Summary of Gregory C. Rasner's Cybersecurity and Third-Party Risk

By IRB Media

Please note: This is a companion version & not the original book. Book Preview:

#1 On December 10, 2020, ESET researchers announced they had found that a chat software called Able Desktop, part of a widely used business management suite in Mongolia, was exploited to deliver the HyperBro backdoor, the Korplug RAT, and another RAT named Tmanger.

#2 On December 13, 2020, FireEye, a global leader in cybersecurity, published the first details about the SolarWinds Supply-Chain Attack, a global intrusion campaign that inserted a trojan into the SolarWinds Orion business software updates to distribute the malware.

#3 The most recent attack reflects a particular focus on the United States and many other democracies, but it also provides a powerful reminder that people in virtually every country are at risk and need protection.

#4 On December 17, 2020, ESET Research announced that it had detected a large supply-chain attack against the digital signing authority of the government of Vietnam, the website for the Vietnam Government Certification Authority. The website was hacked as early as July 23rd, and no later than August 16, 2020. The compromised toolkits contained malware known as PhantomNet.

• Language: English
• Publisher: IRB Media
• Release date: Jun 4, 2022
• ISBN: 9798822511330

IRB Media

With IRB books, you can get the key takeaways and analysis of a book in 15 minutes. We read every chapter, identify the key takeaways and analyze them for your convenience.

Book preview

Insights on Gregory C. Rasner's Cybersecurity and Third-Party Risk

Contents

Insights from Chapter 1

Insights from Chapter 2

Insights from Chapter 3

Insights from Chapter 4

Insights from Chapter 5

Insights from Chapter 6

Insights from Chapter 7

Insights from Chapter 8

Insights from Chapter 9

Insights from Chapter 10

Insights from Chapter 11

Insights from Chapter 12

Insights from Chapter 13

Insights from Chapter 14

Insights from Chapter 15

Insights from Chapter 16

Insights from Chapter 1

#1

On December 10, 2020, ESET researchers announced they had found that a chat software called Able Desktop, part of a widely used business management suite in Mongolia, was exploited to deliver the HyperBro backdoor, the Korplug RAT, and another RAT named Tmanger.

#2

On December 13, 2020, FireEye, a global leader in cybersecurity, published the first details about the SolarWinds Supply-Chain Attack, a global intrusion campaign that inserted a trojan into the SolarWinds Orion business software updates to distribute the malware.

#3

The most recent attack reflects a particular focus on the United States and many other democracies, but it also provides a powerful reminder that people in virtually every country are at risk and need protection.

#4

On December 17, 2020, ESET Research announced that it had detected a large supply-chain attack against the digital signing authority of the government of Vietnam, the website for the Vietnam Government Certification Authority. The website was hacked as early as July 23rd, and no later than August 16, 2020. The compromised toolkits contained malware known as PhantomNet.

#5

The malware was used for lateral movement. It allowed the attacker to move around the network and collect and transfer information about the computer, user accounts, and victim. In the post-attack forensics, no data was discovered.

#6

On January 2, 2020, networking device maker Zyxel announced that over 100,000 of their firewalls, VPN gateways, and access point controllers contained a hardcoded administrator backdoor account, which gives root-level access.

#7

The only way to resolve this issue is to unplug and replace the devices to ensure security posture. The hardcoded user account zyfwp and password PrOw!N_fXp were stored in visible plaintext.

#8

The third party attack phenomenon continued in 2020, with several incidents targeting nearly a whole country. The attackers were all APTs and were stealthy enough to remain undetected for months or longer. They would target the weakest link in the chain, which in many cases was a vendor.

#9

There are hundreds of examples of third parties compromising the data of companies and their customers. These breaches cost these companies large amounts of money, which directly affects consumers, and extensively damages the companies' reputations.

#10

The most successful companies at preventing their systems from being compromised go beyond what a regulator or regulation mandates them to do for compliance. They are not reliant on the government to set the standard for what to do and how to do it.

#11

Third-party risk, or what another company is doing to lower your risk, might seem like it places a CISO and the cybersecurity organization at a disadvantage because they cannot control what goes on at another entity. However, that is a myth.

#12

Security is an ongoing activity, while compliance is a checklist-based process that takes place at a specific point in time. Security is about making sure data is not lost, while compliance is about making sure a company meets the minimum requirements for specific regulations.

#13

Health Fitness, a fitness company, released the names and IDs of its employees, as well as the names and IDs of physicians. Washoe County School District, which serves over 100,000 students in Nevada, had their emails, usernames, and passwords exposed by Edmodo.

#14

There were dozens of breaches in 2020 that exposed the personal information of millions of people. Some of the largest include: Bank of America, Caused by an unnamed third party merchant, Paycheck Protection Plan application details were released; T‐Mobile, due to an email