Ransomware as a public health crisis. - CyberWire Daily

Summary6 min read

CyberWire Daily: "Ransomware as a Public Health Crisis"

Release Date: November 12, 2024
Host: Dave Buettner
Guest: Tim Starks, Senior Reporter at Cyberscoop
Produced by: N2K Networks

Introduction

In this episode of CyberWire Daily, host Dave Buettner delves into the alarming intersection of cybersecurity and public health, framing ransomware attacks as a burgeoning public health crisis. The episode also features an insightful interview with Tim Starks from Cyberscoop, who provides expert analysis on the implications of a second Trump administration for the cybersecurity landscape.

Ransomware: A Public Health Emergency

Ann Neuberger's UN Security Council Address

Timestamp: [05:30]

Ann Neuberger, Deputy National Security Advisor, emphasized at the United Nations Security Council that ransomware is no longer merely a cybersecurity issue but a significant public health crisis. She highlighted the severe impact on healthcare systems worldwide, citing that ransomware incidents have disrupted patient care and delayed medical procedures.

Global and National Impact

Timestamp: [06:15]

Neuberger pointed out that ransomware groups like Black Cat and Lockbit have been responsible for over 30% of global healthcare-related attacks in recent years. The FBI reported 249 ransomware attacks on U.S. healthcare facilities in 2023 alone, underscoring the urgency of the situation.

U.S. Response Strategy

Timestamp: [07:00]

The United States has adopted a multi-faceted approach to counteract ransomware threats:

Strengthening Cyber Defenses: Enhancing the resilience of critical infrastructure.
National Security Threat Classification: Treating ransomware as a national security issue.
Diplomatic Efforts: Targeting safe havens for cybercriminals, particularly those linked to Russian entities.

Neuberger criticized the Russian government for allegedly providing a refuge for cybercriminals, thereby exacerbating the ransomware menace.

International Collaboration and Challenges

Timestamp: [08:20]

A joint statement from 54 UN member states called for collective action to bolster cybersecurity measures, especially within the healthcare and emergency services sectors. Despite these efforts, the effectiveness of U.S. leadership remains uncertain, potentially impacting the global fight against ransomware.

Notable Quote:

"Ransomware poses an unprecedented threat to public health systems worldwide, disrupting essential services and endangering lives." — Ann Neuberger [05:35]

Key Cybersecurity Incidents and Updates

Amazon’s MoveIt Data Breach
- Timestamp: [09:00]

Amazon disclosed a data breach involving MoveIt, a cloud data management tool used by a vendor managing Amazon’s property data. The breach exposed employee names, contact information, and office locations but did not compromise sensitive data like Social Security numbers. Amazon assured that their internal systems remain secure, and the vendor has resolved the vulnerability linked to an older zero-day exploit.

SAP’s Security Patches
- Timestamp: [10:45]

SAP released multiple security updates addressing critical vulnerabilities, including a high-severity cross-site scripting flaw in Web Dispatcher (severity score 8.8). This vulnerability, exploitable by unauthenticated attackers, could lead to full system compromises. SAP urged immediate patching to mitigate risks.

North Korean Malware in macOS Applications
- Timestamp: [12:30]

Researchers from JAMF uncovered malware embedded in macOS applications developed using open-source SDKs, specifically targeting the cryptocurrency sector. The malware, resembling North Korea's Lazarus Group tactics, exploited Apple's notarization process to bypass security checks. Although the malicious domain returned a 404 error during analysis, its association with prior North Korean campaigns for blockchain engineering attacks confirmed its origin.

Hot Topic Data Breach
- Timestamp: [14:10]

Retail giant Hot Topic experienced a data breach affecting over 54 million customers, including data from affiliated brands like Boxlunch and Torrid. The breach, originating from malware that compromised third-party cloud service credentials, exposed emails, phone numbers, addresses, and encrypted credit card information. The data was initially offered for ransom on dark web forums before being sold at reduced prices.

Halliburton’s $35 Million Ransomware Attack
- Timestamp: [16:00]

Energy services company Halliburton reported a ransomware incident incurring a $35 million cost. The attack disrupted access to business systems, resulting in lost revenue and a slight dip in earnings per share. Halliburton engaged external cybersecurity advisors and law enforcement but has not disclosed details regarding data theft or ransom payments.

Emerging YMIR Ransomware
- Timestamp: [17:45]

Kaspersky researchers identified a new ransomware family, YMIR, which targets systems previously compromised by RustyStealer malware. YMIR operates entirely from memory, evading traditional detection mechanisms, and employs the ChaCha20 encryption algorithm. While it hints at data exfiltration, no data leak site has been confirmed, though its methodologies suggest a growing threat.

Interview with Tim Starks: Cybersecurity under a Second Trump Administration

Anticipated Chaos and Policy Shifts

Timestamp: [18:56]

Dave Buettner initiates a discussion with Tim Starks about the potential impact of a second Trump term on cybersecurity policies. Starks predicts increased chaos, drawing parallels to the tumultuous nature of Trump's first administration. He suggests that many of the regulatory guardrails established during the previous term may not persist, leading to more unpredictable cybersecurity landscapes.

Impact on Agencies like CISA

Timestamp: [20:10]

Starks discusses the possible undermining of the Cybersecurity and Infrastructure Security Agency (CISA). He notes that the Trump administration may attempt to strip CISA of its election security mission, reflecting ongoing tensions between the agency and the administration. However, he acknowledges that such changes could be limited given CISA's integral role and existing budgetary allocations.

Bipartisanship in Cybersecurity

Timestamp: [21:35]

Addressing the notion of bipartisan support for cybersecurity, Starks challenges its extent, citing partisan conflicts that date back further than commonly perceived. While some aspects, like minimum cybersecurity standards for critical infrastructure, receive cross-party support, underlying tensions persist, particularly regarding the authority and independence of cybersecurity agencies.

Regulatory and Organizational Changes

Timestamp: [22:50]

Starks anticipates that Trump may favor consolidating power within cybersecurity agencies, potentially reducing their independence. He also speculates on the fate of initiatives like the Office of National Cyber Director and forthcoming executive orders on cybersecurity, highlighting the uncertainty surrounding their future under a Trump administration.

Notable Quotes:

"Ransomware poses an unprecedented threat to public health systems worldwide, disrupting essential services and endangering lives." — Ann Neuberger [05:35]

"We might see more chaos, to be honest. A lot of the people who were putting on the guardrails are probably not going to be around." — Tim Starks [18:56]

"There's some innate resistance that I think that might have been already under Biden and could continue based on what we saw from Trump last time around toward that particular office." — Tim Starks [22:15]

Conclusion

The episode underscores the critical intersection between cybersecurity and public health, highlighting the devastating impact of ransomware on healthcare systems. Through expert insights from Ann Neuberger and Tim Starks, listeners gain a comprehensive understanding of the current threats, ongoing incidents, and the geopolitical dynamics influencing the cybersecurity landscape. The discussion also provides a foresight into how a potential return of Donald Trump to the presidency could reshape cybersecurity policies and agency structures, emphasizing the need for robust defenses and international cooperation in combating cyber threats.

Additional Notes

Data Protection Offers:
- KnowBe4 and Vanta were mentioned as sponsors providing cybersecurity tools and compliance solutions.
Secret Service Warrant Debate:
- An internal controversy within the Secret Service regarding the legality and ethics of using online surveillance tools without warrants was briefly covered, highlighting ongoing debates over privacy and law enforcement practices.

For more detailed insights and daily updates on cybersecurity threats and strategies, subscribe to CyberWire Daily by N2K Networks.

Loading summary

Transcript22 lines

[00:02]
Dave Buettner
You're listening to the Cyberwire network, powered by N2K. Hey everybody, Dave here. I want to talk about our sponsor, LegalZoom. You know, I started my first business back in the early 90s and oh, what I would have done to have been able to have the services of an organization like LegalZoom back then. Just getting all of those business ducks in a row, all of that technical stuff, the legal stuff, the registrations of the business, the taxes, all of those things that you need to go through when you're starting a business, the hard stuff, the stuff that sucks up your time when you just want to get that business launched and out there. Well, LegalZoom has everything you need to launch, run and protect your business all in one place. And they save you from wasting hours making sense of all that legal stuff. Launch, run and protect your business. To make it Official today@legalzoom.com you can use promo code CYBERTEN to get 10% off any LegalZoom business information product, excluding subscriptions and renewals that expires at the end of this year. Get everything you need from set up to success@legalzoom.com and use promo code CYBER10. That's legalzoom.com and promo code CYBER10. Legalzoom provides access to independent attorneys and self service tools. Legalzoom is not a law firm and does not provide legal advice except where authorized through its subsidiary law firm LZ Legal Services llc. At the UN Ann Neuberger frames ransomware as a grant Growing public health crisis. Amazon confirms a MoveIt related data breach. SAP provides patches and mitigations for a variety of flaws. Researchers identify North Korean hackers embedding malware in macOS applications. Hot Topic confirms a data breach affecting over 54 million customers. Halliburton reports a $35 million ransomware event. Yamir Ransomware follows in the footsteps of Rusty Steeler. A Venezuelan man gets 25 years for romance Scam Kid. Our guest is Tim Starks from cyberscoop, sharing what he's hearing from Washington insiders as they prepare for the next Trump administration. And the Secret Service wonders if warrants are really required. It's Tuesday, November 12, 2024. I'm Dave Buettner and this is your Cyberwire Intel Brief. Thank you for joining us here today. It is great to have you with us. Ransomware is emerging as a public health crisis, not just a cybersecurity issue. According to a Biden administration official's remarks at the United Nations Security Council. Ann Neuberger, Deputy National Security Advisor, highlighted the increasing danger ransomware poses especially to healthcare systems, and called out Russia for allegedly sheltering cyber criminals behind ransomware attacks. In a joint statement, 54 UN member states urged collective action to bolster cybersecurity and protect critical infrastructure, particularly in healthcare and emergency services. Neuberger pointed to major attacks by ransomware groups like Black Cat and Lockbit, which accounted for over 30% of global health care ransomware incidents in recent years, including attacks on hospitals in Croatia and France. The FBI recorded 249 ransomware attacks on US healthcare in 2023 alone, severely disrupting patient care and delaying medical procedures. The US has responded with a multi pronged strategy, strengthening American cyber defenses, treating ransomware as a national security threat, and using diplomacy to disrupt SAF havens for cybercriminals. The Counter Ransomware initiative, involving dozens of nations has made headway, with 41 countries pledging not to pay ransoms. However, Russian President Vladimir Putin's regime allegedly uses ransomware groups as deniable assets, allowing attacks as long as they avoid Russian interests. As the international community steps up efforts, the uncertain future of U.S. leadership in combating ransomware may impact the global fight against this escalating cybercrime. Amazon confirmed a data breach exposing employee names, work contact information and office locations, which appeared on a crime forum. The source of the breach was identified as MoveIt, the cloud data management tool. Through a vendor managing Amazon's property data. Amazon stated its own systems are secure and emphasized that no sensitive employee data such as Social Security numbers or financial information was exposed. The vendor has reportedly resolved the vulnerability tied to an older zero day in MoveIt transfer software. SAP released eight new and two updated security notes in its November 2024 updates, with a high priority focus on a cross site scripting vulnerability in Web dispatcher, scoring 8.8 in severity. This flaw, exploitable by unauthenticated attackers, could allow full system compromise through cross site scripting and SSRF attacks. SAP advises users to update or mitigate by disabling the admin ui. Another high priority update addresses an issue in product design cost estimating, preventing unauthorized data access. SAP urges immediate patching to protect systems Researchers at JAMF have identified North Korean hackers embedding malware in macOS applications developed using an open source SDK, particularly targeting cryptocurrency sectors. This malware discovered on VirusTotal was initially undetected due to heavy code obfuscation, especially in apps built with Google's Flutter framework. JAMF found three malware versions written in Golang, Python and Flutter, with techniques and infrastructure closely resembling North Korea's Lazarus Group. The malware exploited Apple's notarization process, bypassing security checks, and was hidden within a cloned version of the Minesweeper game. Although the malware triggered a URL request to a malicious domain, the domain returned a 404 error by the time of analysis. This same domain was previously associated with a North Korean campaign targeting blockchain engineers, reinforcing the attribution to North Korea's financially motivated cyber activities. Form I9 Compliance, a company that handles employee eligibility verification, reported a significant data breach impacting over 193,000 individuals, up from their initial estimate of 27,000. The breach, detected in April but dating back to February, exposed sensitive data, including names and Social Security numbers. Impacted individuals are being offered free identity theft protection and credit monitoring. It remains uncertain if ransomware was involved, and no group has claimed responsibility for the attack. Hot Topic suffered a significant data breach affecting over 54 million customers, exposing sensitive information like emails, phone numbers, addresses and weekly encrypted credit card data. The breach includes data from affiliated brands, Boxlunch and Torrid, and spans from 2011 through October of this year. Initially posted for ransom on a dark Web forum, the data was later offered for sale at a reduced price. Researchers believe the breach originated from malware that compromised credentials for Hot Topics third party cloud services granting attackers access to sensitive data. The threat actor, using aliases, promoted the breach across multiple forums, targeting a wide audience of potential buyers. Halliburton, a major energy services company, reported a $35 million cost due to an August ransomware attack, revealing the financial toll of cyber threats. The breach caused disruptions limiting access to some business systems and led to lost revenue, impacting earnings by $0.02 per share. Although Halliburton's quarterly revenue reached $5.7 billion, the incident underscores the financial risks of ransomware. Halliburton activated a cybersecurity response involving external advisors and law enforcement, but further details about stolen data or ransom payments remain unclear. Researchers at Kaspersky say a new ransomware family Emir has emerged targeting systems previously compromised by the RustyStealer malware. Initially documented in 2021, RustyStealer is a credential harvesting tool that enables hackers to infiltrate systems using tools like Windows remote management and PowerShell for lateral movement. Once access is established, YMIR ransomware is deployed, executing entirely from memory to evade detection. It uses the ChaCha20 encryption algorithm, appending random extensions to encrypted files and creating ransom notes in PDF format. YMIR also modifies the Windows registry to display extortion demands on startup. Although Ymir hints at data exfiltration, it lacks a confirmed data leak site. With Rusty Steeler serving as an access broker, YMIR could soon pose a widespread threat. Researchers note Ymir's in memory execution and use of unusual tools as notable elements. In a report from Govinfo Security cybersecurity experts warn that threat actors are preparing for potential shifts under a second Trump presidency, with Russia expected to intensify hacktivism and cyberattacks against pro Western regions, particularly in the Balkans and oldova. Experts anticipate AI powered disinformation campaigns across Europe, with Moscow aiming to destabilize governments aligning with the EU in the Middle East, Iran may escalate attacks on Western infrastructure, while regional groups ramp up DDoS efforts against Israel's allies. A renewed Trump administration might alter federal cyber policy, impacting NATO alliances and possibly leaving vulnerabilities in ransomware prevention efforts developed under President Biden. Additionally, China and North Korea are expected to increase attacks. China could target critical infrastructure similar to the SALT typhoon campaign, while North Korea focuses on cryptocurrency theft to fund cyber capabilities. Experts stress the importance of robust defenses, with CISA playing a critical role in safeguarding government and guiding private sector cybersecurity to combat evolving threats during this transitional period. DV Jose Rodriguez Delgado, a Venezuelan known as Sebastian, was sentenced to 25 years for luring US citizens via online dating platforms into hostage situations in the Dominican Republic. Between July 5 and July 30 of 2022, Delgado kidnapped three victims, coercing them into vehicles where accomplices joined to hold them at knife point. Victims were forced to call family and friends, pleading for ransom payments directed to Delgado's online accounts, such as cash app hostages, were robbed and released only after payments were received. An Investigation launched in August 2022 by Dominican authorities traced a kidnapping vehicle back to Delgado, resulting in his arrest on September 14th. Police found serrated knives in the vehicle linking him to the crimes. This case underscores the dangers of online dating scams, with Delgado exploiting romance to trap and extort his victim. Coming up after the break, Tim Starks from cyberscoop joins us to discuss what he's hearing from Washington insiders as they prepare for the next Trump administration. Stay with us.
[14:03]
Tim Starks
And now a word from our sponsor. Knowbefore it's all connected and we're not talking conspiracy theories. When it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training KnowBe4, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. KnowBe4's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco 35. Vendor integrations and Counting Security Coach analyzes your Security Stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint identity or web security vendors. Then coach your users at the moment the risky behavior occurs, with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbefore.com SecurityCoach that's knowbefore.com SecurityCoach and we thank KnowBe4 for sponsoring our show.
[15:36]
Dave Buettner
Do you know the status of your compliance controls right now? Like right now? We know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off. And joining me once again is Tim Starks. He is senior reporter at cyberscoop. Tim, welcome back.
[16:50]
Tim Starks
Mighty Dave Buettner, good to see you.
[16:53]
Dave Buettner
It's always about the pleasure is mine, sir. The pleasure is mine as you and I record this. It is just a few days after the big US Presidential election here and of course, Donald Trump was victorious in his effort to be the next president of the United States. You are my man on the ground when it comes to having the inside Track in Washington, D.C. what are you hearing? How are folks in Cyber anticipating a second Trump term?
[17:25]
Tim Starks
Well, they've been anticipating the possibility of this for a while and so have I. I've written at least a couple stories about what we might expect out of the Trump administration. One was a little more focused on the kind of personnel that he might be looking to hire, and another was focused, you know, it was around the time of the Republican National Convention and examining what few tea leaves we could read from the platform. But there are tea leaves to be read and there are people who have insight on what's going on. And one thing to keep in mind when we're talking about Donald Trump is he is ideologically unpredictable. You might think, oh, he's talking about cutting the size of government and he is, but does that mean he'll necessarily cut the cybersecurity budget? Those are some of the questions that people have. I'm happy to talk about where I think philosophically some things will land.
[18:18]
Dave Buettner
Yeah, well, I don't think it's controversial or unusual to say that in his last term a lot of things were chaotic in the Trump White House. I've spoken to folks in the intelligence community about the challenges that they faced interacting with the Trump White House and just trying to do their day to day jobs of keeping the US Safe and looking out for our allies as well. I'd love to hear your opinion of how do you think things are going to repeat what we had the last time and may we see some change?
[18:56]
Tim Starks
Yeah, I mean, I think, I think we'll see more chaos, to be honest. I mean, I think that's a across the board prediction that we're seeing from a lot of people for good reason. A lot of the people who might have been putting on the guardrails for Trump in the last administration, those people are probably not going to be around this time. Most of them have said they don't want that, they don't want him to be president. So he's going to find new people, people who will probably be more compliant with what he, what he wants. I think we can say safely that he has now a personal investment in Chinese hackers, specifically that he might not have had prior. He's always been talking about China. He's always been talking about that issue. But now with the confirmed news accounts of Chinese hackers trying to get into his phone, we know he's animated by personal grievance at times and that means he might be looking to ramp that up. At the same time, there's some conflicting personal grievances. He still probably has hard feelings toward cisa, the sub Security and Fiscal Security Agency over what happened at the end of his last term, where the leader of that agency undermines some of his election security claims. And so if you look at that combined with what has happened with Project 2025, whether you take that as gospel for what the Trump administration wants to do or not, I think it's fair to say it's a reflection of at least some of the things that the Trump administration believes. And that is an area where they basically have talked about really undercutting cisa, taking away its election security mission. And I think you could see that being in effect on CISA as an entity. At the same time, I was talking to somebody who had served in both administrations, and they had said that's still a pretty small percentage of CISA's budget. So what CIS's role will be going forward is a good question. Whether the regulation they have pertaining to the Cybersecurity Incident Notification Law, circea, whether that might get curtailed or rolled back, that's a source of speculation from people I'm talking to. There's a broader regulatory question we can get into. That's what we just started there. There's the question of what kind of new entities that they've been, that new things that have cropped up since they were around, things like the Office of National Cyber Director, that's something they haven't dealt with. The AI Executive Order. There's a whole host of things. And then there's this sort of general approach to things that could be different, how they handle these issues, not just philosophically, but tactically.
[21:23]
Dave Buettner
I think a lot of folks took comfort in the fact that for a long time cybersecurity was enjoyed bipartisan support, broad bipartisan support. To what degree these years later is that still the case?
[21:42]
Tim Starks
I think it's always been a little overstated that that's the case personally. That's my personal viewpoint. I think that there's been partisan conflict that you can point to on cyber going back a long way. But I do think it's fair to say it's been less political than some other issues. I think if you look at the way CISA has been treated by Republicans versus Democrats, there are some Republicans that are very still much in favor of CISA organizationally and what role I think it is. But then you have senators like Senator Rand Paul who simply refuses to give it any new authorities because he's so hostile toward it. I think that there's some issues that are still bipartisan, specifically between Trump and Biden. If we're looking at a continuation. If you looked at the RNC platform, they did talk about wanting minimum standards for cybersecurity for critical infrastructure sectors. That is something that this administration, the Biden administration has really, really pushed hard. Now, are there going to be degrees of difference? I think so. I think there are going to be levels of this that Trump might be more comfortable with than Biden in terms of how far they want to go or how far they don't want to go. So there are areas where I think there is some bipartisanship. I think that there's some, interestingly enough, one of the somewhat bipartisan elements of what might be going on with, say, the responsibilities of the Office of National Cyber Director is that, you know, Trump got rid of a White House role for cyber, the cyber czar. The Biden administration had indicated behind the scenes that they did not really want this office. And so there might be some weird sort of bipartisanship in a sort of negative direction toward one of the agencies that does this. Now, that doesn't mean that this entity is the same as the entity that Trump had. It's a different entity. So there might be some ways in which he's more open to it, but. But there's some innate resistance that I think that might have to be overcome that hard already existed under Biden and could continue based on what we saw from Trump last time around toward that particular office.
[23:36]
Dave Buettner
Do you have any sense for the folks that you've talked to, that given the type of chaos that we saw in the first Trump administration, that they've been using this time to prepare for the possibility of President Trump's return to be in a better place to handle that particular kind of chaos?
[23:59]
Tim Starks
Yeah, maybe not on cyber specifically, because they, you know, everybody I've talked to has suggested that this is a. There are other priorities they have, let's say, let's take even an example of within specific agencies within our world. The SEC's cybersecurity regulations are very, very controversial, very divisive. But at the sec, Trump is going to have different things he's going to be wanting to figure out is what I've been told people are thinking about thinking who's going to even lead the sec. And there's also issues related to independence of agencies. That's something that could actually enhance the chaos. If you're talking about agencies that had had a sort of independent standing, how much will Trump saying he wants to rein them in and put them under his control more directly, how much more chaotic does that get? I suppose you could see more cohesion in a roundabout sort of way. If that's the case, going back to the thing you said about bipartisanship, I'll say that I think it's not necessarily the case that the executive order that the Biden administration is putting together, the second executive order on Cybersecurity is dead on arrival because it's touching on things that to some degree happened under the Trump administration. There are some similar issues that they're touching on there. It's not a, it's not so much a matter of like this is a, we're going to put in some more place, some more regulations which we might run into some bipartisanship about. It's about how do we want to secure our government. And some of those things could have carryover. So in terms of how much chaos there is, I think one of the things that another thing that someone told me, same person I mentioned this before, who worked in both administrations, said, you know, the Biden administration was very top down in terms of how it managed things that led to some order perhaps, but also some stifling of things that might bubble up from beneath and ideas that people might have. So in some ways that could have been a little more chaotic, especially at the agency level, because you're talking about a difference of approach and how much chaos there is in that. Whereas with the prior administration, the sentiment was here's our goals, agencies, go figure it out. And that may be less orderly, but it also may, in a roundabout sort of way, be less chaotic for the agencies themselves because they're not coming up with ideas and then having them shut down, then having to go back to the drawing board. They're coming up with the ideas and they're being trusted to come up with those things.
[26:21]
Dave Buettner
All right, well, as we always say, time will tell. Tim Starks.
[26:26]
Tim Starks
Time will, in fact, tell.
[26:30]
Dave Buettner
Tim Starks is senior reporter at cyberscoop. Tim, thanks so much for joining us.
[26:34]
Tim Starks
Thanks, Tim.
[26:49]
Dave Buettner
And now a word from our sponsor, NordPass. NordPass is an advanced password manager from the team behind NordVPN designed to help keep your business safe from data leaks and cyber threats. It gives your IT professionals control over who has access to your company's data and makes it easy for everyone else on your team to use strong passwords. Right now you can go to www.nordpass.com cyberwire for 35% off the NordPass business yearly plan. Don't miss out on that. And finally, in a piece for 404 Media, Joseph Cox describes internal emails which reveal that Secret Service officials disagreed over whether using an online surveillance tool required a warrant, sparking illegal and ethical debate within the agency. The app collects user location data from ordinary smartphone apps, which is then sold to third parties like Babel Street. Some Secret Service staff argued that agreeing to an app's terms of service effectively waives user privacy, while others questioned whether the practice violated the Fourth Amendment, referencing the Carpenter v. U.S. supreme Court ruling, which requires a warrant for cell site data. Babel street claimed no warrant was necessary since data was opt in and hashed, supposedly keeping users anonymous, though a demonstration showed the tool could track individuals based on unique identifiers. Despite growing criticisms, including from Senator Ron Wyden, the Secret Service maintained it followed applicable laws. As the great musical philosopher Tom Waits said, the large print giveth and the small print taketh away. And that's the Cyberwire for links to all of today's stories, check out our daily briefing@the cyberwire.com don't forget to check out the Grumpy Old Geeks podcast, where I contribute to a regular segment on Jason and Brian's show every week. You can find Grumpy Old Geek, where all the fine podcasts are listed. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwiren2k.com we're privileged that N2K Cyberwire is part of the daily routine of the most influential leaders and operators and public and private sector. From the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies, N2K makes it easy for companies to optimize your biggest investment your people. We make you smarter about your teams while making your team smarter. Learn how@n2k.com this episode was produced by Liz Stokes. Our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Iban. Our executive editor is Brandon Karp. Simone Petrella is our president, Peter Kilpie is our publisher and I'm Dave Buettner. Thanks for listening. We'll see you back here tomorrow. The IT world used to be simpler.
[30:41]
Tim Starks
You only had to secure and manage environments that you controlled.
[30:45]
Dave Buettner
Then came new technologies and new ways to work.
[30:49]
Tim Starks
Now employees, apps and networks are everywhere.
[30:52]
Dave Buettner
This means poor visibility, security gaps and added risk. That's why Cloudflare created the first ever connectivity cloud.
[31:01]
Tim Starks
Visit cloudflare.com to protect your business Everywhere you do business.