teissTalk: How do you define a cyber incident?

teissTalk host Geoff White was joined by Paul Barnes, Head of Operations and Engagement – Cyber Security, NHSX as lead guest; Todd Carroll, Chief Information Security Officer, CybelAngel; and Felipe García, Chief Information Security Officer at Scotiabank.

Views on news
IKEA confirmed that it suffered a cyber attack by criminals who exploited compromised Microsoft Exchange servers to launch a reply chain attack, where malspam appears as a genuine reply to an existing email chain.

Employees will be more likely to open email containing the malware if it comes from a colleague or an external business partner they have already been working with. IKEA commented that customer data hasn’t been compromised; other organisations, suppliers and business partners have been affected, though. Email chain hijacking is one of the unique identifiers of SquirrelWaffle malspam campaigns. As the title and the email chain remains intact, filtering systems don’t pick up the attack.