Cyber Briefing ~ 08/20/2024
OpenAI discovered and banned accounts involved in an Iranian influence campaign using ChatGPT to generate content on various issues, including the U.S. elections. The operation spread articles and social media comments across fake news sites, but failed to gain significant engagement.
Members of Congress urge the Commerce Department to probe cybersecurity risks posed by TP-Link Technologies' Wi-Fi routers due to reported vulnerabilities and alleged ties to the Chinese government. Concerns arise amidst China's strict data protection laws and potential cyber threats from groups like Volt Typhoon, which targets critical infrastructure through home routers.
White House National Cyber Director Harry Coker tours schools like the College of Southern Nevada to promote cybersecurity careers, emphasizing hands-on experience and skills-based hiring. The efforts aim to fill 500,000 open cybersecurity jobs, diversify the workforce, and enhance national security against cyber threats.
House committee members urge the Commerce Department to investigate TP-Link Technologies for potential national security risks due to concerns over vulnerabilities and compliance with Chinese law. Officials are alarmed by the threat of Chinese hacking operations targeting critical infrastructure networks.
Advocates argue for establishing an independent U.S. Cyber Force to address evolving military operations and combat cyber threats. Specialization, streamlined command, enhanced recruitment, and innovation are key benefits outlined to counter adversaries' growing cyber capabilities.
As researchers unveil a radio-based hacking technique targeting Shimano wireless gear shifters, professional cycling faces a new threat. The attack allows hackers to manipulate a rider's gears, potentially causing crashes or sabotaging races. Shimano is working on a fix to enhance security.
Change Healthcare, a UnitedHealth-owned health tech company, suffered a massive data breach due to a ransomware attack. The cybercriminals stole sensitive medical data affecting a substantial portion of Americans. UnitedHealth paid a $22 million ransom, but hackers disappeared, leading to ongoing disruptions in the healthcare sector.
A new report examines the vulnerabilities of undersea fiber-optic cables that carry over 95% of international data and are becoming an arena of U.S.-China competition. It details threats from China's and Russia's potential sabotage and espionage. The report recommends that the U.S. increase funding for cable repair ships, streamline permitting, update legal frameworks, coordinate with allies, and provide technical assistance to protect this critical infrastructure.
Data breach at National Public Data reveals leaked personal information including Social Security numbers and addresses, with potential long-term risks. Company acknowledges breach after months of uncertainty, facing lawsuits and potential identity theft threats for affected individuals.
A US federal appeals court ruled that geofence warrants violate the Fourth Amendment. Geofence warrants allow police to get location data on all devices in an area. The ruling only applies in three states. Also, police can still buy location data from companies. The appellants won't benefit since police acted in "good faith" when getting the warrant in 2018. So the issue isn't fully settled yet.
The US Defense Department plans to flood Taiwan with thousands of drones to defend against a potential Chinese invasion. The drones would create a defensive "hellscape" and delay Chinese forces long enough for the US to respond. The Pentagon is rapidly procuring and developing attritable drones through initiatives like Replicator to have "multiple thousands" ready in 18-24 months. The US is also providing drones to Taiwan and trying to strengthen the drone industrial base's production capacity. While it is uncertain if the US will succeed, the goal is to use massive drone swarms to thwart a potential Chinese invasion of Taiwan.
Many organizations face increasing ransomware attacks due to insufficient resilience in basic cybersecurity practices. Lack of foundational practices and failure to verify and validate them over time expose vulnerabilities. Recommendations include recommitting to basics like 2FA, institutionalizing practices, and measuring effectiveness for improved resilience.
Starting in October, Microsoft will enforce multifactor authentication (MFA) for all Azure sign-ins, including the Azure portal and Intune admin center. The move is part of Microsoft's Secure Future Initiative to enhance cybersecurity measures after recent high-profile cyberattacks linked to systems lacking MFA.
A survey by Cohesity reveals that companies overestimate their cyber resilience, with many failing to meet business recovery goals post-ransomware attacks. Despite anti-ransom policies, a large percentage paid ransoms. The report underscores the gap between projected resilience and actual recovery capabilities amid rising cyber threats.
OpenAI bans ChatGPT accounts linked to an Iranian influence operation creating AI-generated content about the U.S. election. Similar to previous incidents, the operation aimed to spread misinformation on social media. OpenAI's actions follow a Microsoft report identifying the group's efforts to influence U.S. elections since 2020.
Federal Communications Commission Chairwoman Jessica Rosenworcel is considering declaring Chinese companies Quectel and Fibocom Wireless as national security risks due to concerns over their production of cellular modules used in IoT devices. The FCC may restrict federal funds and authorize equipment purchases accordingly.
Chinese cellular modules pose a significant threat to national security due to potential data breaches and manipulation. Companies like QUECTEL and FIBOCOM hold a large market share, raising concerns over dependency and data egress to the Chinese government. Vigilance and action are crucial to mitigate risks.
The Pentagon introduces a proposed rule to enforce cybersecurity standards for Controlled Unclassified Information (CUI) under CMMC 2.0. The rule requires CMMC compliance for vendors handling CUI in DoD contracts and includes new requirements for contracting officers to ensure proper protection of sensitive information.
South Korea and the US begin annual military exercises to enhance readiness against North Korea's weapons and cyber threats. The Ulchi Freedom Shield drills focus on various threats, including missile attacks, GPS jamming, and cyber warfare. South Korean President emphasizes preparedness amid evolving hybrid warfare tactics.
NIST is progressing on addressing cybersecurity threats in the semiconductor lifecycle by creating a cyber framework profile and utilizing existing standards to secure the entire supply chain. The draft report outlines steps following a workshop focused on semiconductor cybersecurity and received feedback from industry, academia, and government.
The American Chemistry Council is advocating changes to CISA's proposed criteria for reporting substantial cyber incidents, particularly concerning the broad impact categories and the burden on chemical producers to report incidents involving third-party supporters. ACC emphasizes the need for risk-based severity assessment.
A Florida company called National Public Records acknowledged a data breach that exposed the personal records of up to 2.9 billion people, including names, addresses, and social security numbers. The company is advising people to check accounts for unauthorized activity and place fraud alerts. Experts recommend freezing credit files, as the email addresses leaked make people vulnerable to phishing attacks.
The article answers readers' common questions about cybersecurity risks and protections. It covers password strength, using incognito browser modes, public Wi-Fi dangers, VPNs, credit monitoring services, securing home Wi-Fi, and the pros and cons of biometric authentication. Experts advise consumers on best practices to guard against cyber threats.
Sophos X-Ops examines the increasingly aggressive tactics used by ransomware gangs to coerce their targets into paying ransom demands. Tactics include weaponizing media, legislation, and law enforcement; encouraging litigation and compensation claims; assessing data for illegal activity; criticizing victims' ethics to cause reputational damage; and leaking highly sensitive personal data. The tactics are designed to intimidate organizations and inflict serious harm if ransoms aren't paid.
Microsoft announced a mandatory two-factor authentication (2FA) requirement for all Azure sign-ins, part of a $20 billion security investment. Admins have a 60-day notice before the October enforcement, aiming to enhance cybersecurity and safeguard user data from cyber threats.
Many forgotten online accounts, or "zombie" accounts, pose a risk as they can leave personal data vulnerable to hackers. Experts warn that having multiple accounts with the same login information increases the likelihood of being targeted. Deleting these unused accounts can enhance online safety.
Google reveals that Iranian hackers are targeting email accounts associated with US presidential campaigns, including those of President Joe Biden, Vice President Kamala Harris, and former President Donald Trump. The cyber attacks are part of a broader effort to influence the upcoming election, raising concerns about foreign interference.
Subscribe to our LinkedIn Cyber Briefing.
Subscribe to the daily Cyber Briefing email.
Subscribe to our Cyber Focus podcast.
Copyright © 2024 Auburn University's McCrary Institute. All Rights Reserved.