CrowdStrike restores almost all Windows sensors after major outage

The US cybersecurity company has successfully restored 97% of its Windows sensors following a global outage caused by a faulty software update. The issue, which began nearly a week ago, affected 8.5 million devices running Microsoft’s Windows operating system, leading to significant disruptions in services, including flights, healthcare, and banking.

The outage was triggered by a fault in CrowdStrike’s Falcon platform sensor, a security agent designed to protect devices from threats. The fault caused computers to crash and display the notorious blue screen of death. In response, CrowdStrike deployed a fix and mobilized all resources to support customers, enhancing recovery efforts with automatic recovery techniques.

The recovery comes amidst scrutiny over the cybersecurity firm’s quality control measures. Despite the challenges, CrowdStrike’s swift response has helped mitigate further impact and restore critical services globally.

North Korea steals massive data haul from US Military and NASA

Hackers from North Korea, identified as Anadriel or APT45, have conducted a global cyber espionage campaign to steal classified military secrets, supporting Pyongyang’s banned nuclear weapons programme. The joint advisory came from the United States, Britain, and South Korea. The hackers are believed to be part of North Korea’s Reconnaissance General Bureau, which has been under US sanctions since 2015.

These cyber units have targeted a wide range of defence and engineering firms, including those manufacturing tanks, submarines, naval vessels, fighter aircraft, and missile and radar systems. Notable breaches occurred at NASA and US Air Force bases, with significant data extraction. In one 2022 incident, hackers infiltrated NASA’s computer system for three months, extracting over 17 gigabytes of data.

Hackers also employed ransomware to fund their operations, targeting US hospitals and healthcare companies. The US Justice Department has charged one suspect, Rim Jong Hyok, with conspiracy and money laundering. In a 2021 incident, a Kansas hospital paid a ransom in bitcoin, which was traced to a Chinese bank. Authorities are offering a $10 million reward for information leading to Rim’s arrest.

Officials from the FBI and Justice Department have seized some online accounts, recovering $600,000 in virtual currency to be returned to ransomware victims. The operation reveals the extent of DPRK state-sponsored actors’ efforts to advance their military and nuclear programmes. Last year, North Korean hackers breached systems at a Russian rocket design bureau, employing similar phishing techniques and computer exploits.

Malta calls for international action on cybersecurity

Malta called for urgent international action against the misuse of cyberspace and its significant impact on societies, governments, critical infrastructure, and global peace and security. Malta’s pivotal role as the President of the Organisation for Security and Cooperation in Europe (OSCE) is highlighted, with a strong focus on enhancing cybersecurity during its term.

Minister for Foreign and European Affairs and Trade Ian Borg has called for increased cyber resilience among OSCE member countries, emphasising the need for cooperation between governments and stakeholders to tackle cyber threats effectively.

The advancements in AI present both opportunities and challenges for cybersecurity. While AI can enhance security measures, it also introduces new vulnerabilities like sophisticated cyber-attacks, deepfakes, and disseminating fake news. Minister Borg stressed the importance of effectively harnessing AI technology to combat cyber threats while preventing misuse.

Minister Borg also criticised the Russian Federation for its malicious cyber activities, particularly in the context of its invasion of Ukraine, highlighting the risks posed to critical infrastructure and essential services. He called for Russia to cease its aggression, underscoring the broader implications for global security and stability. He concluded by emphasising the necessity for enhanced cybersecurity measures and international cooperation to address the evolving nature of cyber threats in today’s interconnected world.

French prime minister predicts inevitable cyberattacks on Olympics

France is preparing for inevitable cyberattacks on the Paris Olympics, according to Prime Minister Gabriel Attal. The country is committed to minimising their impact. Attal emphasised the importance of limiting the damage during a press conference at the headquarters of ANSSI, France’s cybersecurity agency.

Earlier this month, the risks were underscored by a global tech outage at CrowdStrike. That incident disrupted broadcasters and affected services such as healthcare and banking, illustrating the potential threat to the Paris Games.

The outage had a direct impact on some operations of the Paris Olympics organisers. In response, France has heightened its cybersecurity measures to ensure the event proceeds smoothly despite the anticipated attacks.

Preparations are in full swing to safeguard the Olympics. The focus is on maintaining essential services and ensuring the safety and security of all participants and spectators.

OpenAI CEO emphasises democratic control in the future of AI

Sam Altman, co-founder and CEO of OpenAI, raises a critical question: ‘Who will control the future of AI?’. He frames it as a choice between a democratic vision, led by the US and its allies to disseminate AI benefits widely, and an authoritarian one, led by nations like Russia and China, aiming to consolidate power through AI. Altman underscores the urgency of this decision, given the rapid advancements in AI technology and the high stakes involved.

Altman warns that while the United States currently leads in AI development, this advantage is precarious due to substantial investments by authoritarian governments. He highlights the risks if these regimes take the lead, such as restricted AI benefits, enhanced surveillance, and advanced cyber weapons. To prevent this, Altman proposes a four-pronged strategy – robust security measures to protect intellectual property, significant investments in physical and human infrastructure, a coherent commercial diplomacy policy, and establishing international norms and safety protocols.

He emphasises proactive collaboration between the US government and the private sector to implement these measures swiftly. Altman believes that proactive efforts today in security, infrastructure, talent development, and global governance can secure a competitive advantage and broad societal benefits. Ultimately, Altman advocates for a democratic vision for AI, underpinned by strategic, timely, and globally inclusive actions to maximise the technology’s benefits while minimising risks.

Air France KLM suffers €10 million loss due to global tech outage

A recent outage has cost Air France KLM around €10 million, according to Chief Financial Officer Steven Zaat. The disruption primarily affected KLM and Transavia, with Air France experiencing minimal impact. The issue originated from a software update by cybersecurity firm CrowdStrike, causing widespread problems, including grounded flights and service interruptions across various sectors.

Air France KLM is among the first airlines to quantify the financial impact of the outage. Zaat detailed that the majority of the disruptions impacted KLM and Transavia, leading to significant operational challenges.

The technology glitch, which occurred last Friday, also disrupted broadcasters and left customers without access to essential services such as healthcare and banking. Delta Air Lines has been the most affected U.S. carrier, cancelling over 6,000 flights since the incident, with potential losses estimated in the hundreds of millions of dollars.

The financial implications of the outage underscore the vulnerability of airlines and other industries to technological disruptions, highlighting the importance of robust cybersecurity measures.

Meta oversight board calls for clearer rules on AI-generated pornography

Meta’s Oversight Board has criticised the company’s rules on sexually explicit AI-generated depictions of real people, stating they are ‘not sufficiently clear.’ That follows the board’s review of two pornographic deepfakes of famous women posted on Meta’s Facebook and Instagram platforms. The board found that both images violated Meta’s policy against ‘derogatory sexualised photoshop,’ which is considered bullying and harassment and should have been promptly removed.

In one case involving an Indian public figure, Meta failed to act on a user report within 48 hours, leading to an automatic ticket closure. The image was only removed after the board intervened. In contrast, Meta’s systems automatically took down the image of an American celebrity. The board recommended that Meta clarify its rules to cover a broader range of editing techniques, including generative AI. It criticised the company for not adding the Indian woman’s image to a database for automatic removals.

Meta has stated it will review the board’s recommendations and update its policies accordingly. The board emphasised the importance of removing harmful content to protect those impacted, noting that many victims of deepfake intimate images are not public figures and struggle to manage the spread of non-consensual depictions.

US Senate passes bill to combat AI deepfakes

The US Senate has unanimously passed the DEFIANCE Act, allowing victims of nonconsensual intimate images created by AI, known as deepfakes, to sue their creators for damages. The bill enables victims to pursue civil remedies against those who produced or distributed sexually explicit deepfakes with malicious intent. Victims identifiable in these deepfakes can receive up to $150,000 in damages and up to $250,000 if linked to sexual assault, stalking, or harassment.

The legislative move follows high-profile incidents, such as AI-generated explicit images of Taylor Swift appearing on social media and similar cases affecting high school girls across the country. Senate Majority Leader Chuck Schumer emphasised the widespread impact of malicious deepfakes, highlighting the urgent need for protective measures.

Schumer described the DEFIANCE Act as part of broader efforts to implement AI safeguards to prevent significant harm. He called on the House to pass the bill, which has a companion bill awaiting consideration. Schumer assured victims that the government is committed to addressing the issue and protecting individuals from the abuses of AI technology.

Meta removes 63,000 Nigerian Instagram accounts for sextortion scams

Meta Platforms announced on Wednesday that it had removed approximately 63,000 Instagram accounts in Nigeria involved in financial sexual extortion scams, primarily targeting adult men in the United States. These Nigerian fraudsters, often called ‘Yahoo boys,’ are infamous for various scams, including posing as individuals in financial distress or as Nigerian princes.

In addition to the Instagram accounts, Meta also took down 7,200 Facebook accounts, pages, and groups that provided tips on how to scam people. Among the removed accounts, around 2,500 were part of a coordinated network linked to about 20 individuals. These scammers used fake accounts to conceal their identities and engage in sextortion, threatening victims with the release of compromising photos unless they paid a ransom.

Meta’s investigation revealed that most of the scammers’ attempts were unsuccessful. While adult men were the primary targets, there were also attempts against minors, which Meta reported to the National Centre for Missing and Exploited Children in the US. The company employed new technical measures to identify and combat sextortion activities.

Online scams have increased in Nigeria, where economic hardships have led many to engage in fraudulent activities from various settings, including university dormitories and affluent neighbourhoods. Meta noted that some of the removed accounts were not only participating in scams but also sharing guides, scripts, and photos to assist others in creating fake accounts for similar fraudulent purposes.

Lakera secures $20M for AI protection, Gandalf helps track threats

Leaders of Fortune 500 companies developing AI applications face a potential nightmare: hackers tricking AI into revealing sensitive data. Zurich-based startup Lakera has raised $20 million to address this issue. The funding round, led by Atomico with participation from Citi Ventures and Dropbox Ventures, brings Lakera’s total funding to $30 million. Lakera’s platform, used by companies like Dropbox and Citi, allows businesses to set guardrails for generative AI, protecting against prompt injection attacks.

Lakera CEO David Haber highlighted the importance of safety and security as companies integrate generative AI into critical functions. Existing security teams encounter new challenges in securing these applications. Lakera’s platform, built on internal AI models, ensures that generative AI applications do not take unintended actions. Customers can specify the context and policies for AI responses, preventing the disclosure of sensitive information.

A unique advantage for Lakera is Gandalf, an online AI security game used by millions, including Microsoft. The game generates a real-time database of AI threats, keeping Lakera’s software updated with thousands of new attacks daily. That helps in maintaining robust security measures for their clients.

Lakera competes in the generative AI security landscape with startups like HackerOne and BugCrowd. Matt Carbonara of Citi Ventures praised Lakera’s focus on prompt injection attacks and its team’s capability to build the necessary countermeasures for new attack surfaces.