On Thursday, Microsoft confirmed that users in New Zealand are experiencing difficulties accessing its services, including Exchange Online. Although the extent of the disruption remains unclear, Microsoft has taken steps to mitigate the issue by rerouting traffic to alternate infrastructure, which has led to some improvement in service availability.
The company is actively investigating to determine the underlying cause of the network problem. The incident follows closely on the heels of a significant tech outage caused by faulty code in CrowdStrike’s cybersecurity software, which affected numerous companies using the Microsoft Windows operating system less than two weeks ago.
As Microsoft works to resolve the current issues, users are advised to stay updated on the situation. The company’s efforts highlight the ongoing challenges of maintaining reliable service amidst increasing technological complexities and interdependencies.
A pro-Ukrainian hacker group, known as Cyber Anarchy Squad, has claimed responsibility for hacking the Russian information security firm Avanpost and leaking a significant amount of its data. They also reported destroying more than 60 terabytes of data and leaking 390 gigabytes of ‘valuable information.’
Avanpost, which has been operating in Russia for 15 years and specialises in developing authorisation and authentication systems for local businesses, confirmed the incident. The company acknowledged that its infrastructure was hit by a ‘serious cyberattack’ but did not provide details on the extent of the damage or the specific data that was leaked.
Avanpost advised its customers, including Russian airports, a large water supply company, and telecom service providers, to update their identification data and change passwords ‘as a precaution.’ The company also urged people not to trust ‘rumors’ and to rely only on official information.
The exact method of the hackers’ entry into Avanpost’s system, the tools they used, and the specifics of the leaked data remain unclear.
Cyber Anarchy Squad shared some of the allegedly leaked data on Telegram and the file hosting service Mega. They also posted screenshots of what they claim to be a group chat of Avanpost employees discussing the hack. However, the authenticity of this data could not be independently verified.
Apple Inc has joined US President Joe Biden’s voluntary commitments to govern artificial intelligence, aimed at preventing the misuse of AI technology. The White House announced on Friday that Apple is now part of a group of 15 firms that have committed to ensuring AI’s power is not used for harmful purposes. The original commitments, introduced in July 2023, were initially signed by companies such as Google and Microsoft’s partner OpenAI.
In September, additional firms including Adobe, IBM, and Nvidia also pledged their support. This initiative is part of a broader effort by the Biden administration to promote responsible AI innovation by assembling an AI expert team, urging tech CEOs to adopt measures that prevent AI from being used destructively.
Apple’s participation comes amid its own challenges with AI, as the company recently delayed AI features for iOS and iPadOS. This commitment underscores the importance of a unified approach among major tech companies to address the ethical and safety concerns surrounding AI.
Shares of CrowdStrike fell over 4% in premarket trading on Tuesday following reports that Delta Air Lines will seek compensation from the cybersecurity firm for a global IT outage that severely disrupted industries, including airlines. The outage on 19 July resulted in more than 2,200 flight cancellations, with Delta having to cancel over 6,000 flights to date.
The issue was traced back to CrowdStrike’s ‘Falcon Sensor’ software, which caused Microsoft Windows to crash with the infamous ‘Blue Screen of Death.’ According to CNBC, Delta has retained a law firm and plans to seek compensation from both CrowdStrike and Microsoft.
The outage has significantly impacted CrowdStrike’s stock, which had more than doubled in 2023 but has since fallen over 24%, resulting in a market valuation loss of more than $20 billion. A survey by Evercore ISI revealed that many clients are considering reducing or pausing their spending on CrowdStrike and expect monetary relief, such as discounts or service credits, from the company.
Analysts at Needham highlighted that the outage has damaged customer confidence, with many expressing frustration over the disruption, especially during a peak travel and shopping period. The analysts noted that clients are now wary of relying too heavily on single platforms due to the associated concentration risks.
Digital Nasional Berhad (DNB) and Cybersecurity Malaysia (CSM) have signed a collaboration agreement to establish a National 5G Cybersecurity Testing Centre and develop new security guidelines to strengthen Malaysia’s 5G network against cyber threats.
The National 5G Cybersecurity Testing Centre will serve as a platform for industry players to identify vulnerabilities, ensure compliance with standards, and validate security features of 5G networks. The upcoming 5G security guidelines will be used as fundamental requirements for the telecommunications industry and serve as guiding principles for future 5G security baselines.
The partnership will also involve exchanging threat intelligence information between DNB and CSM to enhance the nation’s cyber threat combat capabilities. Digital Minister Gobind Singh Deo emphasised that 5G is a critical national infrastructure sector that impacts national defence, economic stability, governmental functions, and social routines and that cybersecurity is a shared responsibility that requires pooling resources, intelligence, and expertise.
DNB’s Chief Operating Officer Nasution Mohamed stated that collaborating with CSM is crucial in establishing a strong and robust cybersecurity ecosystem as the industrial, commercial, and public sectors accelerate their digitalisation efforts through 5G. CSM’s Chief Executive Officer Dato Ts Dr Haji Amirudin Abdul Wabah highlighted that the National 5G Cybersecurity Testing Centre will enhance the ability to secure 5G networks and protect the digital future of 5G networks for Malaysian users.
Why does it matter?
The collaboration between DNB and CSM marks a significant advancement in Malaysia’s efforts to secure its 5G infrastructure against cyber threats. As the National 5G Cybersecurity Testing Centre takes shape and new guidelines are developed, stakeholders can look forward to a more secure digital landscape that supports innovation and growth in the telecommunications sector.
The US cybersecurity company has successfully restored 97% of its Windows sensors following a global outage caused by a faulty software update. The issue, which began nearly a week ago, affected 8.5 million devices running Microsoft’s Windows operating system, leading to significant disruptions in services, including flights, healthcare, and banking.
The outage was triggered by a fault in CrowdStrike’s Falcon platform sensor, a security agent designed to protect devices from threats. The fault caused computers to crash and display the notorious blue screen of death. In response, CrowdStrike deployed a fix and mobilized all resources to support customers, enhancing recovery efforts with automatic recovery techniques.
The recovery comes amidst scrutiny over the cybersecurity firm’s quality control measures. Despite the challenges, CrowdStrike’s swift response has helped mitigate further impact and restore critical services globally.
Hackers from North Korea, identified as Anadriel or APT45, have conducted a global cyber espionage campaign to steal classified military secrets, supporting Pyongyang’s banned nuclear weapons programme. The joint advisory came from the United States, Britain, and South Korea. The hackers are believed to be part of North Korea’s Reconnaissance General Bureau, which has been under US sanctions since 2015.
These cyber units have targeted a wide range of defence and engineering firms, including those manufacturing tanks, submarines, naval vessels, fighter aircraft, and missile and radar systems. Notable breaches occurred at NASA and US Air Force bases, with significant data extraction. In one 2022 incident, hackers infiltrated NASA’s computer system for three months, extracting over 17 gigabytes of data.
Hackers also employed ransomware to fund their operations, targeting US hospitals and healthcare companies. The US Justice Department has charged one suspect, Rim Jong Hyok, with conspiracy and money laundering. In a 2021 incident, a Kansas hospital paid a ransom in bitcoin, which was traced to a Chinese bank. Authorities are offering a $10 million reward for information leading to Rim’s arrest.
Officials from the FBI and Justice Department have seized some online accounts, recovering $600,000 in virtual currency to be returned to ransomware victims. The operation reveals the extent of DPRK state-sponsored actors’ efforts to advance their military and nuclear programmes. Last year, North Korean hackers breached systems at a Russian rocket design bureau, employing similar phishing techniques and computer exploits.
Malta called for urgent international action against the misuse of cyberspace and its significant impact on societies, governments, critical infrastructure, and global peace and security. Malta’s pivotal role as the President of the Organisation for Security and Cooperation in Europe (OSCE) is highlighted, with a strong focus on enhancing cybersecurity during its term.
Minister for Foreign and European Affairs and Trade Ian Borg has called for increased cyber resilience among OSCE member countries, emphasising the need for cooperation between governments and stakeholders to tackle cyber threats effectively.
The advancements in AI present both opportunities and challenges for cybersecurity. While AI can enhance security measures, it also introduces new vulnerabilities like sophisticated cyber-attacks, deepfakes, and disseminating fake news. Minister Borg stressed the importance of effectively harnessing AI technology to combat cyber threats while preventing misuse.
Minister Borg also criticised the Russian Federation for its malicious cyber activities, particularly in the context of its invasion of Ukraine, highlighting the risks posed to critical infrastructure and essential services. He called for Russia to cease its aggression, underscoring the broader implications for global security and stability. He concluded by emphasising the necessity for enhanced cybersecurity measures and international cooperation to address the evolving nature of cyber threats in today’s interconnected world.
France is preparing for inevitable cyberattacks on the Paris Olympics, according to Prime Minister Gabriel Attal. The country is committed to minimising their impact. Attal emphasised the importance of limiting the damage during a press conference at the headquarters of ANSSI, France’s cybersecurity agency.
The outage had a direct impact on some operations of the Paris Olympics organisers. In response, France has heightened its cybersecurity measures to ensure the event proceeds smoothly despite the anticipated attacks.
Preparations are in full swing to safeguard the Olympics. The focus is on maintaining essential services and ensuring the safety and security of all participants and spectators.
Sam Altman, co-founder and CEO of OpenAI, raises a critical question: ‘Who will control the future of AI?’. He frames it as a choice between a democratic vision, led by the US and its allies to disseminate AI benefits widely, and an authoritarian one, led by nations like Russia and China, aiming to consolidate power through AI. Altman underscores the urgency of this decision, given the rapid advancements in AI technology and the high stakes involved.
Altman warns that while the United States currently leads in AI development, this advantage is precarious due to substantial investments by authoritarian governments. He highlights the risks if these regimes take the lead, such as restricted AI benefits, enhanced surveillance, and advanced cyber weapons. To prevent this, Altman proposes a four-pronged strategy – robust security measures to protect intellectual property, significant investments in physical and human infrastructure, a coherent commercial diplomacy policy, and establishing international norms and safety protocols.
He emphasises proactive collaboration between the US government and the private sector to implement these measures swiftly. Altman believes that proactive efforts today in security, infrastructure, talent development, and global governance can secure a competitive advantage and broad societal benefits. Ultimately, Altman advocates for a democratic vision for AI, underpinned by strategic, timely, and globally inclusive actions to maximise the technology’s benefits while minimising risks.
