Security Brief: CICYBER Week of December 6, 2021

Week of Monday, December 6, 2021 | Issue 55

Cassandra Townsend, Clea Guastavino, Senior Editors

Patrianna Napoleon, Counterintelligence and Cyber (CICYBER) Team

Cybersecurity: Cyber Criminals[1]

Date: December 9, 2021

Location: US

Parties involved: Cox Communications; Unknown hackers

The event: Cox Communications, a digital cable provider and telecommunication company that provides internet, television, and phone services, announced on December 9, 2021 that they experienced a data breach in the US in October 2021. An unknown hacker gained access to Cox systems and obtained customers' personal information, such as names, telephone numbers, and email addresses. The hacker gained access to the data by impersonating a Cox support agent and using social engineering techniques.[2] A hacker employs social engineering techniques by impersonating or using human interaction to obtain information about an organization.[3] Cox has launched an internal investigation to understand how the hacker accessed the system.[4]

Analysis & Implications:

• Cyberattacks towards digital cable and telecommunications providers will likely increase in frequency as hackers will likely target vulnerable systems to steal company data. Hackers will likely target these systems for a financial reward. Alternatively, the hackers will likely seek to broadcast information to spread their beliefs and delegitimize their target. Hackers will very likely deploy ransomware as companies will likely pay a fee to unlock systems to mitigate the impact.

• Customers' stolen data will very likely be at risk of fraudulent activity like account takeovers. Hackers will very likely send phishing emails using the customer's stolen data to access other information such as passwords or social security numbers. This new information obtained will almost certainly be used to access the customer's financial accounts and commit impersonation or theft for financial gain.

• Companies likely lack the proper resources to tackle social engineering likely due to the complexity of mitigating them. Companies also likely lack proper employee cybersecurity training or mitigation tools like annual risk assessments to combat threats. Hackers will likely take advantage of these vulnerabilities to perform other cyberattacks to gain access to systems.

________________________________________________________________________

[1] “Data Breaches” by TheDigitalArtist licensed under Pixabay

[2] Cox Suffered Data Breach by Hacker Impersonating Support Staff, BleepingComputer, December 2021, https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/

[3] Avoiding Social Engineering and Phishing Attacks, CISA, October 2009, https://www.cisa.gov/uscert/ncas/tips/ST04-014

[4] Cox Suffered Data Breach by Hacker Impersonating Support Staff, BleepingComputer, December 2021, https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/