Threat Landscape Briefing – March 2023

This Briefing explores the potential impact of AI on cybersecurity and how it may empower threat actors. We also examine the effects of a recent cyberattack on a manufacturing company and discuss the role of the FBI in combatting ransomware. It also reports on a new threat actor targeting industrial systems and will provides information about a new technique to maintain persistence in Amazon Web Services environments.

In this month's report we explore:

Is ChatGPT Safe? Can ChatGPT Become a Cybersecurity Threat? (01:09)

• Although ChatGPT is a new technology which has attracted many industries to harness the benefits it provides, the potential security impact and risks needs to be further studied.
• See Build an Information Security Strategy and Build Resilience Against Ransomware Attacks for information to improve your cybersecurity strategy.

Security Leaders Weigh ChatGPT’s Potential for Good and Evil (02:57)

• Keep an eye on ChatGPT-related risks, but don’t panic.
• See Combine Security Risk Management Components Into One Program to improve your security risk management.

Canadian Tool Manufacturer Hit by Cyberattack (03:56)

• Organizations need to take a multilayered approach to security that includes both technical and non-technical controls.
• See Develop and Implement a Security Incident Management Program and Secure Your High-Risk Data to help secure your data.

The FBI’s Role in Combatting Ransomware (06:39)

• Recent events highlight the crucial role law enforcement can play in profiling the attacker and providing alternatives to victims who are feeling the pressure to pay a ransom.
• Review Are Your Industrial Control Systems Safe From Ransomware? and the State/Provincial Government Cybersecurity & Risk Management Report to learn about industry-specific security trends.
• See Build Resilience Against Ransomware to prevent ransomware incursions and defend against ransomware attacks.

Erythrite Emerges as a Legitimate Industrial Cybersecurity Threat Actor (8:26)

• Erythrite’s attack uses search engine algorithm gaps by presenting links leading users to their malware. End-user security training is a key part of your security strategy.
• Use the Secure IT/OT Convergence blueprint to create a holistic IT/OT security culture.

A Technique That Allows Persistence Through AWS User Federation (10:38)

• Persistence technique demonstrates the need for responders to have a good understanding of underlying technologies.
• See Identify the Components of Your Cloud Security Architecture and Build a Cloud Security Strategy to improve your security strategy for the cloud.