This week: Firstly, thanks to the 51 people who attended the “Security for the Solo Professional and the Self-Employed” online workshops over the last week. There were lots of good questions, and hopefully not too many dumb answers. The next one (and final one this month) is scheduled for this Tuesday morning. Be there, or be (square) less secure. You can learn more at https://www.codeinmotion.ie/zero-to-hero.

In this week’s issue of Cyber 3-2-1:

  • Christmas comes early for some banks,
  • Why we shouldn’t trust (Americans) American accents, and
  • Homer Simpson has the last word.

 

3 – (Christmas) DORA has come early for some banks

The ECB (European Central Bank) is beginning to conduct cyber stress tests on banks to determine their resilience against cyberattacks.

Starting this month, the agency is requiring about 100 banks in Europe to perform vulnerability assessments and incident response evaluations by the middle of 2024. According to a report in Bank Info Security, “the banking regulator will simulate a disruptive cyberattack capable of adversely affecting business operations. The central bank will then monitor how the financial organization responds to and recovers from the attack and how quickly it resumes normal business.”

So what? Most financial services organisations know that DORA (the Digital Operational Resilience Act) is taking effect a few weeks after Christmas 2024. But it looks like the ECB isn’t waiting until then to check that the biggest banks are ready for a cyberattack.

 

2 – Should we stop trusting Americans?

Ireland’s Taoiseach was interviewed on the evening news last week about the Government’s latest scheme to (win the next election) help citizens with the “Cost of Living Crisis”. The scheme guarantees that an investment of €250 will provide a return of €27,000 within a month.

Of course, this is untrue. In reality, it was a “deepfake” scam that used genuine footage of Leo Varadkar to create a fake video. You can read more about the story on The Irish Independent.

So what? As I mentioned last week, AI and deepfakes are here, and will be increasingly used by cyber criminals to fool us. As time goes on, we need to be increasingly skeptical of anything we don’t see and hear in the physical world. Another interesting angle is that most recent deepfakes seem to generate voices with an American accent, so should we stop trusting Americans too?

 

1 – I will leave the last word to Homer Simpson.

A US law firm that specialises in providing legal counsel to companies that have been victims of cyber attacks.. has suffered a cyber attack.

According to Security Week, the attack occurred in Q1 2023, with the firm recently announcing that the personal data of 600,000 individuals was (were?) impacted. “Some of these individuals, the law firm said, were customers of companies that suffered data breaches. Their information was shared with [the firm] to facilitate the provision of legal counseling to those companies.”

So what? In the words of Homer Simpson: Doh!