- Mycomputerspot Security Newsletter
- Posts
- Wednesday War Room – 10/22/2025
Wednesday War Room – 10/22/2025
Another week, another series of unfortunate events in the digital world.
J.W. Croley
October 22, 2025
Sponsored by
A W-2, a Laundromat Owner, & a Billionaire Walk Into a Room…
NOVEMBER 2-4 | AUSTIN, TX
At Main Street Over Wall Street 2025, you’ll learn the exact playbook we’ve used to help thousands of “normal” people find, fund, negotiate, and buy profitable businesses that cash flow.
Use code BHP500 to save $500 on your ticket today (this event WILL sell out).
Click here to get your ticket, see the speaker list, schedule, and more.
The past three days have been a whirlwind of nation-state shenanigans, AI-powered anxieties, and good old-fashioned data theft. It seems the only thing evolving faster than the threats is our collective sense of dread. From critical infrastructure to luxury brands, no sector was spared. If you were hoping for a quiet week, you’ve come to the wrong newsletter.
Risk Level: Critical
Business Impact: Widespread operational disruption, financial loss, and national security risks
What You Need to Know: What You Need to Know: A new report released on October 21st reveals a staggering 34% surge in ransomware attacks against critical industries in 2025. The report documents 4,701 total incidents globally between January and September, with a shocking 2,332 of those attacks targeting critical
Why This Matters:
The numbers don't lie: ransomware is a full-blown crisis, and critical infrastructure is square in the crosshairs.
The increasing focus on critical industries suggests a strategic shift by threat actors towards high-impact targets.
The sheer volume of attacks indicates that many organizations are still struggling to implement basic security controls.
Executive Actions:
📊 Conduct a thorough risk assessment of your organization's critical infrastructure.
🛡️ Implement a robust, multi-layered security architecture with a focus on prevention, detection, and response.
🆘 Develop and test a comprehensive incident response plan for a ransomware attack.
🤝 Establish strong partnerships with government agencies and industry peers to share threat intelligence and best practices.
Risk Level: High
Business Impact: Data breach, supply chain disruption, reputational damage
What You Need to Know: Envoy Air, a subsidiary of American Airlines, confirmed on October 21st that it was targeted by the Clop ransomware group. The attack is part of a broader campaign against customers of Oracle’s E-Business Suite. The breach resulted in the leak of 26GB of American Airlines data on Clop's dark web site.
Why This Matters:
This incident is a stark reminder of the significant risks posed by supply chain vulnerabilities.
The targeting of a major airline highlights the potential for widespread disruption to critical transportation infrastructure.
The involvement of the Clop ransomware group, known for its sophisticated tactics, indicates a high level of threat.
Executive Actions:
🔗 Conduct a thorough review of your organization’s supply chain security.
🗝️ Ensure that you have applied all relevant security patches.
✈️ If your organization relies on air travel, have a contingency plan in place for potential disruptions.
🕵️ Monitor the dark web for any signs of your organization’s data being leaked.
Risk Level: High
Business Impact: Increased risk of successful attacks, erosion of traditional security controls
What You Need to Know: A new report from CrowdStrike, released on October 21st, reveals that 76% of organizations are struggling to match the speed and sophistication of AI-powered attacks. The report highlights that legacy defenses are becoming obsolete in the face of these new threats.
Why This Matters:
The age of AI-powered cyberattacks is here, and most organizations are not prepared.
Adversaries are using AI to accelerate every stage of the attack lifecycle, from reconnaissance to exfiltration.
The findings underscore the urgent need for a new approach to security, one that is as agile and adaptive as the threats it faces.
Executive Actions:
🔬 Invest in AI-powered security solutions to augment your existing defenses.
🧠 Upskill your security team to understand and defend against AI-powered attacks.
🧪 Conduct regular red team exercises to test your organization’s resilience against AI-driven threats.
🤖 Develop a corporate policy on the acceptable use of AI to mitigate insider threats.
Leadership Insight:
The events of the past three days are a stark reminder that we are in a new era of cyber conflict.
The old rules no longer apply. The adversary is more sophisticated, more brazen, and more dangerous than ever before. We must be more agile, more adaptive, and more resilient.
We must be prepared to fight and win in a world where the digital and physical are inextricably linked.
The time for complacency is over. The time for action is now.
Free, private email that puts your privacy first
Proton Mail’s free plan keeps your inbox private and secure—no ads, no data mining. Built by privacy experts, it gives you real protection with no strings attached.
Risk Level: Critical
Business Impact: National security crisis, exposure of military secrets, potential for physical attacks
What You Need to Know: The Russian hacker group, Lynk, has leaked sensitive files from the UK Ministry of Defence (MoD). The leaked data includes information on eight military bases. The breach, which was reported on October 20th, represents a major national security crisis for the UK.
Why This Matters:
This is a brazen act of cyber espionage by a nation-state actor against a major NATO member.
The exposure of sensitive military information could have devastating consequences for UK national security.
The incident highlights the growing threat of state-sponsored cyberattacks and the need for a robust and coordinated response.
Executive Actions:
🏛️ If your organization is part of the defense industrial base, immediately review your security posture and implement enhanced monitoring.
🤝 Collaborate with government agencies and industry peers to share threat intelligence and best practices for defending against nation-state actors.
🛡️ Conduct a thorough review of your organization’s counterintelligence program.
🚨 Report any suspicious activity to the appropriate authorities immediately.
Risk Level: High
Business Impact: Reputational damage, regulatory fines, loss of customer trust
What You Need to Know: South Korean telecom giant, LG U+, is facing scrutiny over its handling of a recent data breach. The company initially claimed there was “no evidence of data leakage” despite reports that information from 8,938 servers, 42,526 accounts, and 167 employees had been leaked. The company’s CEO has since agreed to report the incident to authorities.
Why This Matters:
This is a classic example of how not to handle a data breach.
A slow and evasive response will only serve to erode customer trust and attract the attention of regulators.
Transparency and accountability are critical in the aftermath of a security incident.
Executive Actions:
📜 Review your organization’s incident response plan to ensure that it includes a clear and comprehensive communications strategy.
🗣️ Designate a single spokesperson to handle all communications with the media and the public in the event of a breach.
⚖️ Be prepared to be transparent and accountable to your customers, employees, and regulators.
🤝 Work closely with law enforcement and other authorities to investigate the incident and bring the perpetrators to justice.
Risk Level: Medium-High
Business Impact: Exposure of high-value customer data, reputational damage, potential for targeted attacks
What You Need to Know: The prestigious auction house, Sotheby’s, is the latest victim of a data breach. A law firm has announced that it is investigating the incident, which was reported on October 21st. The full scope of the breach is not yet known, but it is believed to involve the personal and financial information of the auction house’s wealthy clientele.
Why This Matters:
This incident highlights the fact that no organization, no matter how prestigious, is immune to cyberattacks.
The targeting of a luxury brand like Sotheby’s suggests that threat actors are increasingly going after high-value targets.
The exposure of data belonging to wealthy individuals creates a significant risk of targeted attacks, including phishing, identity theft, and even physical threats.
Executive Actions:
💎 If you are a Sotheby’s customer, take immediate steps to protect your account and monitor your financial statements for any suspicious activity.
🧐 Review your organization’s security posture to ensure that you are adequately protected against targeted attacks.
👑 Implement enhanced security measures for all high-value assets and data.
🤝 Work with a reputable security firm to conduct a thorough risk assessment and penetration test.
🔄 Assess Your Ransomware Readiness: Immediately initiate a review of your organization’s ransomware defense and response capabilities.
📦 Evaluate Your AI Security Posture: Assess your organization’s exposure to AI-powered attacks and invest in AI-driven security solutions.
🧠 Drill Your Incident Response Plan: Conduct regular incident response drills to ensure that your organization is prepared to handle a crisis.
📊 Protect Your High-Value Assets: Implement enhanced security measures for all high-value assets and data, including customer information.
📜 Scrutinize Your Supply Chain: Conduct a thorough review of the security of your critical vendors and partners.
💡 Stay vigilant, patch promptly, and remember that in cybersecurity, paranoia isn't a disorder – it's a job requirement. 💡
J.W.
(P.S. Check out our partners! It goes a long way to support this newsletter!)
Free email without sacrificing your privacy
Gmail tracks you. Proton doesn’t. Get private email that puts your data — and your privacy — first.