Out with the old, in with the new.

NIST’s Cybersecurity Framework gets an upgrade. ONCD makes a case against memory-related software bugs. A recent cyberattack targets Canada's Royal Canadian Mounted Police. US dethrones Russia as top target in cyber breaches. Caveat podcast cohost Ben Yelin discusses remedies in generative AI copyright cases. And a creative way to deal with your neighbors’ music.

Today is February 27th, 2024. I’m Tré Hester. And this is your CyberWire Intel Briefing. 

The Landmark Cybersecurity Framework gets an upgrade.

The National Institute of Standards and Technology (NIST) released Version 2.0 of its Cybersecurity Framework, marking a significant milestone in the ongoing battle against cyber threats. The framework is a collaborative effort involving government agencies, private sector organizations, and academia.

The CSF 2.0 supports implementation of the National Cybersecurity Strategy with an expanded scope that goes beyond protecting critical infrastructure to all organizations in any sector. The release includes a focus on adaptation to evolving threats, integration and flexibility, risk management, collaboration, and embracing global cybersecurity trends.

Calling all software bug exterminators. 

In a recent report, the Office of the National Cyber Director (ONCD) highlighted the alarming prevalence of memory-related software bugs, shedding light on a critical vulnerability in digital infrastructure. These bugs, often lurking unnoticed in software code, pose significant security risks, potentially enabling cyber attackers to exploit sensitive data or compromise system integrity. Prioritizing vulnerability awareness, implementing robust risk mitigation strategies, fostering collaboration, and maintaining continuous vigilance, the White House hopes a greater use of memory-safe programming languages will help to make product secure from the outset.

Royal Canadian mounted police under attack.

Cue the Dudley Do-right theme song…A recent cyberattack targeted Canada's Royal Canadian Mounted Police (RCMP). The RCMP did not share details on the nature and extent of the attack, saying that it was working with partner Canadian government agencies “to continue assessing the breadth and scope of the security breach and hold those responsible accountable.” The RCMP notes the attack did not impact operations, or the safety and security of Canadians. Over the weekend, however, RCMP’s website was briefly unavailable.

Email slip-up results in big costs.

The UK Ministry of Defence faced a significant fine of £350,000 ($443,000) due to an email error exposing Afghan interpreters' identities. The email could have enabled the identification of individuals contacting the British government and seeking to be relocated from the country as the Taliban regained control in 2021. This data was exposed when the MoD sent bulk emails using the “TO” field rather than the “BCC” field, according to the ICO

Digital diplomacy in overdrive.

Researchers report at least 14 state-sponsored hacker groups from around the world have targeted Russia and some former Soviet Union members — Azerbaijan, Belarus, Kyrgyzstan, and Kazakhstan — with destructive or espionage campaigns over the past year. Some of the groups were likely linked to Ukraine and others acted in the interests of their own countries, like North Korea and China, according to the Russian company F.A.C.C.T.’s report.

US dethrones Russia as top target in cyber breaches.

A recent study investigating data breaches throughout 2023 reveals a total of 299.8 million accounts were compromised. Seems like a really large number, but it in fact represents an 18% decrease from 2022. Despite this global reduction in breaches, the situation in the United States has increased, with the number of breaches tripling, giving it the title of world's most frequently targeted country overtaking Russia.

Steel giant breaches by hackers. 

Bleeping Computer reports steel giant ThyssenKrupp confirmed that hackers breached systems in its Automotive division last week, forcing them to shut down IT systems as part of its response and containment effort. ThyssenKrupp AG is one of the world's largest steel producers and a crucial component of the global supply chain of products that use it in their industries. At time of publication, no major ransomware groups or other threat actors had assumed responsibility.

Blackcat's on an RX rampage.

In a follow-up to our coverage of the healthcare cyberattack last week, we have some updates. More than 100 health-related services were impacted by the attack, and there’s still no word on when things will be back to normal. Hackers working for the 'Blackcat' ransomware gang are behind the outage at UnitedHealth's technology unit that has snarled prescription deliveries. A number of pharmacy chains, including CVS Health and Walgreens, have said the outage had knock-on effects on their businesses, as pharmacies could not transmit insurance claims for patients. 

Emphasizing proactivity for cybersecurity.

Another friend of the CyberWire, Steve Winterfeld, member of our Hash Table and frequent contributor to our CSO Perspectives podcast with Rick Howard recently wrote about "Getting Ahead of Cybersecurity Materiality Mayhem." In it, Steve addresses the growing concern of cybersecurity risks and their impact on financial materiality. The article emphasizes the need for organizations to proactively assess and manage cybersecurity risks to avoid potential financial and reputational damage. It underscores the importance of integrating cybersecurity into overall risk management strategies and aligning with regulatory requirements. You can find the link to Steve’s article in our show notes.

Up next we’ve got Ben Yelin. Ben is our Caveat podcast cohost and Program Director at the University of Maryland Center for Health and Homeland Security. Ben discusses remedies in the generative AI copyright cases. 

 

Roni Bandini's reggaeton revolution.

And finally, when Roni Bandini's neighbor started blasting reggaeton every morning at 9 am, he took the non-confrontational route of addressing the issue with a Raspberry Pi and created Reggaeton Be Gone. The name was selected as an homage to the Tv-B-Gone device. It monitors room audio and identifies the reggaeton genre with machine learning. Once identified, it triggers comm requests and packets to the Bluetooth speaker to disable it or at least disturb the sound so much that the neighbor will be forced to turn it off. Bandini adds the disclaimer: Reggaeton Be Gone is an experimental project. Before deploying it, check your local laws and regulations. Use it only with your own Bluetooth speakers for educational purposes.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. You can email us at cyberwire@n2k.com—your feedback helps us ensure we’re delivering the information and insights that help keep you a step ahead in the rapidly changing world of cybersecurity.

We’re privileged that N2K and podcasts like the CyberWire are part of the daily intelligence routine of many of the most influential leaders and operators in the public and private sector, as well as the critical security teams supporting the Fortune 500 and many of the world’s preeminent intelligence and law enforcement agencies.

N2K strategic workforce intelligence optimizes the value of your biggest investment—people. We make you smarter about your team, while making your team smarter. Learn more at n2k.com.

 

This episode was produced by Liz Stokes. Our mixer is Tré Hester, with original music by Elliott Peltzman. Our executive producers are Jennifer Eiben and Brandon Karpf. Our executive editor is Peter Kilpe, and I’m Dave Bittner. Thanks for listening.