Treasury's offensive in financial defense.
Project Fortress looks to protect the US financial system. News from San Francisco as RSA Conference winds down. Dell warns customers of compromised data. Google updates Chrome after a zero day is exploited in the wild. Colleges in Quebec are disrupted by a cyberattack. CopyCop uses generative AI for misinformation. The FBI looks to snag members of Scattered Spider. Betsy Carmelite, Principal at Booz Allen, shares our final Woman on the Street today from the 2024 RSA Conference. Guest Deepen Desai, Chief Security Officer at Zscaler, joins us to offer some highlights on their AI security report. A solar storm’s a-comin’.
Today is Month Day, Year. I’m Dave Bittner. And this is your CyberWire Intel Briefing.
Project Fortress looks to protect the US financial system.
The U.S. federal government has teamed up with Wall Street to form Project Fortress, a cybersecurity alliance aimed at protecting the U.S. financial system from cyberattacks. Announced in a letter to bank CEOs by Deputy Treasury Secretary Wally Adeyemo, the initiative combines defensive strategies, such as vulnerability scans and automated threat feeds, with offensive actions including the deployment of Treasury’s sanctions team and law enforcement. This collaboration underscores the heightened cyber threats to the economy and emphasizes consequences for attackers. The alliance also features an information-sharing program to improve threat detection. Over 800 financial institutions have already joined the initiative, which offers critical support to both large and smaller financial entities.
News from San Francisco as RSA Conference winds down.
Speaking at the RSA Conference, Eric Goldstein of the Cybersecurity and Infrastructure Security Agency (CISA) detailed how the U.S. is grappling with an intensified cyberthreat landscape, particularly from a Chinese operation known as Volt Typhoon. This group has expanded beyond traditional espionage to more disruptive aims against U.S. critical infrastructure, signaling a permanent shift in cyber warfare tactics. Although the U.S. has strengthened defenses and resilience, the persistent and evolving threat from China, highlighted by both ongoing attacks and potential future tactics, remains a major concern. Despite some progress in combating these threats, officials warn that the capability and intent of adversaries like China to cause disruption will continue to pose significant challenges to national security.
Meanwhile, at a tech event sponsored by Bloomberg, Anne Neuberger, deputy national security adviser for cyber and emerging technology, announced that the Biden administration plans to set minimum cybersecurity standards for hospitals. This follows a massive cyberattack on Change Healthcare, a unit of UnitedHealth Group Inc., which compromised the data of 100 million Americans and disrupted billions in payments. The breach underlined the vulnerability of the healthcare sector to cyber threats. Additionally, the administration will offer free cybersecurity training to 1,400 small, rural hospitals to bolster defenses.
Coming up later in the show, Betsy Carmelite, Principal at Booz Allen, shares our final Woman on the Street from the 2024 RSA Conference. N2K’s Brandon Karpf catches up with Betsy to compare notes.
Dell warns customers of compromised data.
For years, Dell customers have faced scam calls from fraudsters posing as Dell support, using personal details like names, addresses, and service tag numbers. Recently, Dell notified customers of an incident involving a portal breach that compromised customer data. An online ad claimed to sell the information of 49 million Dell customers from 2017 to 2024, including names, addresses, and hardware details. Dell advises customers to ignore unsolicited calls and contact Dell support directly if needed.
Google updates Chrome after a zero day is exploited in the wild.
Google has issued a security update for Chrome to address the fifth zero-day vulnerability exploited this year. This high-severity "user after free" vulnerability affects the Visuals component responsible for content rendering. Discovered by an anonymous researcher, it is confirmed to be actively exploited. The vulnerability could lead to data leakage, code execution, or crashes. Updates have been released for various platforms.
Colleges in Quebec are disrupted by a cyberattack.
A cyberattack has disrupted operations at four colleges in Quebec, affecting 7,000 students by suspending classes and canceling exams. The attack targeted the college network's servers, compromising access to Omnivox, the primary digital platform used for academic activities. Obscene images appeared on the site during logins, leading to a suspension of classes through the end of the week to allow a cybersecurity firm to investigate and address the breach. As of now, there is no evidence of data leakage, and management aims for classes to resume by May 13, with further updates pending. This incident is part of a broader trend of cyberattacks on educational institutions in Quebec.
The University System of Georgia (USG) is notifying 800,000 people about a data breach resulting from the 2023 Clop MOVEit attacks, which exploited a zero-day vulnerability in a file transfer solution. The breach exposed sensitive information such as Social Security numbers, bank account details, dates of birth, and tax documents. The affected group likely includes current and former students, staff, and contractors. USG has partnered with Experian to offer a year of identity protection and fraud detection services, with a deadline to enroll by July 31, 2024. This incident is part of a global extortion campaign by the Clop ransomware gang, impacting thousands of organizations and millions of individuals worldwide.
CopyCop uses generative AI for misinformation.
Security researchers from Recorded Future have uncovered a significant Russian disinformation campaign named "CopyCop," which uses generative AI to manipulate and repurpose content from major news outlets to influence Western opinion. This campaign plagiarizes stories from reputable sources like Al-Jazeera and the BBC, introduces biases, and distributes them through spoofed or fake news websites to promote narratives that benefit Russian interests. These narratives often involve divisive issues such as the Israel-Hamas conflict and Ukraine, aiming to sway public opinion and disrupt political unity in the West, particularly ahead of key elections in the UK and US. The operation's sophisticated use of AI highlights the emerging challenges and threats to democratic societies and media integrity.
The FBI looks to snag members of Scattered Spider.
The FBI is advancing efforts to charge members of the Scattered Spider criminal gang, who are predominantly based in the U.S. and Western countries. This group notably compromised systems of major casino operators like MGM Resorts and Caesars Entertainment, demanding large ransoms. Active over two years, they've targeted a wide range of sectors, including health and financial services. The gang, known for aggressive tactics and sometimes threatening physical violence, has been involved in over 100 breaches. The FBI, aided by private security firms, is gathering evidence to meet the legal standards for charging these individuals. Already, a 19-year-old from Florida has been charged, with more arrests anticipated, potentially leveraging state and local laws.
Today on our final installment from the 2024 RSA Conference, N2K’s Brandon Karpf catches up with Booz Allen’s Betsy Carmelite. Betsy offers some insights wrapping up our Woman on the Street coverage of the event this year.
Today’s guest is Zscaler’s Chief Security Officer Deepen Desai offering us some highlights on their AI security report.
We’ll be right back
Welcome back
And finally,
A solar storm’s a-comin’.
This weekend, buckle up for a celestial showdown as a severe solar storm, rating a spicy G4 on the weather wildness scale, prepares to ruffle Earth's electromagnetic feathers.
In what the Space Weather Prediction Center is calling a "very rare" event Earth is about to get a cosmic smackdown from not one, but five eruptions of solar material. These sunny spitballs are expected to light up the skies with auroras, potentially turning the entire UK into an impromptu Northern Lights festival.
But it's not all Instagram-worthy sky art. This solar soiree threatens to throw a wrench in the works for our beloved tech. Unprepared power grids might take a nap, pipelines could get an unexpected jolt, and satellites might find themselves on an unscheduled spacewalk. Remember the G5 tantrum back in October 2003? Sweden went dark, South Africa’s transformers threw a fit, and we all reconsidered our dependence on electricity.
Flights over the poles might need to take the scenic route to dodge that extra zesty solar seasoning, meaning some travelers will rack up a few more air miles than planned. So, hopefully nothing more than a nighttime light show will occur, but just in case, grab your popcorn and settle in safely while we ride out a solar storm.
And that’s the CyberWire.
For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.
We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com
We’re privileged that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people. We make you smarter about your teams, while making your teams smarter. Learn how at n2k.com.
This episode was produced by Liz Stokes. Our mixer is Tré Hester, with original music and sound design by Elliott Peltzman. Our executive producer is Jennifer Eiben. Our executive editor is Brandon Karpf. Simone Petrella is our president. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.