CyberWire Daily — "Cyber and AI Take Center Stage"

Date: September 11, 2025
Host: Dave Bittner (N2K Networks)
Featured Segment: Caveat co-hosts Ethan Cook and Ben Yellen

Episode Overview

This episode covers a dynamic range of cybersecurity headlines and policy developments from around the world, with a particular focus on how artificial intelligence is shaping defense strategies. The main theme centers on the intersection of cyber capabilities and policy as reflected in the US House’s newly passed defense policy bill—the so-called "Big Beautiful Bill"—and its implications for the military, government, and private sector. The episode also highlights emergent threats and trends, such as attacks exploiting SonicWall devices, supply chain security, spyware proliferation, and the growing "Vibe code fixer" cottage industry spawned by AI-generated software.

Key Discussion Points & Insights

1. US Defense Policy Bill (HR1) and Cyber/AI Provisions

• The US House passes an $848 billion defense policy bill, the National Defense Authorization Act (NDAA), with important cyber and AI components.
  • Mandates:
    • NSA must brief lawmakers on Cybersecurity Coordination Center plans
    • COMBATANT commands to report on Cyber Command support
    • DoD to build a software bill of materials for AI tools
    • Up to 12 initiatives using generative AI for intelligence/cyber purposes
    • Threat sharing between NSA/private sector
    • Study of National Guard’s cyber response role
  • Quote:
    • “While less sweeping than past cyber debates, the bill still carries weighty digital measures.” (Dave Bittner, 03:05)

2. Microsoft Criticized over Healthcare Ransomware Attack

• Sen. Ron Wyden accuses Microsoft of “gross cybersecurity negligence” after a 2024 ransomware attack devastated Ascension Health, impacting 140 hospitals and exposing data on 6 million patients.
  • Attackers exploited weak RC4 encryption; Wyden claims Microsoft didn’t adequately warn customers.
  • Microsoft plans to phase out RC4 by 2026 but resists sudden moves that could break legacy systems.
  • Notable Moment:
    • Wyden likens Microsoft to “an arsonist selling firefighting services.” (04:52)

3. U.S. Cyber Command and NSA Leadership

• Dual-hat leadership will continue; plans to split the agencies have been shelved.
  • Army Lt. Gen. William Hartman is the nominee to lead both organizations, with lawmakers supporting combined direction for efficiency and speed.

4. DoD Finalizes Contractor Cybersecurity Requirements

• Cybersecurity Maturity Model Certification (CMMC) rule finalized.
  • Three-phase rollout over three years for 300,000+ defense contractors
  • New framework reduces compliance burden but highlights persistent governance/encryption weaknesses.

5. Ransomware Update: Akira Group Targets SonicWall Devices

• Akira ransomware exploits VPN vulnerabilities in SonicWall firewalls (Gen 5–7).
  • Recent attacks utilize incomplete patches, over-provisioned access, and MFA hijacking.
  • Researchers urge organizations to:
    • Patch systems
    • Enforce MFA limitations
    • Rotate local accounts
    • Monitor SSL VPN activity

6. Supply Chain Security: Solar-Powered Infrastructure Risks

• DoT issues warning about potential hidden radios in solar-powered highway systems (EV chargers, cameras).
  • Rogue components linked to Chinese suppliers raise concerns about remote tampering or data theft.
  • Recommendations: inventory equipment, use spectrum analysis, remove rogue radios, ensure segmentation.

7. Global Spyware Market Mapped: Atlantic Council’s "Mythical Beasts" Project

• 561 spyware-related entities in 46 countries identified.
  • U.S.-based investment leads despite sanctions; resellers/brokers are key intermediaries.
  • NSO Group fined for Pegasus attacks.
  • Quote:
    • “Persistent patterns like jurisdiction hopping, serial entrepreneurship and hardware partnerships, and major transparency gaps in corporate registries.” (Dave Bittner, 11:35)
  • Policy recommendations: Stronger oversight, more disclosure, scrutiny of intermediaries.

8. Apple AirPlay Flaws (Airborne)

• Oligo research: AirPlay protocol flaws allow remote code execution and even ‘wormable’ zero-click exploits.
  • Proof-of-concept on Apple CarPlay.
  • Automaker patching lags despite Apple patching in April.

9. Record DDoS Attack in Europe

• European DDoS mitigation provider thwarts record attack (1.5B packets/sec).
  • Attackers used IoT devices and routers across 11,000 networks.
  • Fastnetmon calls for ISP-level filtering to prevent service disruptions.

Deep Dive: Caveat Roundtable — “The Big Beautiful Bill”

[Starts 14:49]
Co-hosts Ethan Cook and Ben Yellen join Dave Bittner to analyze the cyber/AI components of the massive defense spending bill ("Big Beautiful Bill") and its implications.

1. What is the "Big Beautiful Bill"?

[15:18]

• Officially HR1; Trump administration’s flagship funding package for next four years
• $150 billion earmarked for defense modernization and another $150 billion for border security (non-cyber focus skipped)
• Puts total military spending over $1 trillion (over 4 years)
• Quote:
  • “This is a really big hallmark on what its intentions are for the next four years and what it's trying to do.” (Ethan Cook, 15:25)

2. Defense Modernization Focus

[17:09]

• “Wars…won’t be won by just raw manpower, it’s going to be won by technological advancement.” (Ethan Cook, 17:22)
• Investments:
  • $300 million for Indo-Pacific mesh networks
  • $400 million for advanced command-and-control
  • $500 million for 5G/6G military integration
  • $500 million to avoid delays in delivering AI-capable military tools
• $1 billion commitment to offensive cyber operations (reflects shift toward offensive use of cyber tools in US policy)
• Quote:
  • “$1 billion for offensive cyber operations…that’s a really significant investment and I think signifies an acceleration of a strategy…pushing to more offensive cyber operations.” (Ben Yellen, 18:32)

3. Strategic Emphasis on the Indo-Pacific

[19:39]

• Indo-Pacific is prime focus due to China
• Trump administration maintains strong anti-China posture (even compared to Biden administration)
• Investments are meant to increase infrastructure, communication and quick-response capacity in the region
• Quote:
  • “The simple answer to that is China.” (Ethan Cook, 19:50)

4. Supply Chain Resilience

[21:05]

• Major funding to secure supply chains for semiconductors and AI-related minerals
  • $5 billion for critical minerals
  • Investment in predictive/analytical capabilities
  • $25 million for industrial policy workforce expansion
• Notable for investing in DOD policy talent even while much of government faces cuts
• Quote:
  • “…expanding the Department of Defense’s ability…We’re not cutting here, we’re expanding.” (Ethan Cook, 22:00)

Notable Quotes & Memorable Moments

• On Microsoft's Role in Ascension Attack:
  • “Wyden likened Microsoft to an arsonist selling firefighting services.” (Dave Bittner, 04:52)
• On Defense Modernization:
  • “Wars…not going to be won by just raw manpower, it’s going to be won by technological advancement.” (Ethan Cook, 17:22)
• On China and Indo-Pacific Focus:
  • “The simple answer to that is China.” (Ethan Cook, 19:50)
• On “Vibe Code Fixers” Phenomenon:
  • “AI may help people prototype, but humans will still be needed to keep this AI on the leash.” (Swantantra Soni, 24:40)

Emerging Topics & Industry Trends

“Vibe Code Fixers”

[24:03]

• AI-generated code often creates messy, unstable software needing human rescue
• New cottage industry: freelancers and companies specialize in cleaning up “vibe code” disasters
• Memorable analogy: “rescue apps that crash whenever somebody sneezes”
• “As Swantantra Soni puts it, AI may help people prototype, but humans will still be needed to keep this AI on the leash.” (24:40)

Timestamps for Important Segments

• House passes defense bill with cyber/AI provisions: 03:05 – 07:00
• Sen. Wyden blasts Microsoft over Ascension hack: 07:00 – 08:50
• US Cyber Command/NSA leadership update: 08:51 – 10:00
• DoD contractor cybersecurity rule (CMMC): 10:01 – 11:15
• Akira ransomware’s SonicWall campaign: 11:16 – 12:00
• Solar-powered supply chain risk advisory: 12:01 – 13:00
• Spyware market trends (Atlantic Council): 13:01 – 14:00
• Apple AirPlay security flaws: 14:01 – 14:20
• Record-breaking European DDoS: 14:21 – 14:49
• Caveat segment: “Big Beautiful Bill” deep dive: 14:49 – 22:44
• “Vibe code fixer” industry: 24:03 – 25:30

Conclusion

This episode delivers a comprehensive review of how cyber and AI issues are now at the center of U.S. defense planning, a reflection of state-level and global cyber risks, and industry adaptation. Practical takeaways include the importance of patching vulnerabilities fast, fortifying supply chains, scrutinizing commercial spyware, and recognizing the increasing overlap between human expertise and AI in software development. The analysis of the defense bill provides a window into both policy priorities and real-world technical shifts for listeners across the cybersecurity spectrum.