Cybercrimes pose major threats across industries globally as bad actors exploit new techniques and vulnerabilities to cause widespread damage. From ransomware attacks affecting major retailers to weaponizing software, digital security remains volatile. Let’s explore the latest developments and how they affect businesses, individuals, and government agencies.
TechFyle examines some of the latest incidents making headlines in today’s edition of the TF Cybercrime Round-up.
What’s Happening & Why This Matters
DOJ Bans Data Sales to “Countries of Concern”
The Department of Justice (DOJ) has enacted a new rule preventing the sale of sensitive American data to countries deemed “of concern,” including China, Russia, and Iran. This rule, effective in 90 days, will stop these countries from obtaining personal data such as geolocation, health information, and financial data through commercial transactions. According to Matthew G. Olsen, Assistant Attorney General, this decision addresses a substantial national security threat.
The DOJ rule follows other recent efforts, like the Consumer Financial Protection Bureau’s (CFPB) crackdown on data brokers, limiting data sales to permissible uses only. The rule aims to protect citizens from having their information exploited by foreign governments for espionage and other malicious purposes. While some exceptions exist, such as for research or scientific purposes, the goal is safeguarding sensitive data from hostile foreign powers’ misuse.
Biden’s Cybersecurity Order Strengthens Federal Defenses
In another decisive action to combat U.S. cyberattacks, President Joseph Biden signed an executive order setting higher standards for cybersecurity within U.S. federal agencies. The order requires companies seeking government contracts to adopt secure software development practices to minimize vulnerabilities. These measures prevent breaches like the recent China-backed cyberattack at the Treasury Department, which targeted federal employees.
The order also grants the Cybersecurity and Infrastructure Security Agency (CISA) more authority to monitor and defend against foreign cyberattacks. With new sanctions provisions, the Treasury Department can penalize foreign entities behind cyberattacks, particularly those from China, Russia, Iran, and North Korea. These new regulations highlight the need for stronger cyber defenses as foreign adversaries increasingly target the U.S. with sophisticated techniques.
Russian Hackers Target WhatsApp Accounts
Russian cyber espionage group Callisto has found a new tactic to compromise user accounts — exploiting WhatsApp’s Web QR code feature. This phishing campaign involves sending fake invites to WhatsApp groups via email, tricking users into scanning a malicious QR code. Once scanned, hackers gain access to WhatsApp accounts and can extract sensitive data using browser plugins.
Microsoft uncovered this phishing campaign, which appears to be a shift in tactics for the Callisto group, which was previously focused on email-based phishing. Although Microsoft reports that the campaign has been reduced, the attack still illustrates these threat actors’ persistence and adaptability. WhatsApp has advised users to only link their accounts via official channels and to avoid suspicious QR codes.
PowerSchool Data Breach Affects Millions of Students
PowerSchool, a major provider of educational technology, confirmed a data breach in December 2024 that affected millions of students, parents, and school administrators. Cybercriminals gained access to sensitive student information, including grades and contact details. In some cases, the breach involved highly sensitive data, although PowerSchool confirmed that personal information like Social Security numbers was not exposed.
The attackers reportedly used stolen credentials to access the system, forcing PowerSchool to pay a ransom. While PowerSchool has begun notifying affected schools, many districts are still working to understand the full extent of the breach. The education sector’s vulnerabilities to cyberattacks are often overlooked. Better cybersecurity practices in handling personal and sensitive data are paramount.
TF Summary: What’s Next
Cybersecurity remains a major concern as hackers enact new tactics to exploit public and private sector vulnerabilities. The DOJ’s crackdown on foreign data sales and the new executive order to strengthen federal cybersecurity measures are steps in the right direction, but continued vigilance is necessary. The incidents involving WhatsApp phishing and the PowerSchool breach show that cybercriminals are increasingly sophisticatedly targeting personal information. As these threats persist, organizations must stay proactive in securing their systems to protect sensitive data from malicious actors.
— Text-to-Speech (TTS) provided by gspeech