At RSA 2022 in June, Jen Easterly provided a kind of progress report for the almost-one-year-old alliance known as the Joint Cyber Defense Collaborative, or JCDC.

“It’s starting to build momentum. But most importantly, it’s starting to build trust,” said Easterly, director of CISA, during a panel at the time.

The faith amongst public and private partners still appears strong as the JCDC—an alliance including companies like Microsoft and Google Cloud, as well as eight government partners—counts some Ws from its first year. JCDC industry participants who spoke with IT Brew showed an appreciation for the group’s efforts to react to and solve complex, unexpected cybersecurity crises.

“If some major event was to occur, then you’ve got a group of people who already know each other, who already trust each other, who already have a safe place to collaborate, that can respond super quickly to a breaking cyber event,” said Don Smith, VP of threat research at the cybersec company Secureworks.

Successful collabs. In an August blog post, a year after the creation of the collective, Easterly highlighted the coordinated response efforts to major cybersecurity events, like the over-the-weekend revelation in late 2021 of a Log4J vulnerability. JCDC members ultimately provided 17 threat analyses that informed CISA’s alerts, and created a vulnerability guidance webpage that generated “more than 300,000 page views in its first three weeks.”

Read the rest here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @BillyHurls on Twitter.

Game over, man. The gaming industry is increasingly a target for hackers aiming to profit from stolen in-game items and other digital assets, cheats, and attacks against game developers, according to a recent report from Akamai.

Web application and API attacks targeting players’ accounts and gaming firms are up 167% from May 2021 to April 2022, with Akamai reporting it had tracked over 820 million such attacks. Since January 2021, the primary methods used were local file inclusion (LFI) at 38%, SQL injection (SQLi) at 34%, and cross-site scripting (XSS) at 24% of the attacks tracked by Akamai.

SQLi attacks may be intended to steal database information, including login credentials or personal information of players, useful for stealing digital goods like in-game items. LFI attacks, which rely on vulnerabilities that allow users to trick a server into running scripts, could expose both player data or game details that enable the development of cheats. Akamai researchers wrote that mobile and web-based games are particularly juicy targets because hackers may gain “access to usernames and passwords, account information, and anything game-related that resides on the server.”

Gamers are valuable. The Covid-19 pandemic juiced video gaming to all-time highs in the US, and micro-transactions within them are expected to be worth over $100 billion annually by 2026, according to a Business Research Company estimate cited in the Akamai report.

“If you look at some of the latest trends for attacks against the gaming industry, account takeover is a huge thing,” Tony Lauro, director of security technology and strategy at Akamai, told IT Brew. For example, the Fantasy Premier League football app introduced two-factor authentication in July 2022 in response to a surge of account hijacks.

Read more here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @thetomzone on Twitter. Want to go encrypted? Ask Tom for his Signal.

Today’s top IT reads.

Stat: 1,859. That’s the number of apps detected on both Android and iOS that feature hard-coded AWS login credentials, allowing access to private data. (IT Security Guru)

Quote: “Frontier failed Connecticut consumers.”—Connecticut Attorney General William Tong, announcing a settlement forcing Frontier Communications to cease charging a monthly $6.99 internet infrastructure surcharge (Ars Technica)

Read: The NSA has released guidelines for developers in order to improve security and protect vulnerable supply-chain software. (ZDNet)

Hackers unite: When 20k+ cybersecurity pros met up at this year’s Black Hat to boost skills and build community, they needed a *really* secure network. See how Cisco helped build and secure that resilient network right here.*

^{*This is sponsored advertising content.}