This month, we saw a cyber security giant threatened in a ransomware incident, the White House introduced a new hiring sprint of around 500,000 cyber security jobs, the UK Government released a new skills report for 2024, TfL hit by a cyber attack, and TryHackMe take Italy!
Keep reading as we dive in!
Fortinet confirms data breach after files stolen
On the 12th of September, Fortinet (a cyber security giant and global leader in cyber security solutions and services) suffered a data breach after a threat actor claimed to steal 440 GB of files from the company's Microsoft Sharepoint server.
On a hacking forum, the threat actor threatened to extort Fortinet into paying a ransom. After Fortinet allegedly refused to pay, the threat actor then shared credentials to an ‘alleged’ S3 bucket where the stolen data is stored for other threat actors to download. It is thought that the customer data stolen was from a "third-party cloud-based shared file drive."
When asked about the breach, a representative of Fortinet claimed: “An individual gained unauthorised access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number of Fortinet customers.”
Fortinet has not disclosed how many customers are impacted or what kind of data has been compromised, but it has been confirmed that the incident affected less than 0.3% of its customer base.
White House launches huge cyber security hiring sprint
At the beginning of September, the White House Office of the National Cyber Director launched a program to help fill the gap of around 500,000 available cyber security jobs across the United States.
National Cyber Director, Harry Coker Jr., unveiled the program as part of an effort to fill a continued gap in cyber, technology and AI positions. He added “Many Americans do not realise that a cyber career is available to them. There is a perception that you need a computer science degree and a deeply technical background to get a job in cyber.”
We are delighted to see a hiring sprint of this size for American citizens, although one thing for certain; training will be essential for the success of the program!
UK Government publishes report on UK cyber skills market
On the 16th of September, the UK Government released its sixth iteration of Cyber Security Skills in the UK labour market. The report gives a thorough overview of the current situation, challenges and opportunities in the UK cyber sector.
Understanding the cyber security landscape in its whole is the first part of any process. The research clearly shows that although the demand for cyber security professionals has dropped in recent years, the domain has been far more resilient than the wider tech sector. 44% of businesses across public and private sectors have reported gaps in basic cyber security skills, while 27% have reported gaps in more advanced skills. The workforce gap remains persistent, with the demand for cyber security professionals continuously growing - as it has in all editions of the research!
At TryHackMe, we are proud to be part of the solution to longstanding, systemic challenges and always eager to expand and improve our offering.
To learn more about our expert opinion on the new report, click the button below!
TFL hit by hack
On the 1st of September, Transport for London (TfL) declared a major cyber security incident after identifying suspicious activity, leading to a temporary restriction on some online services.
TfL addressed the general public on the 12th of September with the following public statement: “The situation is evolving and our investigations have identified that certain customer data has been accessed. This includes some customer names and contact details, including email addresses and home addresses where provided. Some Oyster card refund data may have also been accessed. This could include bank account numbers and sort codes for a limited number of customers (around 5,000).”
After a thorough investigation was conducted alongside the National Crime Agency and the National Cyber Security Centre, a 17-year-old boy was arrested.
So far, we know that the breach included the names, emails, home addresses, bank details, and Oyster data belonging to TfL customers. All TfL staff must now attend in-person appointments to verify their identities and reset passwords.
Now, three weeks after the breach, customers are still unable to apply for new concession cards, refunds or access their contactless data. TfL continues to work with relevant government agencies.
TryHackMe gathers in Sardinia for annual retreat!
This week, the TryHackMe team gathered in Sardinia for our annual company retreat! We dined at fancy restaurants, partied on the beach, collaborated in interactive workshops, devoured delicious Italian food, and celebrated our achievements over the past year.
Keep an eye out on our socials to discover what we got up to and what’s coming up soon!
Ben Spring