Cyber Watch – March 2, 2024

Welcome to the Cyber Watch series for today, March 2, 2024. At DigitalXForce, our Cyber Intelligence team curates a list of the latest cybersecurity news to keep you informed of stories that matter every week.  

Cyber Watch | DigitalXForce

This week’s Cyber Watch top 10 list is a compilation of stories from 50+ relevant news sources across the web – all ranked according to the risk impact. We encourage you to review these stories and take steps to protect your organization. Click on each headline to read the full story.

NIST Unveils Version 2.0 of Simplified Cybersecurity Framework

The National Institute of Standards and Technology (NIST) has released version 2.0 of its landmark Cybersecurity Framework. This marks the first major update since its 2014 debut. The refreshed framework now emphasizes governance, treating cyber risks with business priority akin to financial and reputational threats. Core functions also now include “Govern” alongside Identify, Protect, Detect, Respond, and Recover. 

NIST says the revisions aim to increase relevance for more users in the US and globally via stakeholder feedback. CSF 2.0 introduces a user-friendly catalog of references mapping guidance documents to specific framework provisions. This searchable cross-reference tool helps identify control gaps and roadmaps to improve posture. It links the framework’s best practices guidance with over 50 related cybersecurity standards like NIST’s SP 800-53 Rev 5 comprehensive controls catalog. 

NIST hopes widespread customization and sharing of implementation experiences will amplify benefits across sectors, enabling better risk management. As threats escalate, the framework update strives for flexibility and simplicity to drive adoption.

Biden Order Bars Mass Transfer of Citizens’ Data to Adversaries

President Biden has signed an executive order prohibiting the bulk sale of Americans’ sensitive personal information to foreign adversaries. The data includes financial, health, genetic, biometric, and location records that hostile regimes like China and Russia could weaponize for surveillance and espionage. 

Mass data transfers facilitated by brokers pose national security risks, enabling tracking and targeting of dissidents. The order sets restrictions around providing extensive citizen data access via commercial deals. It also directs agencies to issue regulations that establish protections and security standards for safeguarding sensitive government and personal information. Additionally, Health, Defense, and Veterans departments must ensure federal funds don’t enable exploitative data access. 

While a milestone, some criticize banning only select “countries of concern.” Senator Wyden argues other dictatorships like Saudi Arabia also cannot be trusted with such data, lacking privacy laws to prevent sales to China. The order comes as the US added Chinese electronic firm Chengdu Beizhan and Canadian network company Sandvine to a trade blacklist for enabling repression. 

Sandvine provided deep packet inspection tools for censorship, surveillance, and spyware injection against critics globally. The executive action recognizes national security and privacy risks from mass data deals with adversaries. However, effectively balancing open markets and risk mitigation remains challenging.

UK Launches Measures to Advance Smart Energy Infrastructure

The UK has unveiled plans to promote the adoption of smart, internet-connected technology across home energy tech and wider infrastructure. The package includes boosting households’ access to smart meter in-home displays. Major suppliers now back extended warranties for the displays that enable accurate tracking of energy use and costs. 

A review is also underway of default deals to make default tariffs more dynamic and reflective of cheaper, off-peak renewable usage. The aim is to incentivize the take-up of smart meters and utility-friendly tech. Another £10 million in funding will back pilot projects using IoT to offer time-varying tariffs, like personalized pricing from smart appliances learning home routine, alongside smart electric vehicle charging. 

Energy Minister Amanda Solloway says even the busiest homes can save hundreds through such innovation. Industry group Energy UK praised the measures for increasing customer control while transitioning to a smarter grid harnessing distributed energy assets. With over half of homes already smart meter enabled, the moves expand access to money-saving data and technologies. 

They signal political will and funding to achieve smart infrastructure for the future grid – optimizing renewables alongside household participation. Though in its early stages, it represents continued momentum around the digital transformation of the energy landscape.

Pepco Reports $16M Lost in ‘Sophisticated’ Phishing Attack

Major European discount retailer Pepco Group has revealed it fell victim to a fraudulent phishing scheme, resulting in the loss of €15.5 million (~$16.8 million) in cash. An investigation is underway alongside banks and law enforcement to attempt recovery of the stolen funds. While the company maintains it currently appears no customer or data was impacted, the incident deals a financial blow. 

Based on the circumstances, researchers say it likely was a business email compromise (BEC) attack. These involve hackers compromising accounts to trick employees into transferring money to criminal-controlled bank accounts. Pepco owns major European brands Pepco, Dealz, and Poundland, reaching over 30 million customers monthly across thousands of stores. The company emphasized its strong overall financials can withstand the hit. But it highlights lingering exposure to rising sophisticated threats exploiting human targets. 

BEC scams alone caused $50 billion in global losses over the past decade. The costly incident has prompted a security review of Pepco’s systems and processes to close gaps. Yet phishing remains an uphill challenge, requiring persistent vigilance even with strict controls. For organizations worldwide, one slip is all it takes to land the next major breach headline.

Healthcare Giant’s Systems Down 4 Days After Cyber Attack

A major cyberattack has disrupted health IT provider Change Healthcare’s systems for four straight days, parent company UnitedHealth Group disclosed. UnitedHealth, which owns Optum and merged Change Healthcare last year, isolated and disconnected the impacted systems upon detecting a “nation-state associated” threat actor intrusion on Wednesday. 

While Optum and UnitedHealthcare operations remain unaffected, Change has not yet restored its environment which services over 100 million patients for revenue cycle needs. The extended outage ripples through healthcare, stalling pharmacy giant CVS Health’s insurance claims processing though prescriptions continue. Industry groups urge disconnecting from Optum until reconnection is deemed safe. 

Change says it won’t shortcut restoration despite the prolonged disruption. The circumstances point to a sophisticated, likely state-sponsored attack – but details remain undisclosed. For hospital clients and partners, it spotlights lagging security infrastructure in a fragmented landscape, despite increased digitization. 

While preventing intrusions by advanced adversaries is challenging, critics argue Change should have contained the breach better with redundancy. Its inability to swiftly recover trading availability for protection showcases lingering fragility in mission-critical health IT systems.

Ransomware Gang, BlackCat, Exposes Details on Healthcare Giant Breach

Notorious ransomware group BlackCat has published a scathing blog post exposing intimate details about the recent cyberattack on UnitedHealth’s Change Healthcare unit. BlackCat slammed Change’s parent UnitedHealth for allegedly lying about the 8-day outage’s severity and not revealing the extent of exfiltrated data, which impacts hospitals and pharmacies. 

UnitedHealth’s initial filing pinned the hack on a nation-state actor. But BlackCat claims it carried out the attack, only changing its tune when the group threatened exposure. The 2,200-word post chastises Change’s “risky game” in restoration efforts and breach transparency failures. It underscores the messy complexity of today’s cybercrime ecosystem, where savvy extortion groups leverage data theft and public shame. 

For healthcare entities entrusting mission-critical systems to vendors, it represents another dimension of vulnerability beyond their control. The post exemplifies the chaotic fallout when hackers hijack digital infrastructure – but also the lingering influence of public optics among criminals seeking profit and prestige. For Change Healthcare, concealed truths now face exposure at the hands of those who know most.

New Study Shows 60% of Consumers Avoid Breached Companies

Organizations face quantifiable customer retention risks following cyber breaches, a Cyberint report warns. The analysis reveals over 60% of consumers are likely to stop shopping at a recently hacked retailer. For high-income shoppers, nearly 75% would hesitate. In finance, 83% may discontinue breached apps. 

Across sectors, reputation impacts grow. The findings underscore that data incidents don’t just endanger information – they can severely hurt revenue by eroding consumer trust and engagement. Breached entities appear tainted despite fixing gaps. That’s especially concerning given the uptake of embedded finance and cyber-physical systems where technology underpins core services. 

While firms focus on remediating attacks, study authors emphasize more budget must go to prevention and communicating resilience. With stronger regulation also compelling disclosure, security can no longer just be an IT concern – it requires executive-level visibility as a customer issue shaping market share, regardless of industry. The report quantified the hard commercial effects of seeming intangible.

Vulnerability in 4M+ LiteSpeed Cache Plugin Puts WordPress Sites At Risk

Cyber researchers have uncovered a severe flaw in the popular WordPress caching plugin LiteSpeed Cache, active on over 4 million websites. The vulnerability enables unauthenticated cross-site scripting through improper input sanitization. This permits sensitive information theft or privilege escalation using a single request. The issue originates from lacking validation and output escaping in the update_cdn_status feature, combined with flawed access controls. It was addressed in version after responsible disclosure. 

However, the incident highlights common WordPress plugin pitfalls that can have widespread ramifications despite fixes. The researchers call it imperative for proactive security in plugin development lifecycles. LiteSpeed Cache enjoys immense adoption for accelerating site performance. But the underlying weakness now puts enormous numbers of site owners at preventable risk. 

Beyond patching, experts say recurring oversights demand better design principles, peer review, and pre-release audits given plugins’ expansive reach. For open-source communities, quality assurance looks increasingly non-negotiable amid the mounting stakes.

Data Stolen in Cyber Attack on Pharma Giant Cencora

Major pharmaceutical distributor Cencora recently disclosed a cyberattack leading to data theft, the latest healthcare sector breach. The company caught the incident on Feb. 21st but has not determined the financial or operational impact. While stating no link to the recent BlackCat ransomware attack on Optum’s Change Healthcare, Cencora has not revealed what information was stolen. 

Experts say healthcare’s vast technology landscape offers many pivot points for follow-on attacks regardless. Cencora’s $260 billion revenue highlights the immense disruption potential. The stealthy data exfiltration now opens possibilities for extortion down the line. Critics argue preventing data theft itself should be the priority rather than limiting connections after the fact. The recurring headlines underscore healthcare’s enduring status as a prime target, with high-value data and mission-critical systems at stake. 

Whether for disruption or surveillance, adversaries are often a step ahead. Executives must elevate cyber strategies to match the level of risk as patient safety and services hang in the balance. For such an essential, technology-driven sector, insecurity continues to plague operations and erode public trust. 

Crypto Crime Continues to Cost Americans Billions

The lure of easy money through cryptocurrency continues to hook victims into fraudulent schemes at an alarming rate. According to a new report from Surfshark, Americans lost a staggering $1.56 billion to crypto fraud in 2025 alone, accounting for 15% of all fraud losses reported to the Federal Trade Commission. This marks the third consecutive year crypto losses have topped $1 billion.

Even more troubling is the rapid rise in individual losses. In 2021, victims lost an average of $18,000 but by 2025, that figure had ballooned to $28,000 per victim. The most common crypto frauds involved fake investments and romance scams. While the growth in losses has slowed slightly compared to previous years, the scope remains significant going into 2026. 

Cryptocurrency scams show no signs of abating, preying on unwitting investors seduced by promises of easy money. Experts warn all crypto holders to exercise extreme caution to avoid becoming the next victim robbed of their hard-earned savings. Only through vigilance and skeptical investing can individuals protect themselves in an environment ripe for fraud.


That’s all for today. Stay tuned for our next episode. See you next week!

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top

How Can We Help?

Lets collaborate for mutual success