CyberWire Daily – “Patch or Pull the Plug”

Date: February 6, 2026
Host: Dave Bittner (N2K Networks)
Main Guest: Mike Carr, Field CTO at Zona

Episode Overview

This episode delivers a comprehensive roundup of current cybersecurity news, covering government directives, industry incidents, and critical vulnerabilities. The central segment features an in-depth interview with Mike Carr, Field CTO at Zona, who discusses the immense cybersecurity challenges of protecting the upcoming 2026 Winter Olympics in Italy. The show wraps up with an unusual story about a base jumper’s failed AI alibi attempt.

Key Discussion Points and Insights

1. CISA's Crackdown on Aging Edge Devices

[02:00–04:00]

• The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive.
• All federal civilian agencies must identify, inventory, and remove outdated network security gear (firewalls, routers, VPNs) that no longer receive vendor patches.
• Timeline:
  • Full edge device inventory due within three months.
  • Unsupported devices removed within a year.
  • Tracking systems in place within two years.
• Rationale: Obsolete edge gear is a “substantial and constant risk,” making government networks vulnerable to fast-moving attackers.
• Quote:
  • “Compromised perimeter devices can provide fast access to internal systems.” (Dave Bittner, [02:44])

2. Congress and DHS Focus on Critical Infrastructure Security

[04:00–08:00]

• The House Energy Subcommittee has advanced five bipartisan bills to protect the US energy sector—focusing on physical security, cybersecurity, and grid resilience.
• Key bills include:
  • Energy Emergency Leadership Act
  • Rural and Municipal Utility Cybersecurity Act (extending support to small, rural utilities)
  • Pipeline cybersecurity and grid resilience measures.
• The Department of Homeland Security’s (DHS) Mobile Fortify facial recognition app is under scrutiny for privacy concerns; used by ICE and CBP in field operations, it generates possible matches but can misidentify people, raising civil liberties concerns.

3. Cyber Incidents and Threats

[08:00–12:00]

• Romania’s national oil pipeline operator, Konpet, experienced a cyberattack that knocked systems offline. Ransomware group Ken claimed responsibility.
• Flickr users are warned about a third-party breach risking personal data, though not passwords/payment information.
• European Commission considers fining TikTok up to 6% of global annual revenue for addictive design practices that particularly endanger minors.
  • Quote:
    • “Regulators argue TikTok’s existing safeguards are ineffective and say core design changes may be required to avoid penalties.” (Dave Bittner, [11:48])

4. Growing Abuse of Open-Source and AI Platforms

[12:00–14:00]

• DKnife, a China-linked Linux threat actor, operates a persistent “adversary-in-the-middle” campaign targeting Chinese-speaking users.

• Researchers warn that the OpenClaw AI project is being exploited at scale, with 17% of reviewed “skills” found malicious—primarily to steal crypto keys or deliver malware.

• Cisco Talos and Bitdefender highlight the urgent need for organizations to treat AI-based “skills” like full software installs and to be careful with their credentials.

  • Notable Advice:
    • “Hardened gateways, audit firmware and binaries, enforce strong authentication, and closely monitor network traffic because attackers increasingly operate where traditional endpoint defenses cannot see.” (Newsletter via Dave Bittner, [14:00])

Feature Interview: Mike Carr on Securing the 2026 Winter Olympics

[15:07–23:59]

Event Cybersecurity Challenges

• Events On Scale & Complexity

  • Security for events like the Winter Olympics involves vast, complex, temporary infrastructure.
  • "It's really about the compromises… around speed of deployment versus security. There are a lot of places where… shortcuts get taken that probably shouldn't be taken."
    — Mike Carr, [15:13]

• Lack of Comprehensive Ownership

  • Temporary, multi-organization environments often lack a single authority with end-to-end control, leading to oversight lapses.
  • “In a single organization…there’s an adult that can make that decision. But… so many separate parties engaged, stuff like that either falls through the cracks or somebody just makes a decision to move forward because time is always against them.”
    — Mike Carr, [16:20]

• Vulnerability Examples

  • Unapproved wireless hotspots
  • Documented and undocumented access added for convenience
  • "That can lead to unknown attack vulnerabilities."
    — Mike Carr, [17:13]

Attacker Motivations and High-Value Targets

• Financial Gain & Ransomware

  • Attacks on event payment systems, ransomware threats, and operational disruption are prime incentives for criminals.
  • “The ability to turn off an event that the whole world is watching presents a lot of time and financial pressure for an organization to… succumb to those demands.”
    — Mike Carr, [17:55]

• Hacktivism & Visibility

  • High-profile events are targets for actors seeking attention: “If you have something you want to make the world hear and you turn off the thing that everybody's watching, you kind of have their undivided attention.”
    — Mike Carr, [18:22]

Implementation vs. Planning

• From Blueprint to Reality

  • Challenging to execute “whiteboard” plans under real-world pressures: "…there's the perfect world that you want to live in… and then there's the reality of the situation when you get there and the patch cable's 20 ft too short or the WiFi doesn't reach."
    — Mike Carr, [19:08]

• Event Deadlines Are Immutable

  • "The opening ceremonies happen when they happen, there's no putting them off for a day."
    — Dave Bittner, [19:37]

• 100% Uptime Needed

  • Referencing the Super Bowl power outage: "Everything has to go right for this to work… The folks that are running these events have to be right 100% of the time. And security vulnerabilities, attackers only have to be right once."
    — Mike Carr, [19:56]

Lessons for Other Organizations

• You Are a Target

  • Even small or seemingly unimportant organizations should consider themselves targets: “You are specifically being attacked, and you need to act as if that is the case.”
    — Mike Carr, [20:42]

• Preparation and Awareness

  • Comprehensively understanding your environment is essential—especially when there’s no clear owner.

• Supply Chain Complexity

  • Modern Olympics represent a tangled web of technology supply chains: “This is a tangle of supply chains… so many interconnecting parts that have to all function together to make an Olympic Games possible.”
    — Dave Bittner, [22:00]

• Digital Evolution

  • Contrast with past analog Olympics; increased digitization complicates logistics and increases risk.
  • "My dad went to the 1984 Olympics in LA… he had a paper ticket in his hand… The world was a different place."
    — Mike Carr, [22:27]

Final Takeaway

• Active Security Posture
  • “Security is no accident. It's an active thing we have to be paying attention to, and it comes in a lot of knowns and also a lot of unknowns. And so taking some time to evaluate the whole environment is key.”
    — Mike Carr, [23:49]

Memorable Moment: The Base Jumper's "AI Alibi"

[25:16–26:45]

• Story: California thrill-seeker Jack Propek allegedly base-jumped from Yosemite’s Glacier Point during a government shutdown, posting the stunt on Instagram.
• Defense: Denied it was him, claiming "artificial intelligence had pasted his face onto the footage."
  • “Propek denied being the jumper, claiming—wait for it—artificial intelligence had pasted his face onto the footage. Park rangers were unconvinced; base jumping is illegal in national parks, and officials say shutdown or not, the rules still apply.”
    — Dave Bittner, [25:48]
• Punchline: "Gravity having already had its say."

Notable Quotes with Timestamps

• “Compromised perimeter devices can provide fast access to internal systems.” — Dave Bittner, [02:44]
• “Security is no accident. It's an active thing we have to be paying attention to, and it comes in a lot of knowns and also a lot of unknowns.” — Mike Carr, [23:49]
• “You are specifically being attacked, and you need to act as if that is the case.” — Mike Carr, [20:42]
• “Everything has to go right for this to work…The folks that are running these events have to be right 100% of the time. And security vulnerabilities, attackers only have to be right once.” — Mike Carr, [19:56]
• “Propek denied being the jumper, claiming—wait for it—artificial intelligence had pasted his face onto the footage.” — Dave Bittner, [25:48]

Segment Timestamps

• [02:00] – CISA directive on edge device security
• [04:00] – Congress, DHS, and infrastructure security
• [08:00] – Konpet cyberattack, Flickr data exposure
• [11:30] – EU threatens major fine for TikTok
• [12:30] – DKnife and OpenClaw AI threats
• [15:07–23:59] – Interview: Mike Carr on Olympics cybersecurity
• [25:16] – The base jumper’s AI alibi attempt

Summary / Takeaway

This packed episode highlights growing pressures on critical infrastructure to update vulnerable edge devices, increased government action bolstering energy sector defenses, serious concerns about privacy and AI tool abuse, and the compounded risks of major global events like the Olympics. The interview with Mike Carr underscores the unique cybersecurity challenges of large, temporary, multi-party environments, stressing the need for vigilance, preparation, and clarity of responsibility. The episode ends with a humorous—but telling—nod to the new era of “AI excuses” for real-world transgressions.