Cyber Security Headlines: January 20, 2025 Hosted by CISO Series
1. TikTok Makes a Comeback Amidst Regulatory Scrutiny
In a significant development for social media and cybersecurity, TikTok has resumed operations in the United States following its abrupt shutdown late Saturday night. Steve Prentiss reported at [00:00] that President Elect Trump announced a 90-day window for TikTok to secure a US-based purchaser through an executive order. As a result, the app is now accessible to existing users, although it remains unavailable on both Google and Apple’s app stores.
Trump, via a post on Truth Social, proposed that the US government take a “50% ownership of the company” ([00:00]). This move has stirred considerable debate among users and security experts. Over the weekend, millions of TikTok users migrated to another platform, RedNote, declaring themselves as TikTok refugees. Some users cited their migration as an act of defiance against the US government’s initial ban.
Dark Reading highlighted concerns regarding RedNote’s operations based in Shanghai, noting that its presence on both sides of the Great Firewall could facilitate increased surveillance of American users. The data handled by RedNote is governed by Chinese cybersecurity laws, which mandate companies to provide government access upon request. Prior to the 90-day deadline, experts warned that the migration to RedNote could exacerbate national security risks associated with TikTok.
2. Christy Noem’s Vision for Reforming CISA
Steve Prentiss continued with updates on federal cybersecurity initiatives, focusing on Department of Homeland Security Secretary nominee Christy Noem. In testimony before the Homeland Security and Governmental Affairs Committee on Friday, Noem outlined her plans to restructure the Cybersecurity and Infrastructure Security Agency (CISA).
Noem stated, “[If confirmed,] I would keep the department out of efforts to combat disinformation and misinformation and pledged to make CISA smaller and more nimble” ([00:00]). She criticized the current direction of CISA, asserting that the agency “has gone far off mission, which is to hunt and to help harden our nation's critical infrastructure” ([00:00]). Her proposed changes aim to streamline CISA’s operations, focusing on strengthening critical infrastructure while distancing the agency from broader information warfare efforts.
3. Avery Labels Suffers Significant Data Breach
The episode also covered a major cybersecurity incident involving Avery Labels, a prominent company known for its adhesive labels and office products. Steve Prentiss detailed that Avery discovered the data breach on December 9th of the previous year, though the malicious activity began on July 18, 2024.
A card skimmer was installed on Avery’s online shop domain, avery.com, allowing threat actors to exfiltrate sensitive payment information from customers. This breach compromised Personally Identifiable Information (PII) along with payment card details, including CVV codes and expiration dates. The company estimates that “more than 61,000 customers may have been affected” ([00:00]).
Avery has since taken measures to address the breach, but the incident underscores the persistent vulnerabilities in e-commerce platforms and the critical need for robust cybersecurity defenses to protect consumer data.
4. FTC Report Reveals Surveillance-Based Pricing Practices
According to a preliminary report released by the Federal Trade Commission (FTC) on Friday, businesses are increasingly engaging in “surveillance pricing”, where consumers are charged varying prices based on data-driven insights into their behaviors and characteristics.
Steve Prentiss highlighted that the report accuses companies like MasterCard, Accenture, and McKinsey of providing tools that enable other businesses to adjust pricing dynamically. Examples include profiling a consumer as a new parent to show higher prices for baby products. Although the report utilized hypothetical scenarios to protect company trade secrets, the allegations suggest a growing trend of discriminatory pricing practices based on comprehensive consumer data, including geolocation and online activity.
However, the companies involved have denied selling or developing such surveillance pricing software. The report is currently in the "staff perspective stage", indicating it is not yet final and could be subject to further investigation and revision. Notably, incoming FTC Chair Andrew Ferguson and Republican Melissa Holyoak opposed its premature release, advocating for the completion of the agency’s investigation first.
5. Costa Rica’s Largest Oil Refinery Targeted in Ransomware Attack
A significant cybersecurity event involved a ransomware attack on Costa Rica’s largest oil refinery, which also served as a testing ground for a new US State Department response program. Steve Prentiss relayed that this attack was the first real-world application of the Foreign Assistance Leveraged for Cybersecurity Operational Needs (OR Falcon) initiative, developed by the State Department’s Cyber Bureau.
Nate Fick, the US Ambassador at Large for Cyberspace and Digital Policy, explained that OR Falcon aims to enhance international cybersecurity by leveraging private sector incident response capabilities. In this case, the response was executed within approximately 36 hours of the initial incident, showcasing the program’s potential effectiveness in mitigating cyber threats swiftly.
The initiative reflects the US’s commitment to supporting allies and promoting global digital norms aligned with American values, using collaborative efforts between government and private entities to address cyber incidents.
6. OpenText Designated as Undesirable Organization by Russia
Steve Prentiss covered the recent addition of OpenText to Russia’s list of undesirable organizations. OpenText, a Canadian-based company specializing in enterprise information management software, is now the second company to receive this designation, following Recorded Future.
Russia accuses OpenText of “collaborating closely with US law enforcement and contributing to the West's anti-Russia propaganda efforts” ([00:00]). Additionally, Russia points to OpenText’s 2023 acquisition of the UK-based Micro Focus as evidence that the company aided Ukrainian law enforcement with cybersecurity tools necessary for data collection against Russian military targets.
This designation reflects the ongoing tensions between Russia and Western technology firms, with implications for international business operations and cybersecurity collaborations.
7. Survey Highlights Poor Router Security Among Consumers
A recent survey by Broadband Genie, an independent UK broadband comparison service, revealed alarming statistics about consumer router security. Steve Prentiss shared that of over 3,000 respondents:
- 52% have never changed their router’s factory settings.
- 86% have never updated the router’s administrator password.
- 72% have never altered their Wi-Fi password.
These figures, consistent over six years since previous surveys in 2018 and 2022, indicate a persistent neglect of basic security practices among residential users. The lack of password changes leaves routers vulnerable to unauthorized access and potential cyber threats, emphasizing the need for greater consumer education on cybersecurity hygiene.
A detailed report is available through the podcast’s show notes.
Conclusion
This episode of Cyber Security Headlines by CISO Series provided a comprehensive overview of critical cybersecurity issues ranging from major platform regulations and data breaches to federal agency reforms and international cyber tensions. The discussions underscore the evolving landscape of cybersecurity, highlighting both the challenges and the proactive measures being undertaken to safeguard information and infrastructure.
For more in-depth stories and daily updates, listeners are encouraged to visit CISOseries.com.