Weekly Video: July 25, 2022

Hello and welcome to another edition of Cyber Risk at Deal Speed your weekly video rundown of cybersecurity news and strategy for investors, deal teams, and the management teams of portfolio companies.

I’m your host, Shay Colson, Managing Partner for Cyber Diligence at Coastal Cyber Risk Advisors, and you can find us online at coastalcyber.io

This week we’re going to zoom out a bit and look at some issues of national security, and how the impact or apply to us at the levels of the business builder and investor.

And we’re going to do it in 5 minutes or less

  1. Microsoft on North Korean Hackers

  2. FBI on Chinese Threat via Huawei

  3. BBC Report on Chinese Espionage Efforts

Microsoft on North Korean Hackers

Microsoft’s Threat Intelligence Center, commonly referred to as MYSTIC within the industry, has a report out on a new group of North Korean threat actors called “HOLY GHOST”.

Here’s what makes this threat relevant to us: this threat actor has developed new ransomware strains that specifically targets small and midsized businesses, with small ransom asks a high volume.

Microsoft notes that this threat actor has been active for more than a year - since June 2021 - and victims include “manufacturing organizations, banks, schools, and event and meeting planning companies.”

“Victims are most likely targets of opportunity” and MYSTIC “has not observed [this group] using any 0-day exploits in their attacks.”

Microsoft includes some very practical steps companies can take to avoid becoming victims of these opportunistic attacks.

Many of the defensive capabilities are already built into Microsoft products - both for email, endpoints, and cloud - but need to be properly configured and enabled.

If you need help reviewing or deploying these security controls, reach out and let us know.

FBI on Huawei

A CNN Report from this past week details the threat that Chinese telecommunications equipment provider Huawei can pose - and how it has spent the past decade plus deploying equipment capable of espionage into key parts of the rural US through smaller, regional players.

The report details equipment that is installed near US military instillations and is capable of monitoring or even disrupting civilian and critical military communications.

It outlines how high-definition weather cameras - in place since 2014 - have been co-opted by Chinese intelligence services to track the movements of US military equipment and personnel.

The core of this functionality, the article notes, is hinged on Chinese investment - including some seemingly innocuous maneuvers, like establishing a sister city arrangement or even re-developing a park or old factory.

In one case, the article noted a $100M cultural enhancement project to build a park in DC with Chinese pagodas -  except the parts for the pagodas would be delivered via diplomatic pouches, which can’t be examined by customs officials.

While both CNN and the FBI are still relatively diplomatic in their language here, a report from the BBC is less so.

BBC on China Threat

A BBC report on the same topic - the threat of Huawei in Western countries - had this to say:

“Every major Chinese enterprise anywhere in the world allegedly has an internal ‘cell’ answerable to the ruling Chinese Communist Party to drive the political agenda and ensure that the company is compliant wit political directives.”

“This is why China experts asset that the CCP operates in Britain, often under the natural cover of business.”

While we can’t all be counterintelligence officers, there is a sense of both risk management and national security interest in our own efforts to understand how seemingly innocuous - or, in some cases, oddly fortuitous - occurrences may be furthering the goals of an adversarial intelligence service.

Don’t be afraid to pull the thread a little, question things that seem too good to be true, and build relationships with the local FBI and other offices to help contextualize and combat this threat.

I know it’s yet another ask on top of everything else we’ve got going on in terms of growing and securing our businesses, but the underpinnings of a functional capitalist system are what allow all of us to continue to do that. Defending it is, in fact, core to keeping the playing field not just level, but open for the great game of business to continue.

Fundraising

Speaking of business continuing, congratulations to the more than $8.7B in newly committed capital last week. A far cry smaller than the $60B announced the week prior, but let’s not forget that nearly $9B in dry powder in a single week is still a tremendous boost.

Best of luck to all the funds with new capital to deploy.

You can find all the links to the stories we covered below, and we’ll see you next week with another edition of Cyber Risk at Deal Speed.

LINKS:

https://www.microsoft.com/security/blog/2022/07/14/north-korean-threat-actor-targets-small-and-midsize-businesses-with-h0lygh0st-ransomware/

https://www.cnn.com/2022/07/23/politics/fbi-investigation-huawei-china-defense-department-communications-nuclear/index.html

https://www-bbc-com.cdn.ampproject.org/c/s/www.bbc.com/news/uk-53329005.amp

Previous
Previous

Weekly Video: August 1, 2022

Next
Next

Weekly Video: July 18, 2022