By OptionOne Technologies
We searched through the most popular cybersecurity websites to bring you the latest industry news, updates, and tips.
Cybersecurity Threat News
Historic IT Outage Caused by CrowdStrike Update
Earlier this month, a software update from CrowdStrike led to what is being described as potentially the largest IT outage in history, the U.S. Government Accountability Office reported. This incident caused Microsoft Windows operating systems to crash globally, affecting over 8.5 million computers.
The disruptions were widespread, impacting critical infrastructure sectors such as transportation, healthcare, and finance. For instance, commercial flights were grounded, critical hospital care was interrupted, and financial institutions were unable to service clients.
The root cause of the crash was a human error in the software update process, highlighting significant vulnerabilities in the software supply chain. This incident draws parallels to the SolarWinds attack in 2019, where malicious actors targeted software updates to gain access to systems.
The federal government has been urged to take more robust actions to monitor and secure the global supply chain against emerging threats. This event underscores the need for more stringent cybersecurity measures and better implementation of recommended practices to protect critical infrastructure and IT systems.
Ransomware Attacks on Critical Infrastructure Remain Steady
Sophos’ latest annual study on ransomware in the energy, oil, gas, and utilities sector reveals that attack rates have remained steady, Sophos News reported. According to the report, 67% of organizations were hit by ransomware in 2024, identical to the rate reported in 2023.
The study found that 98% of affected organizations experienced attempts to compromise their backups during the attack, with 79% of these attempts being successful — the highest rate across all sectors. The mean cost to recover from a ransomware attack in this sector was $3.12 million in 2024.
Notably, 61% of organizations paid the ransom to recover encrypted data, while only 51% restored data using backups. This was the lowest rate of backup use across all sectors. This marks a significant shift from previous years when the sector had higher rates of backup use.
The findings underscore the critical need for robust backup strategies and comprehensive cybersecurity measures in the critical infrastructure sector.
Kaspersky Exits US Market Following Government Ban
Russian cybersecurity giant Kaspersky announced it will shut down its US operations and lay off dozens of staff following a US government order banning the sale of the company’s software, TechCrunch reported. The ban, which comes into effect on July 20, 2024, cites increased security and privacy risks due to the company’s Russian headquarters.
After September 29, Kaspersky will no longer be allowed to push software or security updates to US customers, potentially degrading the protection offered by its antivirus software. The US Commerce Department implemented a staggered approach to the ban to allow US consumers time to find alternative solutions.
This move follows previous actions against Kaspersky by both the Trump and Biden administrations, reflecting ongoing concerns about the potential exploitation of Russian companies for intelligence-gathering purposes.
RockYou2024 Was the Largest Password Compilation Leak in History
Cybersecurity researchers discovered what appears to be the largest password compilation ever leaked, containing nearly 10 billion unique plaintext passwords, Cybernews reported. The file, titled “rockyou2024.txt,” was posted on a popular hacking forum on July 4, 2024.
This compilation is believed to be an expansion of the previous RockYou2021 dataset, which contained 8.4 billion passwords. The new leak poses severe risks for users who reuse passwords across multiple accounts, as it significantly increases the potential for credential stuffing attacks.
Experts warn that threat actors could exploit this compilation to conduct brute-force attacks and gain unauthorized access to various online accounts.
To protect against potential threats, users are advised to immediately reset passwords for all accounts associated with leaked passwords, enable multi-factor authentication wherever possible, and utilize password manager software to generate and store complex, unique passwords.
Cybersecurity Tips
CrowdStrike Incident Underscores the Importance of Security Planning
The recent CrowdStrike incident, which resulted in a global blue-screen-of-death (BSD) affecting over 8.5 million Windows devices, has highlighted the critical importance of having robust contingency plans in place, CSO reported. The flawed delivery of a channel file in CrowdStrike’s Falcon Sensor update crippled businesses worldwide, directly impacting 30,000 customers and indirectly affecting another 674,000.
Dave DeWalt, speaking on Dow Jones’ MarketWatch podcast, compared this event to a similar incident at McAfee in 2010. The key difference in the magnitude of impact between the two events was attributed to the differing deployment models.
This incident has also prompted a broader discussion on the criticality of resilience and business continuity in cybersecurity strategies. As Christine Gadsby, CISO at Blackberry, notes, understanding system vulnerabilities and preparing for potential crises is essential to mitigate the impact of such events.
Overall, the CrowdStrike incident serves as a wake-up call for CISOs to review and update their emergency response and business continuity playbooks, ensuring they are prepared for the unexpected.
Thanks for Reading
That’s it for this month’s Cybersecurity Briefing. Contact us today to learn more about our services.