This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dennis Pickett, vp, CISO, Westat
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
Microsoft admits CrowdStrike incident far greater than first reported
It’s been nearly two weeks since the great CrowdStrike outage, and it’s likely it will be a while before we know the full extent of the damage. However, we are getting some insight that Microsoft’s initial estimate of 8.5 million machines crashing is too low. Microsoft VP David Weston said in a blog post over the weekend that those initial numbers were based on voluntary crash reports shared by customers. Since every customer doesn’t share their crash reports, Weston wrote the initial 8.5 million was “a subset of the number impacted.” The post also included a promise from the company to reduce infosec vendors’ reliance on the kernel drivers following the incident.
Delta dishes on CrowdStrike damages
Just yesterday we mentioned that Delta Air Lines began lawyering up for legal action against CrowdStrike. In an update, Delta CEO Ed Bastian laid out the stakes on CNBC for any potential legal action, saying it cost the company $500 million in damages. This accounts for the lost revenue from the outage as well as compensation and hotels for stranded passengers. Delta canceled over 5,000 flights over a five-day period due to the outage, more than all cancelations in 2019. The outage also sparked an investigation by the US Department of Transportation. Bastian said the company has “no choice” but to seek damages from CrowdStrike.
(CNBC)
Dark Angels receives record-breaking ransom payment
A new report from Zscaler ThreatLabz has revealed that an unnamed company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang. Zscaler did share that the company was in the Fortune 50 and that the attack occurred in early 2024. The record-breaking ransom payment was further confirmed on X by crypto intel company, Chainalysis. One Fortune 50 company that suffered a cyberattack back in February is pharmaceutical giant Cencora, ranked #10 on the list. Cencora has not confirmed it made this particular payment. DarkAngels launched in May 2022 and is known for “big game hunting” and using Windows and VMware ESXi ransomware encryptors. Previously, the largest known ransom payment was $40 million shelled out back in 2021 by insurance giant, CNA.
Argentina will use AI to predict future crimes
Precog alert. In a move straight out of the novel and movie Minority Report, Argentina’s security forces “have announced plans to use artificial intelligence to predict future crimes.” Put in place by far-right president Javier Milei, the security unit will use “machine-learning algorithms to analyze historical crime data to predict future crimes. It is also expected to deploy facial recognition software to identify “wanted persons,” patrol social media, and analyze real-time security camera footage to detect suspicious activities.”
Thanks to today’s episode sponsor, Dropzone AI
Columbus, Ohio suffers cyber incident
The city is working to restore its systems following a cyberattack that forced it to sever its connection to the internet. Officials stated that “while its 911 and employee payroll systems remain operational, several resident-facing IT services are dealing with outages that may take time to restore. City employees were unable to send or receive emails, and the 911 service, although operational, had its staff working with pen and paper. No comments were made as to whether a ransom is involved.
Copyright traps could tell writers if AI has scraped their work
An article in Slashdot, quoting an article in the MIT Review describes a technique developed by a team at Imperial College London, in which pieces of hidden text “allow writers and publishers to subtly mark their work in order to later detect whether it has been used in AI models or not.” This follows a tradition used by mapmakers and dictionary publishers in earlier centuries who would add fake locations to maps or fake words in dictionaries to help detect plagiarism. “The code to generate and detect traps is currently available on GitHub, but the team also intends to build a tool that allows people to generate and insert copyright traps themselves.” The developers admit the technique is not foolproof since these copyright traps could be found and removed, but by increasing their number, it would make complete removal more difficult.
(Slashdot)