The US Department of Homeland Security (DHS) accounted on Friday 2, December that it will be conducting a Cyber Safety Review of the Lapsus$ cyber crimes and data breaches in 2022. The DHS Cyber Security Review Board is responsible for conducting fact-finding initiatives related to cyber security threats and coming up with actionable recommendations based on this research. The board’s goal with this investigation is to provide direct advice for dealing with future attacks from the cybercriminal gang.
DHS Secretary Alejandro N. Mayorkas stated, “With its review into Lapsus$, the Board will build on the lessons learned from its first review and share actionable recommendations to help the private and public sectors strengthen their cyber resilience.”
The Lapsus$ Gang was Behind Several High-Profile Data Security Breaches in 2022
Using several high-tech techniques, Lapsus$ has gained access to the security controls of several high-profile companies across the globe. The most recent attack to hit the cyber security news was the data breach of car rise giant Uber. Other victims of the cyber attackers include Microsoft, Samsung, Vodafone, Ubisoft, Okta Inc, and Nvidia Corp.
Ransomware and data attacks on these and other organizations, including the leaks of personal information, stolen source code, and proprietary data, create huge cyber security threats.
The Cyber Safety Review Board was Created in 2021 via an Executive Order
The Cyber Safety Review Board was first created after an executive order by President Biden in May 2021. The board is made up of 15 experts in cyber security from both federal government organizations and private sector companies.
The board is responsible for providing cyber security defense recommendations and sharing relevant essential information with law enforcement agencies. The CSRB reports directly to the President and the Secretary of Homeland Security, although it does not have regulatory or authority powers in and of itself.
CSRB Deputy Chair Heather Adkin stated, “The CSRB will review the cyber activity of Lapsus$ in order to analyze their tactics and help organizations of all sizes protect themselves.”
Some Suspected members of Lapsus$ have Already Been Arrested
The announcement follows an earlier statement by the FBI that it is investigating the cyber criminal gang and looking for information regarding group members. Globally, action has also been taken against members of the criminal gang.
Police in the UK and Brazil have arrested and charged suspected group members. It had been revealed that, surprisingly, the majority of the gang members are teenagers. The hacks of sensitive data and security information are not thought to be financially motivated. Instead, experts believe these high-profile attacks are committed to making a name for themselves amongst other hackers.
This latest announcement by the US DHS marks another step in the crackdown on the global gang and the concerted global effort to increase cyber security defence for both government and private organizations as threat actors increase yearly.