • Venue Security, The IAVM Podcast Series is our newest podcast as Gate 15’s founder and Managing Director, Andy Jabbour hosts short interviews with venue safety and security experts from the International Association of Venue Managers’ (IAVM) Venue Safety and Security Committee (VSSC) and other special guests from the IAVM community.
  • The Cybersecurity Evangelist, with Jennifer Lyn Walker, is a cybersecurity-focused discussion with Jen and invited guests. This is presently a Gate 15 special podcast and occasionally is updated on our Gate 15 podcast channel.
  • The Risk Roundtable, was a monthly discussion among our team and occasional guests exploring the all-hazards threats and risks impacting the United States and internationally. This was suspended in September 2023.

We hope you’ll subscribe, listen and share your ideas and other feedback! Reach out to us on Threads,  LinkedIn, via email at: [email protected], and also on X, the platform formerly known as Twitter.

Related Posts