Pentagon hits fast-forward on software certs. - CyberWire Daily

Summary8 min read

CyberWire Daily: Pentagon Hits Fast-Forward on Software Certs
Released on April 25, 2025

Introduction

In the April 25, 2025 episode of CyberWire Daily, hosted by N2K Networks, a comprehensive overview of the latest developments in the cybersecurity landscape is presented. This episode, titled "Pentagon hits fast-forward on software certs," delves into significant industry news, including major cyberattacks, regulatory investigations, vulnerabilities in critical systems, and innovations shaping the future of cybersecurity. Additionally, the episode features an insightful discussion on the RSAC Innovation Sandbox, highlighting emerging trends and breakthroughs from industry leaders.

Major News Highlights

1. Pentagon Introduces "Swift" for Software Certification

The U.S. Department of Defense is revolutionizing its software approval process with a new system named Swift. Announced by Acting CIO Katy Arrington, Swift leverages artificial intelligence to expedite the certification of software for Defense Department networks, a task that previously took months or even years.

Katy Arrington (04:35): "The old risk management framework and ATO process are stupid and archaic. It's time for a change."

Under this initiative, software vendors will submit security information and software bills of materials to the government’s eMASS system, where AI tools will automatically review the data and issue provisional Authorities to Operate (ATOs) much faster than manual processes allowed. The move also mandates third-party certifications to ensure comprehensive verification.

2. Work Composer Data Breach Exposes 21 Million Screenshots

A significant privacy incident has impacted Work Composer, a widely used employee monitoring tool. Cybersecurity researchers uncovered that over 21 million real-time screenshots were inadvertently exposed on the open internet via an unsecured Amazon S3 bucket. These screenshots captured sensitive employee activities, including emails, passwords, and proprietary company data.

Dave Bittner (04:58): "This leak highlights a bigger issue. Too many companies still don't grasp the shared responsibility model for cloud security."

With more than 200,000 users, the potential risks include identity theft, scams, and fraud, although there is currently no evidence of unauthorized access to the images. Experts emphasize the importance of securing cloud databases to prevent such high-profile breaches.

3. US Launches Antitrust Investigation into TP-Link

The U.S. government has initiated a criminal antitrust investigation into TP-Link, a California-based router manufacturer with Chinese affiliations. Prosecutors are examining whether TP-Link engaged in predatory pricing to dominate the U.S. market and assessing if its expanding presence poses national security threats. This probe, which began under the Biden administration, continues into the Trump era. Concurrently, the Commerce Department is investigating TP-Link’s connections to China. While TP-Link denies any wrongdoing, the investigations are ongoing and could continue for several years.

4. Healthcare Sector Suffers Major Data Breaches

Two significant data breaches in the healthcare sector have come to light:

Yale New Haven Health is notifying 5.5 million individuals after a cyberattack in March compromised data from a third-party vendor, Perry Johnson and Associates. Stolen information includes names, medical records, and Social Security numbers.
Frederick Health in Maryland reported a breach affecting nearly 1 million patients. Hackers accessed sensitive data such as addresses, birth dates, and insurance information by infiltrating the network between December 2023 and January 2024.

These incidents underscore the persistent vulnerabilities associated with third-party vendors and the interconnected nature of healthcare IT systems. Affected individuals are being urged to remain vigilant against identity theft and fraud.

5. South Korea's SK Telecom Confirms Cyberattack

SK Telecom, serving 34 million subscribers, confirmed a cyberattack on April 19 that exposed sensitive SIM card data. The breach occurred late on a Saturday night, exploiting staffing gaps to bypass security measures. While no names or financial details were leaked, the stolen SIM information could facilitate SIM swap attacks. Although SK Telecom detected and contained the malware swiftly, the company faced criticism for delayed customer notifications and has pledged to enhance its security protocols moving forward.

6. Critical Zero-Day Vulnerability in SAP Applications

A zero-day vulnerability has been identified, posing risks to over 10,000 SAP applications. This flaw, which scored a perfect 10 out of 10 on the CVSS scale, allows unauthenticated attackers to upload malicious binaries via the Visual Composer metadata uploader in SAP Netweaver. Discovered by ReliaQuest, the vulnerability has been exploited using malicious JSP web shells, enabling full endpoint control, payload deployment, and lateral movement across networks.

Dave Bittner (05:35): "Experts warn that the vulnerability could lead to espionage, sabotage, and fraud across cloud and on-prem environments."

Although SAP has released a patch, the ease of exploitation necessitates immediate action from organizations to secure exposed systems and mitigate potential threats.

7. Emerging Security Risks in AI Agents

As AI agents become integral to online tasks, new research highlights significant security vulnerabilities:

Extension Total discovered that a suspicious Chrome extension was communicating with a local model context protocol (MCP) server without user consent. This extension could potentially bypass browser sandboxing and manipulate local systems, accessing sensitive data or performing unauthorized actions.

Dave Bittner (07:00): "This discovery exposes a major new attack surface, especially in environments where MCP servers link to services like Slack, WhatsApp, or local file systems."

Security teams are advised to monitor and secure AI infrastructure to prevent unauthorized access and exploitation.

8. Policy Puppetry Attack Bypasses AI Safeguards

Hidden Layer, an AI security firm, revealed a new attack method dubbed Policy Puppetry, which can circumvent the safety guardrails of major generative AI models. By formatting malicious prompts to resemble policy files (e.g., XML, INI, JSON), attackers can override system instructions, enabling AI models to produce restricted or harmful content.

Dave Bittner (07:45): "Policy Puppetry shows that today's LLM training and alignment methods still have critical gaps."

The firm successfully tested this attack on models from OpenAI, Anthropic, Google, and Meta, highlighting the urgent need for additional security layers to protect against such vulnerabilities.

9. Data Breach Class Action Settlements Reach $155 Million

New research from Panaceer indicates that U.S. companies have disbursed $155 million in data breach class action settlements over the past six months. Analyzing lawsuits filed between August 2024 and February 2025, the study found 43 new filings and 73 settlements, averaging approximately $3 million each. The healthcare, finance, and retail sectors were the hardest hit, with most lawsuits citing inadequate security measures, encryption failures, and delayed breach notifications.

Dave Bittner (09:00): "Panaceer stresses that strong, demonstrable cybersecurity practices are now critical for legal defense."

This trend underscores the financial and reputational risks associated with data breaches and the importance of robust cybersecurity frameworks.

RSAC Innovation Sandbox: Accelerating Cybersecurity Innovation

Overview

A significant portion of the episode is dedicated to the RSAC Innovation Sandbox, a prestigious contest held during the RSA Conference (RSAC) 2025. Hosts Cecilia Marinier, Vice President at RSAC, and David Chen, Head of Global Technology Investment Banking at Morgan Stanley, discuss the event's 20th anniversary and its role in fostering cutting-edge cybersecurity solutions.

Interview Highlights

Cecilia Marinier (14:05): Expresses enthusiasm for the 20th anniversary of the Innovation Sandbox, emphasizing its importance in celebrating and amplifying cybersecurity innovation.
David Chen (14:17): Highlights the global significance of RSAC and the Innovation Sandbox, noting that past winners have become industry stars and have significantly impacted the cybersecurity landscape.
Dave Bittner (16:48): Describes the Innovation Sandbox format, where entrepreneurs have three minutes to pitch their ideas to a panel of expert judges, aiming to identify forward-thinking companies addressing contemporary cybersecurity challenges.

Key Themes in Innovations

David Chen identifies three main themes emerging from the top 10 finalists in the Innovation Sandbox contest:

Securing the Use of AI:
With the rapid adoption of AI technologies, ensuring their secure implementation is paramount. Challenges include visualizing AI applications, controlling access, and implementing appropriate data safeguards.
Embedded Systems and Hardware Security:
As industries integrate more embedded systems and hardware, vulnerabilities in these areas present significant security risks. This is especially critical in environments adopting next-generation machinery and robotics.
Automating Security Operations Centers (SoC):
Addressing the labor shortage in cybersecurity, innovations focus on automating processes within SoCs to enhance efficiency, reduce response times, and enable proactive threat hunting.

David Chen (17:22): "Cybersecurity was number one, even actually above AI, believe it or not. And so I think that combined with the escalating cyber threatscape just makes this an incredibly vibrant sector."

These themes reflect the evolving priorities in the cybersecurity industry, emphasizing the need for robust AI security, hardware protection, and operational efficiency.

Event Details

The Innovation Sandbox contest is set to commence at the Moscone Center on Monday, April 28, starting at 9:30 AM, with winners to be announced later that day. The event promises to showcase the most innovative and impactful cybersecurity solutions, providing a platform for startups and established companies to demonstrate their advancements.

Dave Bittner (21:45): "It's so impressive how many companies are out there really working on these challenging problems."

Conclusion

The April 25, 2025, episode of CyberWire Daily provides a deep dive into critical cybersecurity issues ranging from governmental policy changes and major data breaches to innovative solutions propelling the industry forward. The discussion on the RSAC Innovation Sandbox underscores the dynamic nature of cybersecurity, highlighting the continuous effort to stay ahead of emerging threats through innovation and collaboration. For cybersecurity professionals and enthusiasts alike, this episode offers valuable insights into the current state and future directions of the field.

Notable Quotes:

Katy Arrington (04:35): "The old risk management framework and ATO process are stupid and archaic. It's time for a change."
Dave Bittner (04:58): "This leak highlights a bigger issue. Too many companies still don't grasp the shared responsibility model for cloud security."
Dave Bittner (05:35): "Experts warn that the vulnerability could lead to espionage, sabotage, and fraud across cloud and on-prem environments."
Dave Bittner (07:00): "This discovery exposes a major new attack surface, especially in environments where MCP servers link to services like Slack, WhatsApp, or local file systems."
Dave Bittner (07:45): "Policy Puppetry shows that today's LLM training and alignment methods still have critical gaps."
Dave Bittner (09:00): "Panaceer stresses that strong, demonstrable cybersecurity practices are now critical for legal defense."
David Chen (17:22): "Cybersecurity was number one, even actually above AI, believe it or not. And so I think that combined with the escalating cyber threatscape just makes this an incredibly vibrant sector."
Dave Bittner (21:45): "It's so impressive how many companies are out there really working on these challenging problems."

For more detailed insights and ongoing updates in the cybersecurity realm, tune into future episodes of CyberWire Daily.

Loading summary

Transcript22 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire network, powered by N2K.
[00:12]
Cecilia Marinier
And now a word from our sponsor. Spy Cloud Identity is the new battleground and attackers are exploiting stolen identities to infiltrate your organization. Traditional defenses can't keep up. Spy Cloud's holistic identity threat protection helps security teams uncover and automatically remediate hidden exposures across your users from breaches, malware and phishing to neutralize identity based threats like account takeover, fraud and ransomware. Don't let invisible threats compromise your business. Get your free corporate Darknet exposure report@spycloud.com cyberwire and see what attackers already know. That's spycloud.com cyberwire the Defense Department is launching a new fast Track software approval process. A popular employee monitoring tool exposes over 21 million real time screenshots. The US opens a criminal antitrust investigation into router maker TP Link. A pair of health data breaches affect over 6 million people. South Korea's SK Telecom confirms a cyber attack. A critical zero day puts thousands of SAP applications at potential risk. Researchers raise concerns over AI agents performing unauthorized actions. Policy puppetry can break the safety guardrails of all major generative AI models. New research tallies the high costs of data breaches. A preview of the RSAC Innovation Sandbox with Cecilia Marinier, vice president at RSAC and David Chen, head of global technology investment banking at Morgan Stanley and stocking hard drives full of human knowledge just in case. It's Friday, April 25th, 2025. I'm Dave Buettner and this is your Cyberwire Intel Brief.
[02:29]
David Chen
Foreign.
[02:36]
Cecilia Marinier
Thanks for joining us here today. Happy Friday. It is great to have you with us. The Pentagon is giving its software approval process a serious makeover. Acting CIO Katy Arrington announced a new system called Swift that will use AI to speed up the months or even years it currently takes to certify software for Defense Department networks. Speaking at an industry event, Errington didn't hold back. She called the old risk management framework and ATO process stupid and archaic and said it's time for a change. Under Swift, software vendors will upload security info and software bills of material into the government's emass system. AI tools will review the data automatically, aiming to issue a provisional ATO much faster than a human could. Third party certification will also be required to make sure everything checks out. Arrington said the official memo launching Swift is being signed now, with industry feedback coming next. Her message was I want the RMF eliminated. A major privacy mess has hit Work Composer, a popular employee monitoring tool. Cyber News Researchers discovered that the company had exposed over 21 million real time screenshots on the open Internet Internet through an unsecured Amazon S3 bucket. These screenshots captured everything employees were doing emails, passwords, sensitive communications, even proprietary company data. Work Composer, which tracks remote workers by logging hours and snapping a screenshot every 20 seconds, boasts over 200,000 users. While there's no evidence yet that hackers accessed the images, the risk for identity theft, scams and wire fraud is huge. This leak highlights a bigger issue. Too many companies still don't grasp the shared responsibility model for cloud security. Experts are again urging businesses to properly lock down their databases or risk joining the growing list of high profile breaches. The US Is conducting a criminal antitrust investigation into TP Link, a California based router maker with Chinese ties. Prosecutors are looking at whether TP Link used predatory pricing to dominate the US Market and whether its growing presence poses national security risks. The probe began under Biden and continues under President Trump. Meanwhile, the Commerce Department is separately investigating TP Link's China connections. TP Link denies wrongdoing but says it will cooperate if contacted. No charges have been filed yet and the investigations could take years. Two major healthcare data breaches are making headlines Yale New Haven Health is notifying five and a half million people after a March cyber attack on a third party vendor, Perry Johnson and Associates. Stolen data includes names, medical records and Social Security numbers. Meanwhile, Frederick Health in Maryland reported a breach impacting nearly 1 million patients. Hackers accessed sensitive data like addresses, birth dates and insurance information after infiltrating Frederick Health's network between December 2023 and January 2024. Both breaches highlight the ongoing risk posed by third party vendors and healthcare systems reliance on interconnected networks. Officials are urging affected individuals to stay alert for identity theft and fraud. South Korea's SK Telecom, serving 34 million subscribers, confirmed a cyber attack on April 19 that exposed sensitive SIM card data. The breach, timed late on a Saturday night, bypassed staffing gaps while no names or financial details leaked. Stolen SIM info could enable SIM swap attacks. SK Telecom detected and contained the malware quickly, but admitted millions may be at risk. After some criticism over slow customer notifications, the company apologize and pledged to boost its security moving forward. A critical zero day vulnerability is putting over 10,000 SAP applications at risk. The flaw scored a perfect 10 out of 10 on the CVSS scale allows unauthenticated attackers to upload malicious binaries through the Visual Composer metadata uploader in SAP. Netweaver ReliaQuest discovered the bug after investigating breaches where even fully patched systems were compromised. Attackers used malicious JSP web shells to gain full control of endpoints, deploy payloads, and move laterally across Networks. Tools like BetterRettel and Heaven's Gate techniques were spotted during post exploitation. Experts warn that the vulnerability could lead to espionage, sabotage and fraud across cloud and even on prem environments. SAP has issued a patch, but concerns remain. Given how easily the flaw could be exploited. Organizations are urged to act quickly to secure exposed systems. AI agents are poised to make online tasks easier, but new research shows the underlying infrastructure could also create serious security risks. Researchers at Extension Total found a suspicious Chrome extension communicating with a local model context protocol server without user permission or detection. Mcp, developed by Anthropic, enables AI agents to interact with tools and resources in real time. However, because MCP servers use open HTTP connections by default, a malicious extension could access sensitive data or perform unauthorized actions. Researchers built a proof of concept showing how a Chrome extension could bypass browser sandboxing and manipulate local systems. This discovery exposes a major new attack surface, especially in environments where MCP servers link to services like Slack, WhatsApp, or local file systems. Security teams are being warned to take this emerging threat seriously. A new attack called Policy Puppetry can break the safety guardrails of all major generative AI models, according to AI security firm Hidden Layer. The technique tricks large language models into interpreting malicious prompts as policy files, bypassing their built in safeguards against producing harmful content. Hidden Layer successfully tested the attack on Top models from OpenAI, Anthropic, Google, Meta, and others. By formatting prompts to look like xml, ini, or JSON files, attackers can override system instructions and generate restricted outputs. This discovery highlights a major AI models can't reliably police themselves with universal jailbreaking now. Easier researchers warn that more external security layers are needed to defend against misuse. Policy Puppetry shows that today's LLM training and alignment methods still have critical gaps. New research From Panaceer shows US companies paid out $155 million in data breach class action settlements over just six months. Analyzing lawsuits filed between August 2024 and February 2025, researchers found 43 new filings and 73 settlements averaging about $3 million each. Healthcare, finance and retail sectors were hit hardest. Most lawsuits cited inadequate security, while encryption failures and delayed notifications also played roles. Panaceer stresses that strong, demonstrable cybersecurity practices are now critical for legal defense. Coming up after break, a preview of the RSAC Innovation Sandbox with Cecilia Marinier and David Chen and stocking hard drives full of human knowledge just in case. Stay with us. What's the common denominator in security incidents? Escalations and lateral movement. When a privileged account is compromised, attackers can seize control of critical assets with bad directory hygiene and years of technical debt. Identity attack paths are easy targets for threat actors to exploit, but hard for defenders to detect. This poses risk in active directory, entra ID and hybrid configurations. Identity leaders are reducing such risks with attack path management. You can learn how attack path management is connecting identity and security teams while reducing risk with Bloodhound Enterprise powered by Spectrops. Head to Spectrops IO today to learn more. Spectrops see your attack paths the way adversaries do. Do you know the status of your compliance controls right now? Right now we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off. As we are coming up on the RSAC 2025 conference, that means one of my favorite events of the year. It is the Innovation Sandbox Contest. And joining me to discuss that are Cecilia Marinier, Vice President at rsac, and David Chen, head of Global Technology Investment Banking at Morgan Stanley. Cecilia. Dave, thanks. So for taking the time for us today.
[14:06]
Dave Bittner
Yeah, thanks for having us. We're super excited to be here.
[14:08]
Cecilia Marinier
Well, Cecilia, let me start with you. It was brought to my attention that this is the 20th anniversary of the Innovation Sandbox. Boy, does time fly.
[14:18]
Dave Bittner
I know, and I've been here for 10 of these. So it is really exciting for us that we have been demonstrating year on year how to identify and celebrate and to amplify innovation in cybersecurity. It's so necessary. So it's such an exciting milestone for us. And yes, it is our 20th anniversary.
[14:36]
Cecilia Marinier
Well, for folks who may not be familiar with the Innovation Sandbox, can you describe it for us?
[14:42]
Dave Bittner
Absolutely. The Innovation Sandbox is a contest that runs about an hour and a half. Like once we get really going and the idea is to have identified 10 really forward thinking companies that can get up on stage. We make this a contest and make it really exciting by forcing the contestants, the entrepreneurs, to actually pitch in front of a slate of very important judges for three minutes. They only have three minutes, Dave. And so what they have to do is to get their entire story out, tell you who the product is aimed at, why they're different from somebody else, that they're ready to go to market, that they have the leadership team in place and they've had the market validation. That all has to happen in three minutes. If they don't make it happen in three minutes, there's this really ugly buzzer that comes on and nobody wants that. It's horrible. But after those three minutes, we let our judges like Dave actually ask questions to the entrepreneurs and that's for another three minutes and we're a lot looser there. We let them go to at least three minutes and five seconds.
[15:43]
Cecilia Marinier
Well, Dave, you are one of the judges this year. What made you decide that you wanted to take part in this?
[15:50]
David Chen
I mean, it was an incredible honor when Cecilia and the team at RSA reached out. I mean, this is the grand stage of cybersecurity. It's the biggest event in the world and it's a huge branded event that any company, whether it's your big large publicly traded company or you're some of the most innovative private companies, this is the place to be. It's ground zero for multiple decades. And then within the RSA conference, I've just been watching from afar for the last several years at how big the innovation sandbox has become. When you look at some of the winners that have come out of the sandbox, they've become unbelievable stars in the cybersecurity industry and have created a lot of value. And so it is a absolute honor to be a part and to be a judge this year.
[16:48]
Cecilia Marinier
Well, looking through the list of the finalists here, it is quite a list and a broad spectrum of offerings. Do we want to talk about some of the companies that have caught our eye here? I suppose. Is it fair to even single any of them out?
[17:05]
Dave Bittner
Well, I'm going to tap in here because I don't want Dave to single any of them out. They're all awesome because it's super important. We have a level playing field. Everybody comes into this with no winners or losers. But maybe, Dave, you can kind of share some ideas about some of the themes that you saw in the top 10.
[17:22]
David Chen
Yeah, I mean, certainly the Landscape for new innovation just really continues to proliferate. I mean, I think it's overall underscored by we had a recent IT survey and we do this every quarter and we ask CIOs, where are you spending? And for the fourth quarter of last year and then for the first quarter of this year, cybersecurity was number one, even actually above AI, believe it or not. And so I think that combined with the escalating cyber threatscape just makes this an incredibly vibrant sector. I mean, in terms of the submissions, maybe a few themes, I would say, like three main themes. One would be, you know, securing the use of AI. It's a wild, it's a wild west out there. And you know, it reminds me of, you know, spaces in cybersecurity like the CASB back in the day where you had the first onset of SaaS applications being used with corporates, you know, 15 years ago. And it was really difficult for large companies to really know what applications were actually being used across their infrastructure. So the same thing is happening in AI with LLM and identical applications. First of all, how do I even visualize what applications am I actually running then who can access them? And then do I have the right data controls around them? So that's the first theme. I think second would be, believe it or not, the industry has been really focused on software, but I think embedded systems and hardware remain a critical source of vulnerability that hackers can exploit. So certainly as we move to a more hybrid working environment, as we deploy next gen machines in warehouses on the shop floor, for example, and then the most exciting thing for me is like, as we enter this whole new era of humanoid robots, automated drone warfare, it's like a completely new world and we really don't have the right technology today to secure these systems. So that's where a lot of the innovation is that we have seen in a sandbox. And then the last one would just be automating the SoC. We continue to have a massive millions of labor shortage in cybersecurity, yet the threat environment continues to escalate. So whether you're an analyst in a proprietary stock at a big company, like a Fortune 500 company, or you work for an MSS provider and you're watching out for the networks of customers of small businesses, you need tools that give you like a workbench that can automate a lot of your processes so you can do more with less. You can kind of minimize that time to resolution and then you can be more proactive about things like threat hunting.
[20:12]
Cecilia Marinier
You Know, Cecilia, one of my favorite things about the innovation sandbox is not only is the event itself exciting and as you describe, you got three minutes to get up there to make your pitch, but it's also a great opportunity to see what is trending and to kind of have your finger on the pulse in this distilled way, to see what people are out there selling, what people are out there buying, and even how they're going about doing that, what the messaging is that they're using.
[20:42]
Dave Bittner
Yeah, absolutely. I think this is a place, when you think about where we've come, we had an a record number of submissions this year. We really made Dave work hard. We got him in here early and the first year out of the gate had to work harder than most and just to bring it down. It's so impressive how many companies are out there really working on these challenging problems. And when having this event adjudicated by experts like Dave, like Nilou Howe, like Chris Young, like Dori Dore, like Nazarene Razeh, like Paul Kocher, these, these are people who understand the industry and have their finger on the pulse. So when they're looking at these companies and they start to distill them down to these 10, it's really something to watch because they have worked hard to get here. The entrepreneurs work hard to build these solutions, they work hard to put their submissions in and then the judges work hard to identify where we're going in the future. So it's definitely worth the time to just see what's the hottest thing coming out.
[21:46]
Cecilia Marinier
Well, the contest kicks off at the Moscone center on Monday, April 28. It's at 9:30am and the winners will be announced later that same day. So get in line early. It's a popular event and one that you don't want to miss. Cecilia Marinier is vice president at rsac and David Chen is head of Global Technology Investment banking at Morgan Stanley. Cecilia. Dave, thanks so much for joining us today.
[22:13]
David Chen
Thank you so much.
[22:15]
Dave Bittner
Thank you, Dave.
[22:32]
Cecilia Marinier
Secure access is crucial for US public sector missions, ensuring that only authorized users can access certain systems, networks or data. Are your defenses ready? Cisco's security service Edge delivers comprehensive protection for your network. End users experience the power of zero trust and secure your workforce wherever they are. Elevate your security Strategy by visiting cisco.comgo.sse that's cisco.comgosse it's the end of the.
[23:17]
David Chen
World as we know it.
[23:19]
Cecilia Marinier
It's the end of the world as we know it. It's the end of the world as we know it. And I feel fine. And finally, instead, in cybersecurity, we always stress the importance of reliable backups, keeping your critical data safe, offline, and ready for anything from ransomware attacks to hardware failures. But what if your backup plan wasn't just for your business, but for civilization itself? That's the thinking behind the booming sales of prepper disks, hard drives stuffed with survival manuals, offline copies of Wikipedia, old movies, and more. Under Trump's presidency, a growing number of Americans aren't just backing up their files, they're backing up the world. Apparently, some Americans aren't just stocking canned beans, they're hoarding data just in case society pulls a 404 error. Vendors say demand for offline knowledge spiked after rising fears about Internet censorship, civil unrest, and, you know, general apocalypse vibes. These disks promise a digital Noah's Ark, everything you'd need to reboot civilization or at least win a heated trivia night in the wasteland. So while some folks buy gold or ammo, others are investing in terabytes of PDFs, 1980s sci fi and sourdough bread recipes. Because if civilization collapses, we still gotta eat and binge. Watch. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com I will be on site in San Francisco for RSAC 2025. If we cross paths, please stop and say hello. It's always nice to meet you. We'll see you there. Be sure to check out this weekend's research Saturday and my conversation with Crystal Morin, CyberSecurity Strategist from Sysdig. The research is titled UNC5174's Evolution in China's Ongoing Cyber Warfare from Snowlight to V Shell. That's Research Saturday. Do check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here next week. And now, a message from Black Cloak. Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home? Blackcloak's award winning digital executive protection platform secures their personal devices, home networks, and connected lives. Because when executives are compromised at home, your company is at risk. In fact, over one third of new members discover they've already been breached. Protect your executives and their families 247365 with Black Cloak. Learn more at BlackCloak IO.