Read all about it—or maybe not. - CyberWire Daily

Summary

CyberWire Daily: "Read all about it—or maybe not."
Release Date: February 10, 2025
Host: Dave Bittner, N2K Networks

Introduction

In the February 10, 2025 episode of CyberWire Daily, host Dave Bittner delivers a comprehensive briefing on the latest cybersecurity developments. Covering significant cyber attacks, advancements in artificial intelligence, cross-border cybersecurity cooperation, and notable legal actions, the episode provides valuable insights for industry professionals and enthusiasts alike. Additionally, guest Mike Woodward from Digital AI discusses strategies to mitigate risks associated with AI implementation.

Key Cybersecurity News

1. Cyber Attack Disrupts Lee Enterprises' Publishing Operations

A major cyber attack targeted Lee Enterprises, a prominent news media company managing over 70 daily newspapers and 350 other publications across 25 states. The assault led to printing delays, website malfunctions, and the issuance of smaller newspaper editions. Notable impacts include:

Affected Publications: Daily Progress, La Crosse Tribune, and Atlantic City presses.
Response: Lee Enterprises notified law enforcement but withheld details about the cause or perpetrators.
Ongoing Investigation: The company highlighted the complexity of the attack, anticipating a resolution might take weeks.

Quote:
"The complexity of such cyber attacks means resolving them could take weeks," – Dave Bittner [02:45].

2. Major AI Summit in Paris

Hosted by French President Emmanuel Macron and Indian Prime Minister Narendra Modi, the AI summit in Paris aims to establish a global consensus on AI ethics, safety, and sustainability. Key discussions include:

China's Role: The introduction of China's Deep Seq chatbot challenges U.S. dominance in the AI sector.
U.S. Policies: President Trump's emphasis on deregulation and maintaining U.S. supremacy may impede international agreements.
European Initiatives: France seeks to position Europe as a pivotal AI player, supporting open-source projects like Startup Mistral.

Quote:
"Balancing AI's potential benefits with its inherent risks is crucial for future governance," – Dave Bittner [05:30].

3. Federal Judge Restricts DOGE from Treasury Department Systems

A federal judge, Paul A. Engelmeier, has barred Elon Musk's Department of Government Efficiency Doge from accessing Treasury Department systems due to cybersecurity concerns. The ruling follows objections from 19 state attorneys general who argued that Musk's team's access could expose sensitive financial data.

Legal Background: Musk's team, composed of young coders, was granted access without thorough vetting.
Potential Risks: Increased vulnerability to hacking by foreign adversaries such as China and Russia.
Next Steps: A hearing scheduled for February 14 will determine future actions.

Quote:
"Musk's team risks exposing sensitive financial data," – Dave Bittner [09:15].

4. Strong Cybersecurity Cooperation Between Canada and the U.S.

Despite political tensions, cybersecurity collaboration between Canada and the United States remains robust. Rajiv Gupta, head of the Canadian Centre for Cybersecurity, emphasized the nonpartisan nature of protecting critical infrastructure.

Collaborative Efforts: Daily cooperation with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to defend shared assets like pipelines and financial systems.
Challenges: Concerns over U.S. policy shifts, including President Trump's rhetoric and controversial appointments, as well as gaps in Canada's private sector defense oversight.

Quote:
"Protecting critical infrastructure is a nonpartisan issue," – Rajiv Gupta [12:00].

5. Kraken Ransomware Group Leaks Cisco Credentials

The Kraken ransomware group has reportedly leaked hashed passwords from Cisco's internal network, including domain user accounts and administrator credentials. This breach poses significant risks:

Potential Exploits: Attackers could escalate privileges and move laterally within Cisco's network.
Mitigation Recommendations: Immediate password resets, disabling NTLM authentication, enforcing multi-factor authentication, and vigilant monitoring of access logs.

Quote:
"The leaked data could allow attackers to escalate privileges within Cisco's network," – Dave Bittner [14:10].

6. Europol Urges Banks to Adopt Quantum-Safe Cryptography

With the advancement of quantum computing, Europol has called on Europe's financial sector to prepare for quantum-safe cryptography to counter "store now, decrypt later" attacks.

Recommendations: Prioritize quantum-safe cryptography, enhance stakeholder coordination, and boost cross-border collaboration.
Industry Impact: Financial institutions must integrate new encryption standards alongside existing ones to protect sensitive data against future quantum threats.

Quote:
"Financial institutions must adopt new encryption standards to safeguard against future quantum threats," – Dave Bittner [16:50].

7. Microsoft Expands Copilot Bug Bounty Program

Microsoft has broadened its Copilot Bug Bounty program to include more consumer products and increased reward amounts:

Reward Structure: Up to $30,000 for critical vulnerabilities and $5,000 for medium security flaws.
Eligibility: Vulnerabilities such as model manipulation, code injection, authentication flaws, and improper access control.
Integration: The program is now linked with Microsoft's online services BugBar for consistent evaluation.

Quote:
"Researchers can now earn up to $30,000 for critical vulnerabilities," – Dave Bittner [18:15].

8. Major Outage Hits PlayStation Network

Over the weekend, the PlayStation Network experienced a significant outage affecting login access, online gaming, the PlayStation Store, and other services. Popular games like Call of Duty and Fortnite were rendered unplayable.

Resolution: Sony has restored all services, though the cause of the prolonged outage remains undisclosed.

Quote:
"The reason behind the prolonged outage remains unknown," – Dave Bittner [20:00].

9. Indiana Man Sentenced for $37 Million Cryptocurrency Fraud

Evan Frederick Light, 22, from Lebanon, Indiana, has been sentenced to 20 years in federal prison for conspiracy to commit wire fraud and money laundering. His crimes involved:

Modus Operandi: Infiltrating a Sioux Falls investment firm, stealing cryptocurrency from nearly 600 victims, and obscuring his tracks through mixing services and gambling sites.
Restitution: Ordered to pay at least $37 million in restitution.
Impact: U.S. Attorney Allison Ramsdell and FBI Special Agent Alvin Winston Sr. highlighted the severe consequences of cybercrime.

Quote:
"The devastating impact of cybercrime underscores the importance of robust cybersecurity measures," – Dave Bittner [21:30].

Guest Interview: Mike Woodward on AI Implementation and Security

Guest: Mike Woodward, VP of Product Management for App Security at Digital AI
Topic: Strategies to Minimize Risk When Implementing AI

Approach to AI Implementation

Mike Woodward emphasizes the importance of a measured approach to integrating AI within organizations:

Experimentation Phase: Companies are eager to explore AI's capabilities but often lack comprehensive knowledge on its applications.
Incremental Adoption: Depending on organizational size, AI implementation should start within specific divisions or teams rather than a company-wide rollout.

Quote:
"We're in the phase of experimenting to figure out what makes the most sense for an organization overall," – Mike Woodward [14:23].

Security Recommendations for AI Systems

Woodward outlines several best practices to secure AI implementations:

Robust Authentication and Authorization: Ensure that interactions with AI systems are secure and that users have appropriate access levels.
Encryption: Protect data transmission to prevent man-in-the-middle attacks.
Regular Updates: Keep software up-to-date to mitigate vulnerabilities.
Protecting AI Models: Safeguard the intellectual property of AI algorithms to prevent exfiltration.
Proactive Monitoring: Detect and respond to anomalies, such as unexpected data transmissions.

Quote:
"Implementing robust authentication and encryption is essential to maintain the integrity and privacy of your system," – Mike Woodward [15:14].

Balancing AI Enthusiasm with Security Needs

Woodward discusses the tension between the desire to leverage AI's potential and the necessity of maintaining security protocols:

User Education: Training users to recognize and interact safely with AI systems is crucial, akin to phishing awareness campaigns.
Organizational Communication: Security teams should communicate AI's benefits and limitations to organizational leaders to ensure informed decision-making.

Quote:
"AI holds a lot of promise, but it's not a silver bullet," – Mike Woodward [21:05].

Conclusion

The episode of CyberWire Daily provides a thorough overview of pressing cybersecurity issues, from significant cyber attacks and AI advancements to international cooperation and legal actions against cybercriminals. The insightful discussion with Mike Woodward underscores the importance of secure AI implementation, highlighting strategies to balance innovation with robust security measures. As cyber threats continue to evolve, staying informed and proactive remains essential for safeguarding digital assets and infrastructure.

Stay tuned for tomorrow's episode of CyberWire Daily for more in-depth cybersecurity news and analysis.

Transcript

Dave Bittner (0:02)

You're listening to the Cyberwire network, powered by N2K. Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers, so I decided to try Deleteme. I have to say, DeleteMe is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data Privacy is protected. DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your delete me plan when you go to JoinDeleteMe.com N2K and use promo code N2K at checkout. The only way to get 20% off is to go to JoinDeleteMe.comN2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K A cyber attack disrupts newspaper publishing A major AI summit takes place in Paris this week. A federal judge restricts DOGE from accessing Treasury Department systems. Cybersecurity cooperation between Canada and the U.S. remains strong. The Kraken ransomware group leaks credentials allegedly linked to Cisco. Europol urges banks to start preparing for quantum safe cryptography. Microsoft expands its Copilot bug Bounty program. The PlayStation Network experienced a major outage over the weekend. An Indiana man has been sentenced to 20 years for $37 million of cryptocurrency fraud. Our guest is Mike Woodward from Digital AI Sharing Strategies to Minimize Risk when implementing AI and Hunting for length and complexity in WI Fi Password Foreign It's Monday, February 10, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It is great to have you with us. A cyber attack last week disrupted operations at Lee Enterprises, a major news media company owning over 70 daily newspapers and 350 other publications across 25 states. The attack caused printing delays website issues and forced some newspapers to publish smaller editions. Papers like the Daily Progress and the La Crosse Tribune couldn't print for days, while the press of Atlantic City had been unavailable to print since February 1st. Some subscribers also faced access issues online. Lee Enterprises confirmed the cybersecurity event and notified law enforcement, but did not disclose the cause or perpetrator. The Omaha World Herald continued publishing, but with modified editions, and the Buffalo News faced delays and altered content layouts. Despite these setbacks, editors assured readers that normal service would resume as soon as possible. The company is still investigating the incident, emphasizing the complexity of such cyber attacks, which may take weeks to resolve. A major AI summit in Paris will bring together world leaders, tech executives and researchers to discuss the future of artificial intelligence. Hosted by French President Emmanuel Macron and Indian Prime Minister Narendra Modi, the event aims to balance AI's potential benefits with its risks. The summit follows previous AI governance meetings but seeks broader commitments on ethics, safety, and sustainability. A major focus is China's Deep Seq chatbot, which challenges U.S. dominance in AI. Meanwhile, President Trump's AI policies emphasizing deregulation and U.S. supremacy may hinder global consensus. France hopes to position Europe as a key AI player supporting open source initiatives like Startup Mistral. However, tensions between the EU and US Tech giants could complicate agreements. A federal judge has ordered Elon Musk's Department of Government Efficiency Doge to cease accessing Treasury Department systems over cybersecurity concerns. Judge Paul A. Engelmeier ruled that Musk's team risked exposing sensitive financial data and making treasury systems more vulnerable to hacking. The ruling follows concerns from 19 state attorneys general who argued that Musk's access violated federal laws and the Constitution. The controversy stems from the Trump administration's granting Musk's team, composed of young coders, access to Treasury's payment systems with minimal vetting. Experts warn this could create an entry point for foreign adversaries like China and Russia. A hearing on February 14 will determine next steps. Musk called the judge corrupt on X Twitter, claiming Doge has pushed reforms including better payment tracking. His X Twitter profile now humorously labels him White House tech support. Canada's tech publication the Logic examines cybersecurity cooperation between Canada and the U.S. despite political tensions, the relationship remains strong. Rajiv Gupta, head of the Canadian Centre for Cybersecurity, emphasized that protecting critical infrastructure is a nonpartisan issue. His agency collaborates daily with its US Counterpart, cisa to defend shared assets like pipelines, telecom networks and financial systems. However, concerns persist about U.S. policy shifts, particularly President Trump's rhetoric about annexing Canada and controversial appointments. Like Tulsi Gabbard leading US Intelligence, the Five Eyes intelligence alliance may be weakening. Meanwhile, Canada faces cybersecurity challenges, including gaps in private sector defense oversight and delays in implementing a unified cyber incident reporting system. Despite setbacks, Gupta believes more organizations now recognize cybersecurity risks. His agency remains focused on advising businesses, though like CISA it lacks regulatory authority. With cyber threats rising, continued U S Canada security collaboration remains crucial. A data breach has reportedly exposed sensitive credentials from Cisco's internal network, with the new Kraken ransomware group leaking hashed passwords from its Windows Active Directory environment. The leaked data set includes domain user accounts, administrator credentials and NTLM password hashes, which could allow attackers to escalate privileges and move laterally within Cisco's network. Researchers believe the data was extracted using tools like mimikatz or hashdump, commonly used by cybercriminals and nation state actors. Cisco has yet to confirm the breach, but security experts recommend immediate countermeasures, including forced password resets, disabling NTLM authentication, enforcing multi factor authentication, and monitoring access logs for suspicious activity. Europol has urged Europe's financial sector to start preparing for quantum safe cryptography as the threat of store now decrypt later attacks grows. These attacks involve stealing encrypted data today with plans to decrypt it once quantum computers become powerful enough to break current encryption methods. Although cryptographically relevant quantum computers are still a decade or more away, rapid advancements could accelerate their arrival. Europol's Quantum Safe Financial Forum outlined five key recommendations, including prioritizing quantum safe cryptography, improving stakeholder coordination, and increasing cross border collaboration. The US has already introduced post quantum cryptography standards and and the UK banking sector has warned of the risks. With 64% of banks facing cyberattacks last year, financial institutions must adopt new encryption standards alongside existing ones to ensure a smooth transition and safeguard sensitive financial data from future quantum threats. Microsoft has expanded its Copilot Bug Bounty program to cover more consumer products and offer higher rewards. Researchers can now earn up to $30,000 for critical vulnerabilities, while medium security flaws can fetch up to $5,000, an increase from previous payouts. Eligible vulnerabilities include model manipulation, code injection, authentication flaws and improper access control. Microsoft has also integrated the Bounty program with its online services bugbar for a more consistent evaluation process. The company encourages researchers to participate in securing the Copilot ecosystem. My teenage son alerted me to the fact that the PlayStation Network experienced a major outage over the weekend, disrupting login access, online Gaming, the PlayStation Store, and more. Across all PlayStation platforms, popular titles like Call of Duty and Fortnite were unplayable, and users struggled with account management, purchases and streaming services. Sony has now restored all services, but the reason behind the prolonged outage remains unknown. Evan Frederick Light, age 22, of Lebanon, Indiana, was sentenced to 20 years in federal prison for conspiracy to commit wire fraud and money laundering. Following his guilty plea in September of last year, he was also ordered to pay at least $37 million in restitution for stealing cryptocurrency from nearly 600 victims. In February 2022, light infiltrated a Sioux Falls investment firm, using stolen credentials to access client accounts and exfiltrate personally identifiable information. He then transferred stolen funds through mixing services and gambling sites to obscure his identity. U.S. attorney Allison Ramsdell and FBI Special Agent Alvin Winston Sr. Emphasized the devastating impact of cybercrime and praised investigators for recovering a substantial portion of the stolen cryptocurrency. Mr. Light remains in U.S. marshal's custody. Coming up after the break, Mike Woodward from From Digital AI shares strategies to minimize risk when implementing AI and hunting for length and complexity in Wi fi passwords Stay with us. Cyber threats are evolving every second, and staying ahead is more than just a challenge, it's a necessity. That's why we're thrilled to partner with ThreatLocker, the cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit threatlocker.com today to see how a default deny approach can keep your company safe and compliant.