Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On February 9, the U.S. Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management for investment advisers, registered investment companies, and business development companies. It's no surprise that the SEC is taking a more active role in this, given their continued interest in cybersecurity issues and high-profile ransomware attacks.

-On February 23, 2022, multiple security vendors with a business presence in Ukraine identified a new wiper malware primarily impacting Ukrainian organizations in at least the aviation, defense, financial, and IT services industries. In at least one intrusion, Symantec observed the wiper malware impact devices in Lithuania. -Researchers identified HermeticWiper shortly after a DDoS attack targeted Ukrainian websites earlier that day.

There is already a well-documented history of cyber attacks targeting organizations in Ukraine - including the attack attributed to members of the Russian military intelligence group GRU - NotPetya. This threat actor has previously conducted attacks known as NotPetya, BlackEnergy, and has targeted high-profile events such as the Olympics, as well as perpetrated destructive attacks against Georgia.

By now it’s become clear—hybrid and remote work are here to stay. This goes for employees in the government sector as much as it does for those in other industries. Along with increased flexibility, however, comes increased attack surfaces for security professionals to defend.

Late last year, The Canadian Center for Cyber Security published an in-depth threat bulletin declaring it had knowledge of 235 ransomware incidents against Canadian victims from in 2021, with more than half of these victims being critical infrastructure providers. The report also explains that most ransomware events remain unreported to the Center, and—based on past findings—once targeted, ransomware victims are often attacked multiple times.

2021 broke new ground in terms of cybersecurity, and much was ground just as well left unbroken. With no indication that ransomware, data breaches, and assorted malware will go away soon, the new year is a time for organizations to get a fresh start and really fortify themselves against a widening field of threats. One month in, we've already seen a disturbing array of attacks, from those on political targets to distressing new malware to a breach of exceptional sensitive information.

2021 was another record-breaking year for cyber attacks, with reports of massive breaches and huge ransomware demands dominating headlines. It’s a trend that does not seem to be slowing any time soon, either. Currently, there are thousands of vendors in the market, with over $130 billion spent annually on defense and yet, the number of breaches continues to rise. Arctic Wolf's 2021 Data Breaches in Review counts down the most noteworthy, high-profile, and damaging data cybercrimes of the year.

When our customers begin their security journey with Arctic Wolf, our Concierge Delivery Model benchmarks their security programs against the NIST Cybersecurity Framework. The NIST framework spans five functions (Identify, Protect, Detect, Respond, Recover), and offers guidelines and best practices for organizations to better manage, reduce, and ultimately end cyber risk.

Strong, resilient security operations require the proper melding of people, technology, and processes to achieve the goal of reducing the likelihood and impact of cyberthreats. The right security operations center (SOC) will strengthen the overall security resiliency of an organization. The wrong one will tax your team—leading to mistakes, breaches, and losses.

This is a follow-up to our previous blogposts covering the Log4j vulnerability and the Deep Scan tool we made available to help identify vulnerable systems. As we close the first month of 2022, we looked into the activity related to the Log4Shell vulnerability CVE-2021-44228 observed across our 2,3000+ customers. Many of you will empathize with the struggle to find all instances of the vulnerable Log4j component, especially at the scale that comes with having a large customer base.