Read all about it—or maybe not. - CyberWire Daily

Summary6 min read

CyberWire Daily: "Read all about it—or maybe not."
Release Date: February 10, 2025
Host: Dave Bittner, N2K Networks

Introduction

In the February 10, 2025 episode of CyberWire Daily, host Dave Bittner delivers a comprehensive briefing on the latest cybersecurity developments. Covering significant cyber attacks, advancements in artificial intelligence, cross-border cybersecurity cooperation, and notable legal actions, the episode provides valuable insights for industry professionals and enthusiasts alike. Additionally, guest Mike Woodward from Digital AI discusses strategies to mitigate risks associated with AI implementation.

Key Cybersecurity News

1. Cyber Attack Disrupts Lee Enterprises' Publishing Operations

A major cyber attack targeted Lee Enterprises, a prominent news media company managing over 70 daily newspapers and 350 other publications across 25 states. The assault led to printing delays, website malfunctions, and the issuance of smaller newspaper editions. Notable impacts include:

Affected Publications: Daily Progress, La Crosse Tribune, and Atlantic City presses.
Response: Lee Enterprises notified law enforcement but withheld details about the cause or perpetrators.
Ongoing Investigation: The company highlighted the complexity of the attack, anticipating a resolution might take weeks.

Quote:
"The complexity of such cyber attacks means resolving them could take weeks," – Dave Bittner [02:45].

2. Major AI Summit in Paris

Hosted by French President Emmanuel Macron and Indian Prime Minister Narendra Modi, the AI summit in Paris aims to establish a global consensus on AI ethics, safety, and sustainability. Key discussions include:

China's Role: The introduction of China's Deep Seq chatbot challenges U.S. dominance in the AI sector.
U.S. Policies: President Trump's emphasis on deregulation and maintaining U.S. supremacy may impede international agreements.
European Initiatives: France seeks to position Europe as a pivotal AI player, supporting open-source projects like Startup Mistral.

Quote:
"Balancing AI's potential benefits with its inherent risks is crucial for future governance," – Dave Bittner [05:30].

3. Federal Judge Restricts DOGE from Treasury Department Systems

A federal judge, Paul A. Engelmeier, has barred Elon Musk's Department of Government Efficiency Doge from accessing Treasury Department systems due to cybersecurity concerns. The ruling follows objections from 19 state attorneys general who argued that Musk's team's access could expose sensitive financial data.

Legal Background: Musk's team, composed of young coders, was granted access without thorough vetting.
Potential Risks: Increased vulnerability to hacking by foreign adversaries such as China and Russia.
Next Steps: A hearing scheduled for February 14 will determine future actions.

Quote:
"Musk's team risks exposing sensitive financial data," – Dave Bittner [09:15].

4. Strong Cybersecurity Cooperation Between Canada and the U.S.

Despite political tensions, cybersecurity collaboration between Canada and the United States remains robust. Rajiv Gupta, head of the Canadian Centre for Cybersecurity, emphasized the nonpartisan nature of protecting critical infrastructure.

Collaborative Efforts: Daily cooperation with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to defend shared assets like pipelines and financial systems.
Challenges: Concerns over U.S. policy shifts, including President Trump's rhetoric and controversial appointments, as well as gaps in Canada's private sector defense oversight.

Quote:
"Protecting critical infrastructure is a nonpartisan issue," – Rajiv Gupta [12:00].

5. Kraken Ransomware Group Leaks Cisco Credentials

The Kraken ransomware group has reportedly leaked hashed passwords from Cisco's internal network, including domain user accounts and administrator credentials. This breach poses significant risks:

Potential Exploits: Attackers could escalate privileges and move laterally within Cisco's network.
Mitigation Recommendations: Immediate password resets, disabling NTLM authentication, enforcing multi-factor authentication, and vigilant monitoring of access logs.

Quote:
"The leaked data could allow attackers to escalate privileges within Cisco's network," – Dave Bittner [14:10].

6. Europol Urges Banks to Adopt Quantum-Safe Cryptography

With the advancement of quantum computing, Europol has called on Europe's financial sector to prepare for quantum-safe cryptography to counter "store now, decrypt later" attacks.

Recommendations: Prioritize quantum-safe cryptography, enhance stakeholder coordination, and boost cross-border collaboration.
Industry Impact: Financial institutions must integrate new encryption standards alongside existing ones to protect sensitive data against future quantum threats.

Quote:
"Financial institutions must adopt new encryption standards to safeguard against future quantum threats," – Dave Bittner [16:50].

7. Microsoft Expands Copilot Bug Bounty Program

Microsoft has broadened its Copilot Bug Bounty program to include more consumer products and increased reward amounts:

Reward Structure: Up to $30,000 for critical vulnerabilities and $5,000 for medium security flaws.
Eligibility: Vulnerabilities such as model manipulation, code injection, authentication flaws, and improper access control.
Integration: The program is now linked with Microsoft's online services BugBar for consistent evaluation.

Quote:
"Researchers can now earn up to $30,000 for critical vulnerabilities," – Dave Bittner [18:15].

8. Major Outage Hits PlayStation Network

Over the weekend, the PlayStation Network experienced a significant outage affecting login access, online gaming, the PlayStation Store, and other services. Popular games like Call of Duty and Fortnite were rendered unplayable.

Resolution: Sony has restored all services, though the cause of the prolonged outage remains undisclosed.

Quote:
"The reason behind the prolonged outage remains unknown," – Dave Bittner [20:00].

9. Indiana Man Sentenced for $37 Million Cryptocurrency Fraud

Evan Frederick Light, 22, from Lebanon, Indiana, has been sentenced to 20 years in federal prison for conspiracy to commit wire fraud and money laundering. His crimes involved:

Modus Operandi: Infiltrating a Sioux Falls investment firm, stealing cryptocurrency from nearly 600 victims, and obscuring his tracks through mixing services and gambling sites.
Restitution: Ordered to pay at least $37 million in restitution.
Impact: U.S. Attorney Allison Ramsdell and FBI Special Agent Alvin Winston Sr. highlighted the severe consequences of cybercrime.

Quote:
"The devastating impact of cybercrime underscores the importance of robust cybersecurity measures," – Dave Bittner [21:30].

Guest Interview: Mike Woodward on AI Implementation and Security

Guest: Mike Woodward, VP of Product Management for App Security at Digital AI
Topic: Strategies to Minimize Risk When Implementing AI

Approach to AI Implementation

Mike Woodward emphasizes the importance of a measured approach to integrating AI within organizations:

Experimentation Phase: Companies are eager to explore AI's capabilities but often lack comprehensive knowledge on its applications.
Incremental Adoption: Depending on organizational size, AI implementation should start within specific divisions or teams rather than a company-wide rollout.

Quote:
"We're in the phase of experimenting to figure out what makes the most sense for an organization overall," – Mike Woodward [14:23].

Security Recommendations for AI Systems

Woodward outlines several best practices to secure AI implementations:

Robust Authentication and Authorization: Ensure that interactions with AI systems are secure and that users have appropriate access levels.
Encryption: Protect data transmission to prevent man-in-the-middle attacks.
Regular Updates: Keep software up-to-date to mitigate vulnerabilities.
Protecting AI Models: Safeguard the intellectual property of AI algorithms to prevent exfiltration.
Proactive Monitoring: Detect and respond to anomalies, such as unexpected data transmissions.

Quote:
"Implementing robust authentication and encryption is essential to maintain the integrity and privacy of your system," – Mike Woodward [15:14].

Balancing AI Enthusiasm with Security Needs

Woodward discusses the tension between the desire to leverage AI's potential and the necessity of maintaining security protocols:

User Education: Training users to recognize and interact safely with AI systems is crucial, akin to phishing awareness campaigns.
Organizational Communication: Security teams should communicate AI's benefits and limitations to organizational leaders to ensure informed decision-making.

Quote:
"AI holds a lot of promise, but it's not a silver bullet," – Mike Woodward [21:05].

Conclusion

The episode of CyberWire Daily provides a thorough overview of pressing cybersecurity issues, from significant cyber attacks and AI advancements to international cooperation and legal actions against cybercriminals. The insightful discussion with Mike Woodward underscores the importance of secure AI implementation, highlighting strategies to balance innovation with robust security measures. As cyber threats continue to evolve, staying informed and proactive remains essential for safeguarding digital assets and infrastructure.

Stay tuned for tomorrow's episode of CyberWire Daily for more in-depth cybersecurity news and analysis.

Loading summary

Transcript13 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire network, powered by N2K. Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers, so I decided to try Deleteme. I have to say, DeleteMe is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data Privacy is protected. DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your delete me plan when you go to JoinDeleteMe.com N2K and use promo code N2K at checkout. The only way to get 20% off is to go to JoinDeleteMe.comN2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K A cyber attack disrupts newspaper publishing A major AI summit takes place in Paris this week. A federal judge restricts DOGE from accessing Treasury Department systems. Cybersecurity cooperation between Canada and the U.S. remains strong. The Kraken ransomware group leaks credentials allegedly linked to Cisco. Europol urges banks to start preparing for quantum safe cryptography. Microsoft expands its Copilot bug Bounty program. The PlayStation Network experienced a major outage over the weekend. An Indiana man has been sentenced to 20 years for $37 million of cryptocurrency fraud. Our guest is Mike Woodward from Digital AI Sharing Strategies to Minimize Risk when implementing AI and Hunting for length and complexity in WI Fi Password Foreign It's Monday, February 10, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It is great to have you with us. A cyber attack last week disrupted operations at Lee Enterprises, a major news media company owning over 70 daily newspapers and 350 other publications across 25 states. The attack caused printing delays website issues and forced some newspapers to publish smaller editions. Papers like the Daily Progress and the La Crosse Tribune couldn't print for days, while the press of Atlantic City had been unavailable to print since February 1st. Some subscribers also faced access issues online. Lee Enterprises confirmed the cybersecurity event and notified law enforcement, but did not disclose the cause or perpetrator. The Omaha World Herald continued publishing, but with modified editions, and the Buffalo News faced delays and altered content layouts. Despite these setbacks, editors assured readers that normal service would resume as soon as possible. The company is still investigating the incident, emphasizing the complexity of such cyber attacks, which may take weeks to resolve. A major AI summit in Paris will bring together world leaders, tech executives and researchers to discuss the future of artificial intelligence. Hosted by French President Emmanuel Macron and Indian Prime Minister Narendra Modi, the event aims to balance AI's potential benefits with its risks. The summit follows previous AI governance meetings but seeks broader commitments on ethics, safety, and sustainability. A major focus is China's Deep Seq chatbot, which challenges U.S. dominance in AI. Meanwhile, President Trump's AI policies emphasizing deregulation and U.S. supremacy may hinder global consensus. France hopes to position Europe as a key AI player supporting open source initiatives like Startup Mistral. However, tensions between the EU and US Tech giants could complicate agreements. A federal judge has ordered Elon Musk's Department of Government Efficiency Doge to cease accessing Treasury Department systems over cybersecurity concerns. Judge Paul A. Engelmeier ruled that Musk's team risked exposing sensitive financial data and making treasury systems more vulnerable to hacking. The ruling follows concerns from 19 state attorneys general who argued that Musk's access violated federal laws and the Constitution. The controversy stems from the Trump administration's granting Musk's team, composed of young coders, access to Treasury's payment systems with minimal vetting. Experts warn this could create an entry point for foreign adversaries like China and Russia. A hearing on February 14 will determine next steps. Musk called the judge corrupt on X Twitter, claiming Doge has pushed reforms including better payment tracking. His X Twitter profile now humorously labels him White House tech support. Canada's tech publication the Logic examines cybersecurity cooperation between Canada and the U.S. despite political tensions, the relationship remains strong. Rajiv Gupta, head of the Canadian Centre for Cybersecurity, emphasized that protecting critical infrastructure is a nonpartisan issue. His agency collaborates daily with its US Counterpart, cisa to defend shared assets like pipelines, telecom networks and financial systems. However, concerns persist about U.S. policy shifts, particularly President Trump's rhetoric about annexing Canada and controversial appointments. Like Tulsi Gabbard leading US Intelligence, the Five Eyes intelligence alliance may be weakening. Meanwhile, Canada faces cybersecurity challenges, including gaps in private sector defense oversight and delays in implementing a unified cyber incident reporting system. Despite setbacks, Gupta believes more organizations now recognize cybersecurity risks. His agency remains focused on advising businesses, though like CISA it lacks regulatory authority. With cyber threats rising, continued U S Canada security collaboration remains crucial. A data breach has reportedly exposed sensitive credentials from Cisco's internal network, with the new Kraken ransomware group leaking hashed passwords from its Windows Active Directory environment. The leaked data set includes domain user accounts, administrator credentials and NTLM password hashes, which could allow attackers to escalate privileges and move laterally within Cisco's network. Researchers believe the data was extracted using tools like mimikatz or hashdump, commonly used by cybercriminals and nation state actors. Cisco has yet to confirm the breach, but security experts recommend immediate countermeasures, including forced password resets, disabling NTLM authentication, enforcing multi factor authentication, and monitoring access logs for suspicious activity. Europol has urged Europe's financial sector to start preparing for quantum safe cryptography as the threat of store now decrypt later attacks grows. These attacks involve stealing encrypted data today with plans to decrypt it once quantum computers become powerful enough to break current encryption methods. Although cryptographically relevant quantum computers are still a decade or more away, rapid advancements could accelerate their arrival. Europol's Quantum Safe Financial Forum outlined five key recommendations, including prioritizing quantum safe cryptography, improving stakeholder coordination, and increasing cross border collaboration. The US has already introduced post quantum cryptography standards and and the UK banking sector has warned of the risks. With 64% of banks facing cyberattacks last year, financial institutions must adopt new encryption standards alongside existing ones to ensure a smooth transition and safeguard sensitive financial data from future quantum threats. Microsoft has expanded its Copilot Bug Bounty program to cover more consumer products and offer higher rewards. Researchers can now earn up to $30,000 for critical vulnerabilities, while medium security flaws can fetch up to $5,000, an increase from previous payouts. Eligible vulnerabilities include model manipulation, code injection, authentication flaws and improper access control. Microsoft has also integrated the Bounty program with its online services bugbar for a more consistent evaluation process. The company encourages researchers to participate in securing the Copilot ecosystem. My teenage son alerted me to the fact that the PlayStation Network experienced a major outage over the weekend, disrupting login access, online Gaming, the PlayStation Store, and more. Across all PlayStation platforms, popular titles like Call of Duty and Fortnite were unplayable, and users struggled with account management, purchases and streaming services. Sony has now restored all services, but the reason behind the prolonged outage remains unknown. Evan Frederick Light, age 22, of Lebanon, Indiana, was sentenced to 20 years in federal prison for conspiracy to commit wire fraud and money laundering. Following his guilty plea in September of last year, he was also ordered to pay at least $37 million in restitution for stealing cryptocurrency from nearly 600 victims. In February 2022, light infiltrated a Sioux Falls investment firm, using stolen credentials to access client accounts and exfiltrate personally identifiable information. He then transferred stolen funds through mixing services and gambling sites to obscure his identity. U.S. attorney Allison Ramsdell and FBI Special Agent Alvin Winston Sr. Emphasized the devastating impact of cybercrime and praised investigators for recovering a substantial portion of the stolen cryptocurrency. Mr. Light remains in U.S. marshal's custody. Coming up after the break, Mike Woodward from From Digital AI shares strategies to minimize risk when implementing AI and hunting for length and complexity in Wi fi passwords Stay with us. Cyber threats are evolving every second, and staying ahead is more than just a challenge, it's a necessity. That's why we're thrilled to partner with ThreatLocker, the cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit threatlocker.com today to see how a default deny approach can keep your company safe and compliant.
[12:55]
Mike Woodward
Foreign.
[13:03]
Dave Bittner
Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. More than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off Mike Woodward is VP of Product Management for App Security at Digital AI. I recently caught up with him to discuss minimizing risk when implementing AI.
[14:23]
Mike Woodward
I think we see lots of enthusiasm. We see less knowledge about where it might help. I think we're kind of in the let's kick the tires on some things, do some experimentation, figure out what makes sense. And probably depending on the size of the organization, let's not try to do everything at once. So you know you may be trying it in, you know, one division or trying something with your engineering team, the DevOps folks may be trying something else. But figuring out what's going to make the most sense for an organization overall is, I think, where we are right now.
[15:06]
Dave Bittner
Well, you and your colleagues there have some recommendations for folks to approach this in a secure way. What are some of the things you all recommend?
[15:15]
Mike Woodward
So there are some very normal things that you would think of when you're thinking about any kind of system. So implementing robust authentication and authorization, you know, you certainly want to make sure that who you think you're interacting with is really that person or that system and that they're only able to do the things that you expect them to be able to do. I mean, that's regardless of what kind of system you're doing, that, you know, is always a good place to start maintaining kind of the integrity and the privacy of your system. So using appropriate controls on your systems and encryption for passing packets back and forth, you can prevent man in the middle attacks, things like that, for those systems doing regular updates and patches, you certainly want to stay up to date with your Software. And when CVEs come out, make sure that all of those have been taken care of in your systems. And those are some of the kind of the things that everybody does everywhere or should do everywhere. But then when we get to AI, there's some things that are maybe a little bit more special in terms of securing the models and the algorithms. These are, you know, the intellectual property, the secret sauce, you know, that some of the threat actors would want to get to. And so making sure that there's not a way in the system for somebody to exfiltrate that data. When you think, you know, that you think that they shouldn't be able to, you want to make sure that they really can't. And also proactively monitoring your systems to make sure that anomalies show up. If all of a sudden you see a lot of data going out, when you expect data to just go out in paragraphs at a time or something like that, those things should be monitored so that you can catch it and stop it, so you can investigate it.
[17:31]
Dave Bittner
How big a part do you suppose that user education plays here, reminding folks to, to be careful what you put into that AI system?
[17:41]
Mike Woodward
Well, it depends on who you're trying to protect at that point. The users certainly need to know if their data is going to be held confidentially. Certainly you don't want to be interacting with a pseudo AI or imposter AI and be giving Health information, personal information of whatever sort. And so I think we need some of the same kind of campaigns for interacting with AIs that, you know, many organizations have for identifying phishing attempts or something like that. So that, you know, you just have to be a little bit on the lookout for things that, you know, seem a little bit suspicious. So certainly things like that.
[18:32]
Dave Bittner
It seems to me like there's this tension right now between people's understanding that there are security issues with AI, but then also this desire to use it for as many things as possible. Or else risk being left behind.
[18:49]
Mike Woodward
Yeah, the risk being left behind. You know, nobody wants to think about that. You know, this is, this is arguably the biggest wave that we've had in a long time. And if you want a good ride, you're going to have to make sure you catch this one. But again, in that experimentation phase, the generative AIs have not been available in the mainstream for very long. People don't know exactly what to do with it. They don't understand exactly how it's going to help them or how much it's going to help them. They also have probably visions in their heads of, you know, the Matrix or something else. And not knowing, you know, is. Is AI going to be our ultimate downfall? So all kinds of things that, that are kind of personal intrinsics come into play here when people are thinking about what to do with it and how fast and what to trust it with.
[19:50]
Dave Bittner
Do you have any recommendations for the security folks when it comes to communicating to the powers that be in their organization? They're seeing that enthusiasm come, let's say, from the board of directors, who sends down a mandate that it's going to be AI all the time. How do you balance that with the real world need to keep things safe?
[20:12]
Mike Woodward
Well, there are probably some things that you can do, and it's like, okay, what are we trying to accomplish with AI? And, and make sure that, that we've, we're able to look at the results a little bit down the road and say, are we getting what we thought we were getting for our investment, for one thing. Another thing is if you're starting to look at, you know, vendors to make sure that, that you vet them properly, you know, you work with your legal team and find out what we can do and what we can't do in terms of consuming various AI models and sharing or not sharing our data with the wider population, there are several things there that I think you can do that maybe just tapping the brakes a little bit and alerting maybe that board of directors. That AI holds a lot of promise, but it's not a silver bullet and it's not something that you can just say, oh, just turn it on and we'll be good all over.
[21:20]
Dave Bittner
Our thanks to Mike Woodward from Digital AI for joining us. And now a message from our sponsor, Zscaler, the leader in cloud security Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever With AI tools, it's time to rethink your security. Zscaler Zero Trust AI stops attackers by hiding your attack surface, making apps and IPs invisible, eliminating lateral movement Connecting users only to specific apps, not the entire network Continuously verifying every request based on identity and context Simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions hackers can't attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more@zscaler.com Security I can say to my new Samsung Galaxy S25 Ultra, hey, find a keto friendly restaurant nearby and text it to Beth and Steve. And it does without me lifting a finger so I can get in more squats and anywhere I can. 1, 2, 3. Will that be cash or credit? Credit. 4 Galaxy S25 Ultra the AI companion that does the heavy lifting. So you can do you get yours@samsung.com compatible select apps requires Google Gemini account Results may vary based on input. Check responses for accuracy. And finally, researcher Jason Jacobs assigned himself a weekend project to look for the longest and most complex WI fi passwords out there. As you do, coming through a data set of over 31 million actual Wi fi passwords people have actually used, Jacobs came up with a scoring system to rank length and complexity. He set his script loose on the data set, sat back and waited. In terms of length, number one was supercalifragilisticexpialidocious respect. But then there were others. A random string of numbers and letters that looked like an encryption key. A weird mix of words that Jacobs assumed was someone's attempt at speaking alien. And finally, something that looked suspiciously like a NASA project name. Turning to complexity, the number one most complex WI fi password wasn't just a password. It was an actual hacking attempt. Someone somewhere set their WI fi password as a full blown JavaScript hacking script. This means that if a badly built system ever tried to store it without protection, it could actually trigger a security exploit. This is cyberpunk level trolling. Runners up included the scientific name for a chemical compound and a mix of words that sounded like a German hacker's email address. So what did Jacob's weekend project teach him? People use some wildly creative passwords and some terrifying ones. Someone actually thought using a cross site scripting attack payload as their WI FI password was a great idea. Stay safe out there friends. And that's the Cyber Wire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilby is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.