Hello, Guest!

Cybersecurity

CSRB to Review Cyberattacks Linked to Lapsus$ Ransom Group

Cyber incident review

CSRB to Review Cyberattacks Linked to Lapsus$ Ransom Group

The Department of Homeland Security’s Cyber Safety Review Board will review recent attacks that are linked to the global extortion-focused hacking group Lapsus$.

According to the DHS, Lapsus$ used various techniques to bypass commonly used security controls and was able to infiltrate several companies worldwide. Following the investigations, CSRB will develop recommendations on how organizations can protect themselves, their customers and their employees from future cyberattacks.

Homeland Security Secretary Alejandro Mayorkas and Cybersecurity and Infrastructure Security Agency Director Jen Easterly will receive the finalized report and will transmit it to President Joe Biden, DHS said.

According to Easterly, a 2022 Wash100 winner, Laspus$ actors have previously been responsible for damaging intrusions against multiple critical infrastructure sectors. She shared that understanding how the hacking group operates will allow authorities to mitigate risks.

Robert Silvers, the chairman of CSRB and the DHS undersecretary for policy, said the board is responsible for identifying factors associated with significant hacks and hacking groups and coming up with recommendations that can have an immediate effect on systems security. He noted that CSRB is a collaborative effort between government and industry partners.

Lapsus$ is a hacking group that steals information from victims for extortion and threatens to leak them if their ransom demands are not met. In addition to ransom hacking, the group also includes damaging elements into their attacks to further threaten victims that do not pay up.

Some of the group’s victims are Microsoft and Okta.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity