The Lapsus$ hacking collective will be the subject of the subsequent Cyber Safety Review Board inquiry. The Department of Homeland Security spread the news stated on Friday.
The choice to concentrate on a hacker group differs from the body’s initial probe, which looked at a particular cyber vulnerability. The vulnerability in Log4j, a widely used logging library, was the subject of that report. This time, the CSRB will investigate the activities of Lapsus$, a notorious hacker crew that has attacked numerous businesses and sought to demand ransom in return for keeping stolen data secret.
The Cyber Safety Review Board will look into recent cyberattacks connected to Lapsus$. Department of Homeland Security (DHS). The DHS stated that “Lapsus$ has purportedly used methods to get through a variety of frequently used security protections and has successfully infiltrated several firms across industries and geographical areas.”
The hacker organization, known to have numerous members worldwide, most recently took part in a digital incursion at Uber Inc. It is also reported to have compromised systems at Microsoft Corp., Nvidia Corp., and the authentication service Okta Inc.
A British teenager was detained by British police in September as part of a probe into an effective Uber hack. The business has stated that it is closely collaborating with the FBI and thinks Lapsus$ is accountable for the intrusion.
Lapsus$ is categorized as an “ongoing” threat actor
“The ongoing Lapsus$ hacks represent just the type of activity that merits a fulsome review and can provide forward-looking recommendations to improve the nation’s cybersecurity in the near term,” Secretary of Homeland Security Alejandro Mayorkas informed.
The possibility of the prosecution arose from Mayorkas’ categorization of Lapsus$ as an “ongoing” threat actor. Rob Silvers, the DHS Undersecretary for Policy and Chair of the CSRB, who also attended the briefing, declined to comment and referred inquiries to the Department of Justice instead.
The CSRB brings together representatives from government and business. Representives examine significant breaches and vulnerabilities in a procedure modeled after the National Transportation Safety Board’s assessment process for mishaps. The CSRB will create “actionable suggestions” for how businesses can defend themselves from attacks like those from Lapsus$.
The organization is said to be a global hacker
Lapsus$, according to Silvers, is a global hacker organization that focuses on extortion. Additionally it has launched attacks against some of the “most well-resourced companies” in the world. Lapsus$ is the ideal target for the CSRB’s upcoming review. He told reporters. “This is exactly the type of review that will benefit network defenders across this country,” Silvers said.
After attacking the Brazilian Ministry of Health in December 2021, Lapsus$ quickly became a significant multinational corporation, taking down Okta, Nvidia, Samsung, Ubisoft, T-Mobile, Microsoft, Uber, and Rockstar Games, the developer of the blockbuster video game Grand Theft Auto, among others.
The organization was notable for “using a pure extortion and destruction methodology without distributing ransomware payloads.” In addition, Microsoft stated at the time that the gang didn’t “seem to disguise its tracks” and would even “announce their attacks on social media or advertise their intent to buy credentials from employees of target firms.”
According to Microsoft, the gang specializes in SIM switching, phone-based social engineering, and bribing insiders for access.