The European Commission has opened the application process to fund cybersecurity and digital skills initiatives, exceeding a €210m ($227.3m) investment under the Digital Europe Programme (DEP). Established in 2021, the DEP aims to contribute to the digital transformation of the EU’s society and economy, with a planned total budget of €7.5bn over seven years. It funds critical strategic areas such as supercomputing, AI, cybersecurity, and advanced digital skills to advance this vision.
In the latest funding cycle, the European Commission will allocate €35m ($37.8m) towards projects safeguarding large industrial installations and critical infrastructures. An additional €35m will be designated for implementing cutting-edge cybersecurity technologies and tools.
Furthermore, €12.8m ($13.8m) will be invested in establishing, reinforcing, and expanding national and cross-border security operation centres (SOCs). The initiative aligns with the proposed EU Cyber Solidarity Act, which aims to establish a European Cybersecurity Alert System to enhance the detection, analysis, and response to cyber threats. The envisioned system will consist of cross-border SOCs using advanced technologies like AI to share threat intelligence with authorities across the EU swiftly.
Moreover, the DEP will allocate €20m to assist member states in complying with the EU cybersecurity laws and national cybersecurity strategies. That includes the updated NIS2 Directive, which mandates strengthening cybersecurity measures in critical sectors and requires it to be transposed into national legislation by October 2024.
Finally, the latest DEP funding round will also allocate €55m ($59.5m) towards advanced digital skills, supporting the design and delivery of higher education programs in key digital technology domains. Additionally, €8m ($8.6m) will be directed towards European Digital Media Observatories (EDMOs) to finance independent regional hubs focused on analysing and combating disinformation in digital media.
Researchers at cybersecurity firm EVA Information Security have uncovered three major vulnerabilities in CocoaPods, a widely used tool that simplifies the process of updating apps on iOS and macOS devices. These vulnerabilities, which went unnoticed for nearly a decade, posed significant risks as they could have allowed attackers to inject malware into apps utilizing CocoaPods. Given that CocoaPods is commonly used to integrate pre-written code into iOS and macOS apps, the vulnerabilities could have enabled attackers to modify app architectures with malicious code.
The vulnerabilities stem from a migration process in May 2014, which left thousands of CocoaPods packages ‘orphaned’ and potentially vulnerable. According to EVA researchers, CocoaPods is extensively used by iOS developers, including major companies like Google, GitHub, Amazon, Dropbox, and others, making the impact widespread across various projects and dependencies.
One of the most critical vulnerabilities, identified as CVE-2024-38368, could have been exploited by malicious actors to inject malware into apps using compromised packages, effectively bypassing security measures and compromising user data.
EVA responsibly disclosed these vulnerabilities to CocoaPods, which promptly patched them in October 2023 before publicly disclosing the findings. As of now, there are no known instances of these vulnerabilities being exploited by malicious actors. The proactive response from CocoaPods mitigated potential risks to app developers and users relying on the platform for their software development needs.
The largest compilation of nearly ten billion unique passwords, titled RockYou2024, was leaked on a popular hacking forum, posing significant risks for users prone to reusing passwords. Discovered by Cybernews researchers, the file contains 9,948,575,739 plaintext passwords and was posted by a user named ObamaCare. The leak is believed to combine data from various old and new breaches, dramatically increasing the threat of credential-stuffing attacks.
Credential stuffing attacks exploit leaked passwords to gain unauthorised access to accounts, affecting users and businesses. The RockYou2024 leak significantly heightens this risk, as previous attacks on companies like Santander and Ticketmaster demonstrated. Cybernews highlighted the need for robust security measures, such as resetting compromised passwords, using strong, unique passwords, and enabling multi-factor authentication (MFA).
The RockYou2024 leak follows the 2021 release of a similar but smaller compilation, RockYou2021, which contained 8.4 billion passwords. The new dataset has grown by 15 percent, incorporating an additional 1.5 billion passwords. The compilation is believed to include information from over 4,000 databases collected over more than two decades, making it a potent tool for cybercriminals.
To protect against potential breaches, Cybernews advises users to reset exposed passwords, use MFA, and utilise password managers. The company will also integrate RockYou2024 data into its Leaked Password Checker, allowing individuals to verify if their credentials have been compromised. The leak follows another significant breach, the Mother of All Breaches (MOAB), which involved 12 terabytes of data and 26 billion records earlier this year.
A hacker infiltrated OpenAI’s internal messaging systems last year, stealing details about the design of its AI technologies, according to Reuters’ sources familiar with the matter. The breach involved discussions on an online forum where employees exchanged information about the latest AI developments. Crucially, the hacker needed access to the systems where OpenAI builds and houses its AI.
OpenAI, backed by Microsoft, did not publicly disclose the breach, as no customer or partner information was compromised. Executives briefed employees and the board but did not involve federal law enforcement, believing the hacker had no ties to foreign governments.
In a separate incident, OpenAI reported disrupting five covert operations that aimed to misuse its AI models for deceptive activities online. The issue raised safety concerns and prompted discussions about safeguarding advanced AI technology. The Biden administration plans to implement measures to protect US AI advancements from foreign adversaries. At the same time, 16 AI companies have pledged to develop the technology responsibly amid rapid innovation and emerging risks.
OpenAI’s ChatGPT macOS app was found to be storing user chats in plain text until recently, raising security concerns. The Verge reported that the AI firm has now released an update to encrypt conversations on macOS. The discovery was made by software developer Pedro Vieito, who noted that OpenAI was distributing the app exclusively through their website and bypassing Apple’s sandbox protections.
Sandboxing, which isolates an app and its data from the rest of the system, is optional on macOS, but is commonly used by chat applications to protect sensitive information. By not adhering to this security measure, the ChatGPT app exposed user chats to potential threats. Vieito highlighted the vulnerability on social media, showing how easily another app could access the unprotected data.
OpenAI acknowledged the issue and emphasised that users could opt out of having their chats used to train the AI models. The ChatGPT app, which was made available to macOS users on June 25, now includes encryption to enhance user privacy and security.
The UN’s International Telecommunication Union (ITU) condemned Russia for allegedly interfering with the satellite systems of several European countries, including Ukraine, France, Sweden, the Netherlands, and Luxembourg. These incidents, reported over recent months, have disrupted GPS signals and jeopardised air traffic control.
ITU’s review indicated that the interference originated from earth stations near Moscow, Kaliningrad, and Pavlovka. The organisation called the interference ‘extremely worrisome and unacceptable’ and urged Russia to cease these actions immediately and investigate the incidents. It also proposed a meeting between the affected countries and Russia to resolve the issue.
Swedish authorities blamed Russia for harmful interference shortly after Sweden joined NATO, while France reported significant disruptions to its Eutelsat satellites. Additionally, Lithuania and Estonia raised alarms about navigation signal interference impacting flights. Earlier in the year, a jet carrying UK Defence Secretary Grant Shapps experienced GPS jamming over Kaliningrad.
Russia denied any wrongdoing and complained about alleged interference by NATO countries, which ITU did not address. Russia’s presidential press secretary, Dmitry Peskov, expressed unawareness of the UN agency attributing interference to Russia and questioned the UN’s authority to discuss the matter.
IBM Consulting and Microsoft have expanded their long-standing partnership to help clients modernise their cybersecurity operations and manage hybrid cloud identities. As businesses increasingly adopt hybrid cloud and AI technologies, protecting valuable data has become critical.
IBM Consulting integrates its cybersecurity services with Microsoft’s security technology portfolio to modernise end-to-end security operations. The collaboration aims to provide tools and expertise to protect data through cloud solutions, ultimately driving business growth. Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM Consulting, emphasises that ‘security must be a foundational part of every organisation’s core operations.’
IBM’s Threat Detection and Response (TDR) Cloud Native service combines Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Defender for Cloud with AI-powered security technologies to accelerate threat detection and response. IBM’s global team of security analysts provides 24/7 monitoring and investigation of security alerts across clients’ hybrid cloud environments, maximising the value of Microsoft’s end-to-end security solutions.
After recent Indonesia’s most severe cyberattack, Samuel Abrijani Pangerapan, the director-general for applications and information at the Ministry of Communications and Information Technology, resigned, citing moral responsibility. The attack, which struck more than 280 government agencies, resulted in significant data loss and disrupted essential services ranging from airport operations to scholarship management. The hacker group responsible initially demanded a ransom of $8 million, which the government refused to pay. The hackers later apologised and provided a decryption key to unlock the stolen data.
Despite the decryption key’s release, the recovery process has been challenging. The Ministry of Communications and Information Technology reported that only 2% of the data had been saved by early efforts, with the rest presumed lost. President Joko Widodo responded by ordering an immediate cybersecurity audit and the implementation of robust backup strategies across all national data centres. The goal is to prevent similar incidents in the future, emphasising the need for comprehensive security measures.
Public dissatisfaction has grown in response to the government’s handling of the cyberattack. The attack impacted administrative services and caused significant disruptions at airports in Indonesia, where immigration systems were forced to operate manually due to the cyberattack’s effects on automated processes. The scale of the breach underscored existing vulnerabilities across government data management systems managed by PT Telkom Indonesia, whose subsidiary operated the compromised data centre.
The US auto industry faces challenges in the second quarter as Ford and General Motors report slower sales growth following the cyberattack that disrupted a critical software system used by dealerships nationwide. The outage at CDK in late June impacted over 15,000 retail locations during a crucial selling period, adding to the hurdles already faced by automakers due to supply chain disruptions. Despite hopes for a post-pandemic surge in vehicle demand as more people returned to work, high borrowing costs and economic uncertainties flattened these expectations.
Ford’s quarterly sales saw a modest 1% increase to 536,050 vehicles, a significant slowdown compared to the 10% growth in the previous year. Similarly, Toyota Motor’s local unit and Honda also experienced decelerated sales growth in the second quarter. Analysts anticipate automakers to recover lost sales. CDK reported progress in restoring the dealer management system, with most dealer connections already operational.
Ford attributed its growth in the quarter to the success of hybrid and electric models, with sales of gas-powered vehicles declining by 5%. In comparison, EV and hybrid vehicle sales rose by approximately 61% and 55%, respectively. In June, US new vehicle sales reached around 1.32 million units, translating to a seasonally adjusted annual rate of 15.29 million units per data from Wards Intelligence released on Tuesday.
The recent decision by the US Supreme Court to overturn the long-standing ‘Chevron deference’ doctrine will have significant implications for the Biden administration’s cybersecurity agenda, particularly regarding the protection of critical infrastructure. The ruling shifts the power to interpret and enforce laws related to cybersecurity from executive agencies to Congress and the courts, marking a departure from the previous approach that relied on agency-led initiatives to enhance cybersecurity practices.
One key takeaway from this development is how it has revealed the inadequacies in the cybersecurity practices of critical infrastructure organisations. Despite the rise in cyber threats targeting these entities, many have failed to implement baseline security measures like multifactor authentication, making them vulnerable to attacks. The absence of stringent regulations mandating such practices has exacerbated these organisations’ cybersecurity challenges.
The Biden administration’s strategy of leveraging existing agency rules to bolster cybersecurity measures is now facing a regulatory overhaul. The government must implement a more comprehensive legislative approach to address cybersecurity gaps.
Looking ahead, the repeal of the Chevron deference doctrine is set to usher in a new era of cybersecurity regulation, with a stronger emphasis on congressional involvement in shaping cybersecurity policies. The increased engagement of legislative affairs staffers, lobbyists, and advocates in the regulatory process shows a shift towards a more collaborative and evidence-based approach to cybersecurity governance.
Why does it matter?
As the landscape of cybersecurity regulation evolves in response to this landmark decision, critical infrastructure sectors are expected to face renewed scrutiny regarding their cybersecurity preparedness. The need for robust cybersecurity frameworks and proactive measures to safeguard vital infrastructure assets has never been more pressing. Therefore, the implementation of comprehensive and effective cybersecurity regulations is becoming imperative.
