Buckle up, truckers! Trucking is the industry that keeps America rolling, and it's in the middle of a digital revolution. From high-tech ELDs to AI-powered cameras and internet-connected trailers, the way we haul goods is evolving at breakneck speed. In the interest of safety (and profit) most trucks now have or will soon get AI cameras for things like distracted driver, cell phone detection, gyro events, etc. But alongside these advancements lurks a hidden adversary – hackers.
Cybersecurity Challenges for Trucking in 2024: Mitigating Risks on the Road
Topics: Cybersecurity, Incident Response, Security Awareness Training, Ransomware, Transportation, Trucking, MFA
Top 5 Business Roles Targeted by Cyber Attacks and How to Mitigate Risks
Cybercriminals in today's digital landscape employ sophisticated tactics to infiltrate organizations and steal valuable data. Specific business roles within companies often become targets of cyber attacks due to their access to sensitive information or ability to influence decision-making. These roles are also usually visible and known individuals in the public, and harvesting information can be used against them. It is much easier than going after the paranoid I.T. Guy!
Topics: Cybersecurity, Data Breach, Data Security, Data Protection, cybersecurity plan, Ransomware
Rolling the Dice on Cybersecurity: Lessons from the MGM Breach
You may have seen it in the news, but another major company has been a victim of a nasty ransomware attack that disrupted services and customers for over ten days. This time, the victim was MGM Resorts in Las Vegas.
What separates this major incident from others is that the hackers pulled the malicious attack off using one of the oldest tricks in the book: social engineering. So, what happened, and what can we learn from this?
Topics: Cybersecurity, Network Security, Data Breach, Data Security, security incident handling, risk, Ransomware, social engineering
As clients begin to recognize and prepare against the threat of ransomware attacks, one tricky question keeps coming up. Is paying a ransom “illegal yet?”. No company is champing at the bit to make unplanned payments, especially not to potential terrorists on the OFAC list, but the legality of the matter depends on a few factors. *Please note that ProCircular does not provide legal advice, rather, we disseminate guidance from the top legal authorities.
As a cybersecurity professional and business owner, I keep a close eye on the everchanging recommendations surrounding ransomware attacks and incident management. I found the following document to be one of the more up-to-date (at least by government standards) and straightforward pieces available on the topic. Here's the short version:
“In the context of hostage-taking, for example, DOJ clarified in 2015 that it “has never used the material support statute to prosecute a hostage’s family or friends for paying a ransom for the safe return of their loved one.”67
Basically, there is a low likelihood of prosecution for making ransom payments, even when it is paid to a known threat actor on the OFAC denied persons list. I would only expect to see legal action taken if a very large company went through with the payment while it was expressly illegal. Even then, the punishment would be intended to make an example rather than punish the victim.
Topics: Incident Response, Ransomware