The Department of Homeland Security’s (DHS) Cybersecurity Review Board will examine attacks related to an extortion gang known as Lapsus$, which breached several prominent companies in recent incidents.

Hacking group Lapsus$ made headlines earlier this year after hacking Microsoft, Nvidia, T-Mobile, Samsung, Uber, Vodafone, Ubisoft, Oktaand e-commerce giant Free market.

Following numerous incidents they were linked to, the extortion group also leaked proprietary data and source code stolen from their victims’ networks, leading to massive data breaches and leaks.

As announced on Friday, the purpose of the CSRB’s review of the gang’s hacking activities is to provide guidance on defending against Lapsus$ attacks.

“With its review of Lapsus$, the Council will build on lessons learned from its first review and share actionable recommendations to help the private and public sectors build cyber resilience,” said DHS Secretary Alejandro N. Mayorkas.

“As cyber threats continue to evolve, it is imperative that all organizations recognize that they are not invincible. The CSRB will review Lapsus$ cyber activity to analyze their tactics and help organizations of all sizes to protect themselves,” said the vice-president of the CSRB. Heather Adkins added.

The Cyber ​​Security Review Board is a public-private initiative comprised of 15 cybersecurity experts from private sector organizations and federal government entities.

It was created by President Biden by Executive Order in May 2021 to assess attacks leading to a “significant cyber incident”, provide defense recommendations and share any relevant confidential information with law enforcement.

Although the CSRB has no enforcement or regulatory powers, it reports directly to the Secretary of Homeland Security and the President to ensure that relevant lessons are noted and its recommendations are implemented and implemented. processed.

Members of Lapsus$ arrested by the police

Earlier this year, the FBI said it was also investigating the illegal activities of Lapsus$ and seeking information on members of the group involved in compromising computer networks belonging to organizations based in the United States.

Some alleged Lapsus$ members have already been arrested and charged with participating in some of the gang’s attacks by the City of London Policethe British police and the Brazilian Federal Police.

It is believed that most of the members of this group are teenagers driven not by financial motives but by their goal of making a name for themselves in the hacking scene.

“Lapsus$ actors have perpetrated damaging intrusions against multiple critical infrastructure sectors, including healthcare, government facilities and critical manufacturing,” said CISA Director Jen Easterly. said.

“The range of victims and the variety of tactics used demand that we understand how Lapsus$ actors carried out their malicious cyber activities so that we can mitigate the risks to potential future victims. We commend the CSRB for undertaking this review to advance our collective cyber defense. “


Source link