The CyberWire Daily Podcast 6.20.24
Ep 2092 | 6.20.24

Cyberattack leaves dealerships feeling stuck in neutral.

Transcript

Over 15,000 car dealerships hit the brakes after a software supplier cyber incident. The EU’s Chat Control gets put on hold. A hacker leaks contact details of over 33,000 Accenture employees. A major forklift manufacturer shuts down operations in the wake of a ransomware attack. IntelBroker claims to have leaked source code from Apple. An investigation questions the ethics of AI firm Perplexity. A radiology practice notifies over half a million people of a data breach. Federal contractors pay millions in fines for inadequate cyber security during the COVID-19 pandemic. Stolen files from the Kansas City Police department are posted online. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. Remembering the work of MIT’s Arvind.

Today is Thursday June 20th 2024. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

Over 15,000 car dealerships hit the brakes after a software supplier cyber incident. 

If you were hoping to purchase a car in the US over the Juneteenth holiday, you may have found yourself disappointed.

A cyber incident at CDK Global, a major software provider for car dealerships, halted operations at thousands of dealerships across the US on a busy holiday Wednesday. CDK shut down systems and consulted with experts to address the issue. Core products have been restored, but many applications remain offline. The outage started around 2 a.m. Eastern time, leaving dealerships unable to perform routine tasks, from scheduling appointments to accessing customer records. Some dealerships resorted to paper records. CDK has not disclosed the cause of the outage. Restoration efforts are ongoing, with some functions back online but not fully operational.

The EU’s Chat Control gets put on hold. 

The EU Council has withdrawn the vote on Belgium's Chat Control plan due to a lack of majority support. Belgium's draft law aimed to monitor all chat messages, including those on end-to-end encrypted services, to detect abusive material. Critics argue this could generate false positives and compromise privacy. With Belgium unable to gain support, the proposal is postponed indefinitely. Hungary will take over the Council Presidency in July and intends to advance negotiations. Privacy advocates, including Signal's president Meredith Whittaker and NSA whistleblower Edward Snowden, have condemned the plan as mass surveillance. The legislative process will continue after the summer, with intense debates expected.

A hacker leaks contact details of over 33,000 Accenture employees. 

A hacker named “888” has leaked contact details of 33,000 current and former Accenture employees, obtained through a third-party breach. The data, posted on Breach Forums, includes full names and email addresses but no passwords. Accenture, a global IT and consulting firm based in Dublin, operates in over 120 countries. Hackread.com confirmed the authenticity of the leaked information. “888” is known for previous leaks involving major corporations. Accenture employees are advised to be vigilant against phishing and identity theft scams. 

A major forklift manufacturer shuts down operations in the wake of a ransomware attack. 

A ransomware attack on June 9 has shut down Crown Equipment Corporation, the world’s fifth-largest forklift manufacturer, halting production and leaving most of its 19,100 employees out of work. Crown, based in New Bremen, Ohio, has advised employees to file for unemployment or take vacation time. The company’s website and phone systems are down, and employees have not been paid since June 10. Poor communication has led to a PR crisis, with employees voicing complaints on social media. The attack reportedly involved a hacker installing a fake VPN and creating a privileged account. The hacker is demanding a $25 million ransom, and the FBI is investigating. 

IntelBroker claims to have leaked source code from Apple. 

Notorious hacker IntelBroker, responsible for previous high-profile breaches, has allegedly leaked source code for several of Apple's internal tools on a dark web forum. IntelBroker claims the June 2024 breach of Apple.com exposed tools including AppleConnect-SSO, an employee authentication system, and two other lesser-known tools. AppleConnect-SSO is crucial for employee access to internal systems, akin to an Apple ID. The breach appears to affect only internal systems, not customer data. IntelBroker, known for targeting major organizations like AMD, Zscaler, and AT&T, has posted this information on BreachForums. The authenticity of the data is uncertain, but IntelBroker's reputation lends credibility. The FBI is reportedly investigating the incident.

An investigation questions the ethics of AI firm Perplexity. 

Perplexity, an AI search startup backed by investors like Jeff Bezos’ family fund and Nvidia, faces criticism for scraping websites without permission. Despite its claims of transparency, investigations by WIRED and developer Robb Knight revealed that Perplexity often ignores the Robots Exclusion Protocol, accessing content from websites that have blocked its crawler. This includes thousands of unauthorized visits to Condé Nast sites. Perplexity’s chatbot can summarize articles and generate text based on this scraped data, but, like all AI chatbots, sometimes inaccurately and without proper attribution. The startup's practice of using unpublicized IP addresses to evade detection has raised significant ethical concerns. These revelations question the integrity of Perplexity’s methods and the reliability of its AI-generated content.

A radiology practice notifies over half a million people of a data breach. 

A Minnesota-based specialty radiology practice, Consulting Radiologists Ltd. (CRL), is notifying over 500,000 individuals of a data breach that exposed sensitive information earlier this year. The breach, detected on February 12, involved unauthorized access to CRL's network, compromising names, birthdates, addresses, health insurance information, and medical data. Some patients' Social Security numbers and driver’s license numbers were also affected. CRL discovered the breach through unusual network activity and confirmed the extent of the compromise by April 17. Despite no evidence of misuse, CRL is offering 12 months of identity and credit monitoring. This incident is part of a series of major health data breaches reported in recent months, highlighting the vulnerability of radiology practices to cyberattacks.

Federal contractors pay millions in fines for inadequate cyber security during the COVID-19 pandemic. 

Two federal contractors, Guidehouse Inc. and Nan McKay and Associates, paid $11.3 million in penalties for failing to properly test the cybersecurity of a financial assistance system for low-income individuals in New York during the COVID-19 pandemic. The DOJ stated that the contractors violated the False Claims Act by misrepresenting their service quality. Guidehouse paid $7.6 million and Nan McKay paid $3.7 million. The system, launched in June 2021, was shut down 12 hours later due to compromised applicant data. Guidehouse admitted to using unauthorized third-party data storage. The settlement is part of the Biden administration’s Cyber-Fraud Initiative, aimed at holding entities accountable for risking sensitive information. The case began with a whistleblower from Guidehouse.

Stolen files from the Kansas City Police department are posted online. 

The ransomware group BlackSuit published hundreds of stolen files from the Kansas City, Kansas Police Department (KCKPD) after the department refused to pay a ransom. Brett Callow, a threat analyst, noted that BlackSuit listed KCKPD on its leak site, releasing sensitive files dating back to 2016, including “Drone Pics,” “Evidence Room,” and “Finance.” BlackSuit claimed KCKPD voluntarily agreed to make their case files public. Callow emphasized that paying ransom often doesn't guarantee data destruction, as criminals frequently break promises. He suspects BlackSuit is a rebranding of the Royal/Conti group. Similar ransomware attacks have targeted other law enforcement agencies, such as Wichita County Mounted Patrol, highlighting the risks of interconnectivity in law enforcement data systems.

 

Coming up on our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. With all eight domains wrapped up, Sam and Joe pivot to the homestretch of Joe's studies. With the test about two weeks away, Joe discusses his approach to retaining the information and filling any remaining knowledge gaps. We’ll be right back

Welcome back. Thanks Sam and Joe. Don’t forget, we’ve got details on the course Joe is using to prepare for his CISSP and today’s sample question in our show notes. 

 

Remembering the work of MIT’s Arvind. 

And finally, Arvind Mithal, the esteemed Professor at MIT, passed away on June 17 at the age of 77. Known simply as Arvind, he was a cherished member of the MIT community, inspiring many with his brilliance and zest for life.

Arvind's pioneering research in dataflow computing and parallel processing left an indelible mark on the field. His work not only improved computational efficiency but also revolutionized digital hardware design. Arvind's legacy includes developing influential tools and languages like Id, pH, and Bluespec, and founding companies such as Sandburst and Bluespec, Inc.

Throughout his nearly five-decade tenure at MIT, Arvind was a dedicated mentor and leader, deeply committed to academic excellence. His infectious positivity, hearty laugh, and unwavering generosity brightened the lives of colleagues and students alike.

Arvind's influence extended beyond MIT, advising governments and universities worldwide. His accolades include membership in the National Academy of Engineering and the American Academy of Arts and Sciences.

Arvind believed in the joy of discovery, emphasizing that true scientific pursuit comes from a passion for knowledge. He is survived by his wife, Gita Singh Mithal, their sons Divakar and Prabhakar, their wives Leena and Nisha, and two grandchildren, Maya and Vikram.

Arvind’s legacy of kindness, wisdom, and groundbreaking research will be fondly remembered by all who had the privilege of knowing him.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re privileged that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K makes it easy for companies to optimize your biggest investment, your people. We make you smarter about your teams, while making your teams smarter. Learn how at n2k.com.

 

This episode was produced by Liz Stokes. Our mixer is Tré Hester, with original music and sound design by Elliott Peltzman. Our executive producer is Jennifer Eiben. Our executive editor is Brandon Karpf. Simone Petrella is our president. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.