Cybersecurity Current Events - Feb. 24th, 2025

Over the weekend in cybersecurity, a major U.S. healthcare provider faces an $11 million settlement over security lapses, the SEC intensifies enforcement on crypto cyber fraud, and Thailand battles a cybersecurity crisis with attacks 70% higher than the global average. Meanwhile, Apple removes Advanced Data Protection in the UK, and a massive data leak exposes over 14 million shipping records.

Let’s dive into these current events to keep you informed, prepared, and ahead of the game to start of your week.

1. U.S. Healthcare Organization Pays $11M Settlement Over Cybersecurity Lapses

Summary:

Health Net Federal Services (HNFS) and its parent company, Centene Corporation has agreed to pay more than $11 million settlement following allegations of cybersecurity failures that left patient data vulnerable to breaches. HNFS was contracted by the U.S. government to provide managed healthcare support services for TRICARE's North region, covering 22 states.

The contract mandated strict adherence to cybersecurity standards, including compliance with 48 C.F.R. § 252.204-7012 and 51 security controls outlined in NIST Special Publication 800-53 (Security and Privacy Controls for Federal Information Systems and Organizations).

Timeline: Reported on February 20, 2025. It has been stated that HNFS falsely claimed compliance on three separate occasions: November 17, 2015, February 26, 2016, and February 24, 2017.

Threat Actors: N/A

HNFS and Centene have denied the allegations, asserting that no data breaches or loss of servicemember information took place. However, they have agreed to pay the fine to resolve the claims. The settlement agreement specifies that it does not shield HNFS and Centene from potential criminal liability if new evidence, administrative penalties, or civil actions arise in the future.

Key Implications:

• The settlement highlights the increased scrutiny now required for healthcare cybersecurity compliance, especially given the years of non-compliance that went unchecked before the issue was uncovered.
• Stronger regulatory oversight on patient data protection is urgently needed.
• Financial and reputational damage for HNFS and Centene with the potential for more legal action to be taken in the future.

Actionable Steps:

1. Healthcare organizations should review and strengthen their cybersecurity policies.
2. Conduct regular security audits to ensure compliance with industry standards.
3. Invest in data encryption and multi-factor authentication to enhance protection.

Additional Resources: Bleeping Computer

2. SEC Cyber Enforcement Expands Under Trump Administration

Summary:

The U.S. Securities and Exchange Commission (SEC) has signaled a continued focus on cybersecurity and cryptocurrency-related enforcement actions. Despite concerns over deregulation under the Trump administration, officials emphasize the need for protecting investors from cyber threats.

The Securities and Exchange Commission (SEC) unveiled its revamped anti-fraud unit, signaling a stronger commitment to protecting retail investors in emerging technologies. Reflecting the evolving regulatory approach to cryptocurrency and cybersecurity under the Trump administration, the newly formed Cyber and Emerging Technologies Unit (CETU) is led by Laura D’Allaird and will consist of about 30 fraud specialists from across the agency. This unit replaces the previous Crypto Assets and Cyber Unit. The revised CETU aims to not only safeguard investors but also foster innovation by ensuring market efficiency and facilitating capital formation. “It will root out those seeking to misuse innovation to harm investors and diminish confidence in new technologies,” stated Acting SEC Chairman Mark Uyeda. The unit will work in tandem with the crypto task force launched in January under Commissioner Hester Peirce, bolstering the SEC's proactive stance on protecting the integrity of emerging tech markets.

Timeline: Announced Februart 20,2025; Reported on February 21, 2025

Threat Actors: This is believed to be a response in the uptake in crypocurrency fraud and the other tech markets such as AI that are quickly emerging.

Key Implications:

• Increased regulatory scrutiny on cryptocurrency markets.
• Potential but not promised rise in enforcement actions against companies failing to disclose cyber risks.
• There is a level of uncertainty regarding the balance between regulation and innovation and the overall application of the regulatory actions and how it will effect technological progress.

Actionable Steps:

1. Companies involved in cryptocurrency should ensure stay up to date and in compliance with SEC regulations.
2. Businesses should explore how to enhance cybersecurity measures to avoid regulatory penalties.
3. Despite this regulatory move, the overall application remains uncertain, therefore, investors should remain vigilant about cyber risks in digital assets.

Additional Resources: Cybersecurity Dive

3. Thailand Faces Cybersecurity Crisis as Attacks Surge 70% Above Global Average

Summary:

Thailand is grappling with a cybersecurity crisis, with cyberattacks increasing 70% higher than the global average. The country’s digital infrastructure is under strain, raising concerns about national security and financial losses.

A recent report from CheckPoint Intelligence highlights concerning trends in Thailand's cybersecurity environment. Ransomware incidents in the country account for 6% of cyberattacks, exceeding the global average of 4%. Even more troubling is the surge in banking malware, which represents 9.5% of attacks in Thailand—far above the global average of 2.8%. Furthermore, Check Point Software Thailand reports that from August 2024 to January 2025, organizations in Thailand experienced an average of 3,180 cyberattacks per week—almost double the global average of 1,843 weekly attacks.

This rise in cybercrime is supported by data from the Bank of Thailand, which reveals that Thai bank customers have lost more than 60 billion baht to online financial fraud over the past two years.

Timeline: Ongoing situation in Thailand which was reported on February 24, 2025.

Threat Actors: Significant worry about Ai-powered cyber threats, as well as the infectiousness of phishing and banking fraud.

Key Implications:

• Rising cybercrime rates could impact Thailand’s economy and business sector.
• Increased demand for stronger cybersecurity policies and regulations.
• Heightened risk for organizations operating in Southeast Asia.

Actionable Steps:

1. Companies who have business in and around Thailand should implement proactive cybersecurity strategies.
2. Southeast Asian governments should strengthen laws and penalties for cybercrime to enhance collective security.
3. Organizations who are at risk should invest in threat intelligence and real-time monitoring.

Additional Resources: Thailand Business News

4. Turkish Parliament Debates Cybersecurity and Climate Laws

Summary:

The Turkish Parliament is set to debate new cybersecurity and climate laws aimed at strengthening national defenses against cyber threats. The proposed regulations focus on data protection, cybercrime penalties, and infrastructure resilience.

Timeline: Report on February 23, 2025

Threat Actors: N/A

Key Implications:

• Hopefully the introduciton of a stronger legal framework for cybersecurity enforcement in Turkey.
• Potential international collaborations on cybersecurity initiatives.
• Likely to enforce stricter penalties for organizations failing to implement security measures.

Actionable Steps:

1. Businesses in Turkey should be prepared to align cybersecurity policies with new regulations.
2. Lawmakers should priorize the effectiveness of the implementation of new cyber defense measures.
3. International stakeholders should monitor regulatory changes for compliance.

Additional Resources: Daily Sabah

5. Fasoo Partners with Terrabyte Group to Strengthen Data Security in Southeast Asia

Summary:

South Korea's, Fasoo, has announced a partnership with Terrabyte Group, cybersecurity solutions distributor in Asia Pacific and Australia, to enhance data security and compliance across Southeast Asia. The collaboration aims to provide businesses with advanced data encryption, access controls, and compliance solutions.

Timeline: Reported February 24, 2025

Threat Actors:N/A

Key Implications:

• Increased adoption of data-centric security solutions in Southeast Asia.
• Businesses in the region will have access to stronger compliance tools.
• Potential growth in the cybersecurity services market.

Actionable Steps:

1. Companies should explore data encryption and access control technologies.
2. Organizations should assess security gaps and invest in compliance tools.
3. Monitor developments in Southeast Asia’s cybersecurity landscape.

Additional Resources: Fox4

6. Apple Removes Advanced Data Protection in the UK After Government Demands Access

Summary:

Apple is removing its Advanced Data Protection (ADP) feature in the UK following government demands for access to user data. ADP, which provides end-to-end encryption for iCloud data, ensures that only users can access their stored files. The UK government, under the Investigatory Powers Act (IPA), requested access to this encrypted data, a move Apple has long opposed due to privacy concerns.

Timeline: Reported February 22, 2025

Threat Actors: N/A

Key Implications:

• UK-based Apple users will lose access to a high-level encryption feature.
• Potential precedent for other governments to demand encryption backdoors.
• Increased privacy concerns for individuals and businesses using iCloud.

Actionable Steps:

1. UK users should explore alternative encryption methods for cloud storage.
2. Organizations handling sensitive data must reassess their security strategies.
3. Advocacy groups and tech companies may push back against the UK’s decision.

Additional Resources: BBC

7. Massive Data Leak Exposes Over 1.4 Million Shipping Records

Summary:

A massive data leak of Hipshippers logs has exposed over 1.4 million shipping records, affecting customers of platforms like Shopify, Amazon, and eBay. The breach raises concerns about supply chain security and the protection of sensitive customer information.

Timeline: Reported on February 20, 2025

Threat Actors: Currently unknown

Key Implications:

• Increased risk of identity theft and fraud for affected users.
• Companies may face legal and regulatory consequences.
• Need for improved supply chain cybersecurity practices.

Actionable Steps:

1. Consumers should monitor financial accounts for suspicious activity.
2. E-commerce businesses must strengthen security for customer data.
3. Organizations should adopt better encryption and access control measures.

Additional Resources: The National Desk

Cybersecurity threats remain a global challenge, with regulatory changes, data breaches, and government policies shaping the digital security landscape. Businesses must stay proactive by investing in robust security solutions and monitoring regulatory shifts.

Partnering with EIP Networks for People-First Cybersecurity

EIP Networks remains committed to a person-first approach to cybersecurity, delivering tailored solutions to meet your organization's unique needs. Stay ahead of threats by engaging with our current events and weekly roundups here on our Blog, LinkedIn or X (Twitter), and learn how to fortify your security posture by booking an assessement with our expert team.

Need expert cybersecurity guidance? EIP Networks provides cutting-edge solutions to protect your business from cyber threats.#WeDoThat