Leaks: a cyber weapon

One of the main concerns for 2023 is the risk of data leaks from civilian devices and networks.

This type of threat is encouraged by the resurgence of digital warfare.

Medical data and more broadly all personal data will be the most sought after information. The reason is almost simple: cybercriminals are increasingly adopting a double extortion model.

This topic will become even more topical as new European legislation is expected in 2023.

The transfer of sensitive data to a third party will have to be based on the free, informed consent of the patient. The latter will have the right to access his file. Finally, the data collected will have to be destroyed or anonymized, as soon as they are no longer necessary. Last but not least, in case of a data breach, the patient will have to be notified.

The case of Medibank

We have already seen this in Australia with the Medibank attack in 2022.

As a reminder, the cyber offenders demanded that the Australian insurer pay a ransom of 9.7 million dollars. Following the company’s refusal to pay, the cybercriminals announced on Thursday, December 1, that they had released the last data online, the first batch of data having been released in early November 2022. In total, 10 million customers have had their data compromised. The actor behind this attack seems to come from Russia.

The case of Twitter

Twitter has also been a victim of data leakage, many users have seen their personal data siphoned in 2022.

The attackers exploited a security flaw; the same one that was used in 2021.

The case of Whatsapp

84 countries were affected by this data leak, which means 487 million cell phone numbers. The cybercriminal behind the leak is asking for $2,000 for the German database and $7,000 for the US one.

What is the purpose of this data?

Besides the use of this data for future phishing, smishing or social engineering attacks, whose goal is financial gain, these data thefts will become more and more a means than an end.  They aim to influence, to destabilize. Unlike industrial disinformation, leaks are “real” data used by nations.

Indeed, the States will not be left out.

The “hack-and-leak” method will still be present in 2023, with the aim of political destabilization, but not only.

To find out more, read our white paper INFORMATION WARFARE: The new cyber weapon

These hacking and data leakage operations have already taken place in recent years, particularly by Iranian and Russian actors. The FBI has also warned against the operations of “hacking and leakage” of a group based in Iran. The FBI recalls that “the purpose of the attacks would be to undermine public confidence in the security of the victim’s network and data, while other incidents are intended to embarrass companies or countries”.

Finally, this data will also be used for espionage. Increased geopolitical tensions increase the risk of espionage. Political parties are excellent sources of intelligence, as are large industries.

Thales in November 2022 confirmed a data theft by the Russian-speaking group LockBit 3.0.

Another example is the APT37 or Reaper group, operating since at least 2012, which practices industrial espionage. The group would use the Dolphin malware, which attacks portable devices, exfiltration of files, recording screenshots.

For a few years now, we have been witnessing an upsurge in massive data theft around the world.

These threats are mainly perpetrated from outside the organization, but the internal threat tends to increase strongly and remains underestimated.

Data leakage will still have a great future next year.

We can never say it enough, personal data is the most valuable asset, organizations must implement security measures against cyber espionage.

TEHTRIS provides the technologies developed for its XDR Platform solution for small and medium-sized companies as well as large enterprises and administrations. Our qualified team provides cybersecurity capabilities and remains at your disposal to help you ensure autonomous detection and neutralization of the threat. Actions are handled automatically without any human intervention.