A Q1 2023 cybersecurity update

With the first quarter of the year drawing towards an end, it’s a good time to look at the online security situation so far, compare it with predictions from the end of last year, and generally present a Q1 2023 cybersecurity update.

At the close of last year, we collated a group of predictions and expectations for 2023. Since then, some are shaping up to reflect reality. Ransomware continues to rear its head as a potential hazard – CISA of the United States has issued a warning to all public and private entities to be wary of the Royal Ransomware group, for example. Other developments, such as the continuing rise of chatbots and AI tools, buck expectations and bear watching.

Ransomware continues to be a major hazard for businesses

As noted above, the Royal Ransomware group (which took off in September 2022) continues to cause a headache and represents a major threat to companies. Organizations that find themselves targeted are asked to pay a sum ranging between $1m to $11 million which needs to be paid in Bitcoins.

Other actors are busy on the ransomware front as well; news broke recently of State of Washington-based Pierce Transit having their systems locked by a file-encrypting malware on February 14th of this year. A pooling service related to car and bus, Pierce Transit was hit by ransomware blocking access to some systems and stealing some 300 GB of “confidential data.” LockBit Ransomware group claimed responsibility for the incident on February 28th 2023, and is reportedly demanding $10 million to free up the data from their malware.

Disaster recovery measures continue to be key to preventing the worst effects here, including keeping your data stored in an archive and backup as a final line of defense. The attack on the City of Oakland’s computerized data and the subsequent leak of some of it serves as a reminder that while archives and backups will allow you to retain access to your data, there are still risks present and prevention should always be a first priority.

ChatGPT, Microsoft Bing, and other AI tools

AI tools have been a popular topic recently. Since the initial wave of excitement, including Google’s Code Red and Microsoft’s announced integration of AI tools into Bing, there is a constant trickle of news and developments in this sphere.

One of the major concerns raised as early as January of this year is the potential for misuse of AI tools; CheckPoint’s demonstration that it was possible to circumvent the OpenAI filters and prompt it to generate a phishing email was only one of multiple warning signs; the ability of OpenAI tools to generate malicious code was also discussed, leading to some concern of “democratization” and freer access to malware.

While OpenAI is shoring up their filters and trying to block misuse of their algorithms, several Chinese companies are reportedly working on their own derivations of the ChatGPT formula. There is therefore possibility that soon, we may face the reality of multiple alternative algorithms presenting the same capabilities but potentially with fewer safeguards in place to prevent misuse. While most experts think any malware or malicious texts generated by AI is unlikely to be meaningfully dangerous, the flip side is greater saturation as access to such code and text becomes easier.

Major data leaks in both governmental and private spheres

Finally, the last quarter has seen several data breaches including the third known attack on GoDaddy, a web hosting and domain registrar giant. The initial infection, which was first reported in December 2022 by upset customers, follows November 2021 and March 2020 breaches. An investigation into this most recent incident shows that all three breaches are connected.

In addition to this, there have been a number of affected systems or data leaks in the governmental sphere, most notably of the American FBI’s servers pertaining to child sexual exploitation investigations and of the British NHS, where the data of roughly 14,000 staff members at a NHS hospital trust in Liverpool, U.K. was leaked due to internal error.

What do these developments mean for your organization?

With AI continuing to develop as a potential threat and ransomware seemingly poised to continue growing as per last year’s predictions, it is imperative that companies continue to invest into their cybersecurity training and infrastructure. Failure to adequately prepare can be crippling for your company.

As such, it has become ever more important to ensure that your data is kept safe and secure. The most obvious step is to ensure all your relevant data is protected in an archive or backup system; this allows a quick restoration in the event of attacks without having to pay the attackers for restored access, or continued access to your data. This capability should form the cornerstone of any recovery plan for a modern company working in the fast-paced digital environment.

Secure your data with our contentACCESS archive

TECH-ARROW has a proven track record of helping our customers mitigate threats and recover from attacks quickly and painlessly. Our contentACCESS archiving systems have been selected by clients across the world, and offer a layer of protection and recovery for files, Emails, MS Teams, and your SharePoint.

Are you ready to take the next step in securing your company into the next year? Contact us now to schedule your free consultation with our team, and find out what makes us the top choice for archiving your data, and how our solution can take your company’s safety to the next level.

 

Take the best steps to protect your data – with TECH-ARROW.

Archive all your O365 data with contentACCESS

by Matúš Koronthály