Resources

This week, GroupSense CEO Kurtis Minder was featured in Help Net Security's video series. In the video, Kurtis reviews the proposed changes to the US national cybersecurity strategy. In the forthcoming strategy, President Biden recommends a more offensive cybersecurity posture, stating that the US will proactively attack threat actors. Kurtis believes that these changes, while "exciting", are not as effective as a defensive cybersecurity strategy. Watch the full video and check out the article here. 

Ransomware attacks plagued 14 of the 16 critical infrastructure sectors over the last several years. Cyber criminals are well aware of the emergencies that are caused by a shutdown of critical infrastructure organizations, and they know ransoms will be paid to get operations up and running again. Ransomware attacks represent 28% of the attacks on critical infrastructure, and attacks are on the rise throughout the world in 2022. 

This week, GroupSense CEO Kurtis Minder was featured on the first episode of the "When Leaders Talk" podcast. The new podcast focuses on success stories, failures, and what is needed to be a good leader. Host Stefano Calvetti pulls on his years in the Italian navy to get down to what makes certain leaders impactful. 

CEO Kurtis Minder was featured on an episode of the "Where Humanity Meets Technology," podcast with host Maurice Hamilton. During the episode, "The Ransomware Economy & Prevention," Kurtis and Maurice cover threat actor profiling, the ransomware economy, and mitigation strategies for organizations to employ. 

Throughout the Russian invasion of Ukraine, the pro-Russian hacktivist group Killnet has captured the attention of cybersecurity experts. Killnet originally began as a DDoS botnet service. In January 2022, a threat actor posted an advertisement for the Killnet botnet in Duplikat, a dark web forum for carding, botnets, and other illegal activities. According to the ad, the botnet allowed users to direct traffic without the target’s knowledge. It also claimed that the botnet uses the latest WEB3 technology and that the data is stored throughout the Blockchain. Since January, the nationalist group has targeted pro-Ukrainian countries and organizations in a slew of attacks and experienced organizational shake-up after their leader left. 

Third-party and supply chain attacks have plagued organizations for years, and the attacks keep on coming. These attacks happen when threat actors gain access to your organization’s systems through a third-party, such as a supplier or vendor. Just a few weeks ago, we saw a third-party cyber attack on LastPass that affected GoTo, a remote access and collaboration organization. As a security-focused organization, it may have surprised many that they were impacted, but third-party attacks don’t discriminate.

Cyber criminals have a longstanding reputation of being loners who work out of their mom's basement with hoodies on, but cyber analysts know this isn't the case. Over the last decade, cyber experts have observed an uptick of cyber crime-as-a-service, in which criminals operate in larger, business-like crime units. But what if cyber criminals have a personality profile that organizations can look out for?

Our nation’s critical infrastructure is vital to our day-to-day lives. Encompassing 16 sectors, critical infrastructure spans transportation, manufacturing, utilities, and more. When we think of threats to infrastructure, natural disasters immediately come to mind, but cybersecurity incidents have the same potential for destruction, including interrupting manufacturing, supply chain availability, and other vital functions. Manufacturing currently contributes $2.7 trillion to the US economy, contributing heavily to GDP (gross domestic product), job growth, and more. Manufacturers are one of the main user groups of ICS (industrial control systems) and SCADA (supervisory control and data acquisition) technologies.

The GroupSense team is preparing for the inevitable increase in attacks during the holiday season along with the threat actors perpetrating the attacks. This year, CEO Kurtis Minder spoke with Politico's John Sakellariadis about threat actors playing the Grinch in the Politico cybersecurity newsletter.

During the midterm elections, national news was seemingly quiet about election interference from foreign powers, but that doesn’t mean there were no incidents. Election interference, especially the cyber variety, doesn’t always come on the day of the election. Whether counties or localities suffered DDoS attacks, wi-fi outages, or other cybersecurity attacks, it can all be chalked up to election interference. Here are a few of the incidents that GroupSense analysts were tracking during last Tuesday's election monitoring.