cybersecurity news

US Cyber Weakened, China Implements Reporting, Volvo Hit Ransomware

ByBrad Slavin
US Cyber Weakened, China Implements Reporting, Volvo Hit Ransomware
US Cyber Weakened, China Implements Reporting, Volvo Hit Ransomware
/

Hello cyber fam! It feels like 2025 started just a couple of months back, and now it’s already October. The cybercriminals are pulling up their socks to prepare for the upcoming festive rush. That’s exactly why we are here to “cyber” educate you so that you can enjoy Halloween, Thanksgiving, Christmas, and the New Year without any cyber mishap. 

This week, we will talk about the ongoing US shutdown situation that’s affecting the USA’s cyber defense system. Next, we will focus on China’s one-hour reporting rule for cyber incidents. Lastly, we will discuss the supply ransomware attack on Volvo’s employees.

Want to know the details? Stay with us!

cyber defense mechanism

The USA’s cyber defense mechanism has weakened because of the ongoing government shutdown!

The USA is going through a tough time as the US government shut down at 12:01 AM on Wednesday, October 1. The two major parties, Republicans and Democrats, have locked horns over issues like healthcare subsidies. They haven’t been able to agree on how much money to spend on different programs. 

If the shutdown continues for a long time, the cybersecurity landscape will be worst hit. From disrupted critical cyber intelligence sharing to the mass termination of contractors and cybersecurity experts, the future of US cybersecurity appears bleak at present. The future of U.S. cybersecurity looks strong with increasing adoption of authentication protocols like DMARC, DKIM, and SPF to combat phishing and email spoofing.

legal protection

What makes things worse is the timing of the shutdown. The CISA 2015 Act has lapsed as the shutdown started. The key responsibility of CISA 2015 was to provide legal protection to organizations that shared critical threat intelligence for enhanced cyber protection. To renew the law, the shutdown must end. Additionally, US infrastructure and critical entities are currently vulnerable to cyberattacks. Cybersecurity experts, such as Crystal Morin, believe that CISA 2015 is non-negotiable when it comes to U.S. national security. 

Mass layoffs at CISA will also bring down the agency’s productivity. From threat analysis and active support for private sector partners to incident response, everything will slow down in the absence of a skilled workforce. 

Cybersecurity

One-hour reporting rule implemented in China for cyber mishaps!

China is taking its cybersecurity ecosystem quite seriously. Recently, it has imposed a one-hour reporting rule for all infrastructure providers across China. The rule will take effect on November 1, 2025. The Cyberspace Administration of China has published a notice that clearly explains all the reporting prerequisites. For a regular cyber incident, the affected network operators are required to report the incident within 60 minutes to the relevant ministry. But if it is a “major” cyber mishap, the victims are required to report the same in the next 30 minutes.

Things will become more complicated if the affected network operator is subject to specific industrial regulations. In that case, it should report the cyber mishap within the specified timeframe while complying with existing industrial regulations

network operator

This newly imposed 60-minute reporting rule has made things difficult for the Chinese network operators. Any operator who fails to report within the given timeline will be punished. Additionally, those who attempt to conceal or manipulate the actual details will face severe consequences.

Volvo employees targeted by a supply ransomware attack!

A ransomware group has targeted Volvo Group North America. The data breach occurred due to a third-party human resources software, Miljodata. Cybercriminals managed to breach the data of this Swedish SaaS company back in August. The cyber mishap affected multiple customers of Mijodata. Volvo NA was one of them.

data breach

The ransomware gang didn’t interfere with Volvo NA’s systems. Yet they managed to gain access to highly sensitive data, including the names and Social Security Numbers of employees. It is highly likely that the stolen data has already been leaked on the Dark Web. 

Miljodata has been working with 80% of Sweden’s municipal governments. One of its services includes Adato, a trademark platform that helps with easy tracking of employee sick leaves and rehabilitations.

The DataCarry ransomware group successfully breached the network of Miljodata on August 20. Miljodata became aware of the cyber incident 3 days after the attack. The group of cybercrooks demanded a ransom of $165,000 or 1.5 Bitcoins. While Miljodata was still considering its next steps, DataCarry threatened the SaaS company that it would publish all the stolen data on the Dark Web. When they did not get the preferred response from Miljodata, they leaked the data online.

ransomware attack

According to experts, the ransomware attack on Miljodata and its customers is “among the most disruptive to strike Sweden’s public sector in years.” 

A similar incident occurred with two other major vehicle manufacturing companies, weeks after the Volvo NA cyberattack. The ShinyHunters group successfully targeted Stellantis, the parent company of various consumer vehicle brands, including Jeep, Chrysler, Dodge, and Maserati. The group of threat actors claims to have stolen sensitive information, including customer contact details and names. Jaguar Land Rover also got attacked on August 31 by Scattered Lapsus$ Hunters.

Similar Posts

Security requirements for Gmail

Security requirements for Gmail

ByBrad Slavin

Over the years, Gmail has undoubtedly positioned itself as one of the most popular email services globally. It continues to dominate the market with its extensive features and integration with other Google services​. Given the fact that over 1.5 billion active users trust this mailbox, it’s bound to subject dynamic emails to additional security requirements…

Phishing and Spoofing- Two emerging cyberattack trends in 2024

Phishing and Spoofing- Two emerging cyberattack trends in 2024

ByBrad Slavin

Cyberattacks are getting more sophisticated every passing year. Threat actors are playing it hard to keep up the pace with evolving technology. Two trends that are dominating the 2024 threat landscape are spoofing and phishing. Both of these cyberattacks are aimed at deceiving victims and tricking them into sharing sensitive personal details. Threat actors use…

CSC Cyber Warning, Oman Strengthens Cybersecurity, Founder Suffers Phishing

CSC Cyber Warning, Oman Strengthens Cybersecurity, Founder Suffers Phishing

ByBrad Slavin

Hola people! It’s already week 4 of October, and it seems like time is almost flying, literally! But are you prepared enough to combat the fast and sophisticated cyberattacks? With every passing day, the threat actors are honing up their skills- thanks to easy accessibility to AI. Meanwhile, cybersecurity experts are also leveraging AI to…

This is the season of scams: 2024 holiday guide to spotting phishing attacks

This is the season of scams: 2024 holiday guide to spotting phishing attacks

ByBrad Slavin

The holiday season is right around the corner, which means it’s the time for lots of online shopping, hotels, and flight bookings, not to mention a sudden surge in cyberattacks. You might think that the holiday season is supposed to be exciting and fun, but the truth is that it can become a prime opportunity…

The Emergence of DKIM: A Cryptography-Based Email Authentication Protocol

The Emergence of DKIM: A Cryptography-Based Email Authentication Protocol

ByBrad Slavin

Navigating through the complexities of email security and the limitations of SPF, the urgency to develop a protocol that doesn’t break on email forwarding was needed. This led to the genesis of DomainKeys Identified Mail or DKIM. Its roots date back to the early 2000s when email-based cybercrimes were escalating. This led to the initiation…