Microsoft plans to host a cybersecurity summit in September following a global IT outage caused by a flawed update from CrowdStrike in July. The outage disrupted nearly 8.5 million Windows devices and had widespread impacts across sectors, including airlines, banks, and healthcare. In response, Microsoft’s summit, scheduled for 10 September at its Redmond, Washington headquarters, will focus on strengthening cybersecurity systems and include discussions with government representatives and industry stakeholders.
The July outage highlighted the risks of relying on single-vendor cybersecurity solutions, as many organisations struggled to manage the disruption. CrowdStrike, the company at the centre of the incident, faces multiple legal challenges, including a lawsuit from shareholders alleging that the company failed to test its software, leading to the massive disruption properly. Delta Air Lines, one of the companies severely affected, has also initiated legal action, citing at least $500 million in losses due to flight cancellations.
CrowdStrike’s market value has dropped by approximately $9 billion since the outage, and the company is under intense scrutiny as it prepares to report its second-quarter financial results. The upcoming summit is seen as a critical step in addressing the vulnerabilities exposed by the incident and fostering a more resilient cybersecurity ecosystem.
Oilfield services company Halliburton disclosed on Friday that an unauthorised third party had breached some of its systems. The company, which discovered the breach two days prior, has initiated an internal investigation and taken affected systems offline to safeguard its data.
Halliburton is currently assessing the impact of the incident, but as of now, there is no evidence of any disruption to energy services. The US Department of Energy confirmed on Thursday that the breach had not affected the provision of energy services.
Tech platforms are under increasing pressure from Sweden and Denmark to address the rising issue of gang recruitment ads targeting young Swedes. These ads, often found on platforms like Telegram and TikTok, are being used to recruit individuals for violent crimes across the Nordic region. Concerns have grown as Swedish gang violence has begun spilling over into neighbouring countries, with incidents of Swedish gang members being hired for violent acts in Denmark.
The justice ministers of both countries announced their plans to summon tech companies to discuss their role in enabling these activities. They will demand that the platforms take greater responsibility and implement stronger measures to prevent gang-related content. If the responses from these companies are deemed insufficient, further action may be considered to increase pressure on them.
Danish Minister of Justice Peter Hummelgaard highlighted the challenges posed by encrypted services and social media, which are often used to facilitate criminal activities. Although current legal frameworks do not allow for geoblocking or shutting down such platforms, efforts are being made to explore new avenues to curb their misuse.
Sweden, which has the highest rate of gun violence in the European Union, recently announced plans to strengthen police cooperation across the Nordic region. The country is also increasing security measures at its borders with Denmark to prevent further cross-border gang activity. The growing concern over gang-related violence underscores the urgent need for coordinated efforts between governments and tech platforms.
Halliburton, a major US oilfield services company, experienced a cyberattack on Wednesday, affecting certain systems and disrupting business operations at its north Houston campus and global networks. The company is working with external experts to resolve the issue and has advised some staff not to connect to internal networks as they investigate the cause and impact of the attack.
Cyberattacks have become a significant concern for the energy sector following high-profile incidents like the 2021 Colonial Pipeline ransomware attack that led to fuel shortages and price spikes. Although details about the Halliburton attack remain unclear, ransomware attacks typically involve hackers encrypting data and demanding payment for its release, with threats to leak confidential information if their demands are not met.
Halliburton, one of the largest oilfield services firms globally, is now the latest in a series of major US companies targeted by cybercriminals, raising further alarm in an industry already on high alert for such threats.
Lingo Telecom has agreed to pay a $1 million fine after the US Federal Communications Commission (FCC) accused the company of transmitting fake robocalls that mimicked President Joe Biden’s voice to mislead voters in New Hampshire’s Democratic primary. The robocalls, created using AI voice-cloning technology, were directed by political consultant Steve Kramer, who now faces charges from the New Hampshire attorney general.
Initially, the FCC proposed a $2 million fine against Lingo but settled for $1 million after the company agreed to implement a compliance plan to adhere to FCC rules on caller ID authentication. The following case highlights growing concerns about the use of AI in political disinformation, particularly as the 2024 elections approach.
The FCC has also proposed fining Kramer $6 million and is considering new regulations to require clear disclosures for AI-generated content in political ads across broadcast and cable media. However, the commission’s authority does not extend to the internet or social media platforms.
Russian users experienced difficulties accessing Telegram and WhatsApp on Wednesday due to a disruption caused by a distributed denial-of-service (DDoS) attack. The state communications monitoring service confirmed the attack but assured that the issue had been resolved and the messaging apps were functioning normally again. The disruption also affected other platforms like Wikipedia, Skype, and Discord.
The incident follows a pattern of digital disruptions in Russia, including a recent mass outage on YouTube, as authorities intensify their scrutiny of online platforms. Earlier this month, Russian users of the secure messenger app Signal also reported issues, highlighting ongoing concerns about digital communication access in the country.
Russia has a history of restricting access to popular platforms. Telegram was blocked in 2018, though the ban had minimal impact. In 2022, Moscow labelled WhatsApp’s parent company, Meta, as an ‘extremist’ organisation, leading to bans on Facebook and Instagram. However, these platforms remain accessible in Russia through VPNs.
Microchip Technology experienced a cyber incident that disrupted certain servers and business operations, the company revealed on Tuesday. The disruption began after ‘potentially suspicious activity’ was detected in its IT systems over the weekend. Immediate steps were taken to assess and contain the situation, but the company’s manufacturing facilities have been operating below normal capacity, impacting its ability to fulfil orders.
The timing of the incident coincides with a challenging period for Microchip, as the company is already facing reduced demand for chips. Many clients are working through excess inventory accumulated during the COVID-19 pandemic, further complicating the situation. In response to the breach, Microchip has shut down specific systems and launched an investigation, enlisting external cybersecurity experts to assist in understanding the full scope of the attack.
While the exact nature and impact of the incident remain unclear, Microchip is working to determine whether the disruption will have a significant effect on its financial health. The company, whose shares dropped by approximately 2% in extended trading, continues to investigate the breach and mitigate its effects.
Switzerland has announced its decision to join the European Cyber Security Organisation (ECSO) to bolster its defences against cyber threats. By becoming a member, Switzerland will gain access to valuable information on technological advancements and be able to collaborate with a network of experts across Europe, enhancing its ability to combat online attacks.
The ECSO, which includes 300 members such as companies, universities, research centres, and European governments, provides a platform for sharing expertise and resources in cybersecurity. Switzerland’s move comes in response to a notable rise in cyberattacks and disinformation campaigns earlier this year, particularly surrounding a summit focused on establishing peace in Ukraine.
This membership reflects Switzerland’s proactive approach to strengthening its cybersecurity infrastructure, ensuring it remains resilient despite evolving digital threats.
A new malware named Banshee, developed by Russian hackers, is targeting macOS users by compromising browser extensions. Banshee poses a significant threat by stealing sensitive data such as passwords, cryptocurrency, and personal information. The malware affects a wide range of web browsers, including Safari, Chrome, and Firefox, and can infiltrate various crypto wallets.
Banshee is being sold on the dark web for as little as $3,000, making it an accessible tool for cybercriminals. Researchers at Elastic Security Labs identified that Banshee operates on both x86_64 and ARM64 macOS systems. Once the malware infiltrates a system, it begins harvesting data from the Mac’s Keychain, desktop, and documents, with the ability to evade detection.
Infection methods likely involve deceptive tactics, such as fake pop-ups mimicking legitimate updates or urgent notifications. Despite the growing concerns, the full extent of Banshee’s spread and impact remains unclear. Apple’s security infrastructure, while robust, has been exploited through browser extensions, underscoring the need for vigilance.
To protect against such threats, Mac users should limit browser extensions, be cautious with downloads, keep software updated, and use strong, unique passwords. These practices, while not foolproof, significantly reduce the risk of falling victim to malware like Banshee.
Schlatter Industries, a Swiss engineering firm, has restored its computer network after a cyberattack disrupted operations for nearly two weeks. The company announced that the attack on 9 August involved malware and an extortion attempt. However, details regarding the breach, including whether any data was compromised, remain undisclosed.
While Schlatter has not quantified the financial repercussions of the attack, the company previously warned that its full-year results are expected to fall significantly compared to last year. This decline is attributed not only to the cyberattack but also to a decrease in orders and delays in commissioning projects within its welding division. The company continues to investigate the incident and assess its impact.
