Threat Landscape Briefing – March 2023
This Briefing explores the potential impact of AI on cybersecurity and how it may empower threat actors. We also examine the effects of a recent cyberattack on a manufacturing company and discuss the role of the FBI in combatting ransomware. It also reports on a new threat actor targeting industrial systems and will provides information about a new technique to maintain persistence in Amazon Web Services environments.
In this month's report we explore:
Is ChatGPT Safe? Can ChatGPT Become a Cybersecurity Threat? (01:09)
- Although ChatGPT is a new technology which has attracted many industries to harness the benefits it provides, the potential security impact and risks needs to be further studied.
- See Build an Information Security Strategy and Build Resilience Against Ransomware Attacks for information to improve your cybersecurity strategy.
Security Leaders Weigh ChatGPT’s Potential for Good and Evil (02:57)
- Keep an eye on ChatGPT-related risks, but don’t panic.
- See Combine Security Risk Management Components Into One Program to improve your security risk management.
Canadian Tool Manufacturer Hit by Cyberattack (03:56)
- Organizations need to take a multilayered approach to security that includes both technical and non-technical controls.
- See Develop and Implement a Security Incident Management Program and Secure Your High-Risk Data to help secure your data.
The FBI’s Role in Combatting Ransomware (06:39)
- Recent events highlight the crucial role law enforcement can play in profiling the attacker and providing alternatives to victims who are feeling the pressure to pay a ransom.
- Review Are Your Industrial Control Systems Safe From Ransomware? and the State/Provincial Government Cybersecurity & Risk Management Report to learn about industry-specific security trends.
- See Build Resilience Against Ransomware to prevent ransomware incursions and defend against ransomware attacks.
Erythrite Emerges as a Legitimate Industrial Cybersecurity Threat Actor (8:26)
- Erythrite’s attack uses search engine algorithm gaps by presenting links leading users to their malware. End-user security training is a key part of your security strategy.
- Use the Secure IT/OT Convergence blueprint to create a holistic IT/OT security culture.
A Technique That Allows Persistence Through AWS User Federation (10:38)
- Persistence technique demonstrates the need for responders to have a good understanding of underlying technologies.
- See Identify the Components of Your Cloud Security Architecture and Build a Cloud Security Strategy to improve your security strategy for the cloud.