A recent outage has cost Air France KLM around €10 million, according to Chief Financial Officer Steven Zaat. The disruption primarily affected KLM and Transavia, with Air France experiencing minimal impact. The issue originated from a software update by cybersecurity firm CrowdStrike, causing widespread problems, including grounded flights and service interruptions across various sectors.
Air France KLM is among the first airlines to quantify the financial impact of the outage. Zaat detailed that the majority of the disruptions impacted KLM and Transavia, leading to significant operational challenges.
The technology glitch, which occurred last Friday, also disrupted broadcasters and left customers without access to essential services such as healthcare and banking. Delta Air Lines has been the most affected U.S. carrier, cancelling over 6,000 flights since the incident, with potential losses estimated in the hundreds of millions of dollars.
The financial implications of the outage underscore the vulnerability of airlines and other industries to technological disruptions, highlighting the importance of robust cybersecurity measures.
Meta’s Oversight Board has criticised the company’s rules on sexually explicit AI-generated depictions of real people, stating they are ‘not sufficiently clear.’ That follows the board’s review of two pornographic deepfakes of famous women posted on Meta’s Facebook and Instagram platforms. The board found that both images violated Meta’s policy against ‘derogatory sexualised photoshop,’ which is considered bullying and harassment and should have been promptly removed.
In one case involving an Indian public figure, Meta failed to act on a user report within 48 hours, leading to an automatic ticket closure. The image was only removed after the board intervened. In contrast, Meta’s systems automatically took down the image of an American celebrity. The board recommended that Meta clarify its rules to cover a broader range of editing techniques, including generative AI. It criticised the company for not adding the Indian woman’s image to a database for automatic removals.
Meta has stated it will review the board’s recommendations and update its policies accordingly. The board emphasised the importance of removing harmful content to protect those impacted, noting that many victims of deepfake intimate images are not public figures and struggle to manage the spread of non-consensual depictions.
The US Senate has unanimously passed the DEFIANCE Act, allowing victims of nonconsensual intimate images created by AI, known as deepfakes, to sue their creators for damages. The bill enables victims to pursue civil remedies against those who produced or distributed sexually explicit deepfakes with malicious intent. Victims identifiable in these deepfakes can receive up to $150,000 in damages and up to $250,000 if linked to sexual assault, stalking, or harassment.
The legislative move follows high-profile incidents, such as AI-generated explicit images of Taylor Swift appearing on social media and similar cases affecting high school girls across the country. Senate Majority Leader Chuck Schumer emphasised the widespread impact of malicious deepfakes, highlighting the urgent need for protective measures.
Schumer described the DEFIANCE Act as part of broader efforts to implement AI safeguards to prevent significant harm. He called on the House to pass the bill, which has a companion bill awaiting consideration. Schumer assured victims that the government is committed to addressing the issue and protecting individuals from the abuses of AI technology.
Meta Platforms announced on Wednesday that it had removed approximately 63,000 Instagram accounts in Nigeria involved in financial sexual extortion scams, primarily targeting adult men in the United States. These Nigerian fraudsters, often called ‘Yahoo boys,’ are infamous for various scams, including posing as individuals in financial distress or as Nigerian princes.
In addition to the Instagram accounts, Meta also took down 7,200 Facebook accounts, pages, and groups that provided tips on how to scam people. Among the removed accounts, around 2,500 were part of a coordinated network linked to about 20 individuals. These scammers used fake accounts to conceal their identities and engage in sextortion, threatening victims with the release of compromising photos unless they paid a ransom.
Meta’s investigation revealed that most of the scammers’ attempts were unsuccessful. While adult men were the primary targets, there were also attempts against minors, which Meta reported to the National Centre for Missing and Exploited Children in the US. The company employed new technical measures to identify and combat sextortion activities.
Online scams have increased in Nigeria, where economic hardships have led many to engage in fraudulent activities from various settings, including university dormitories and affluent neighbourhoods. Meta noted that some of the removed accounts were not only participating in scams but also sharing guides, scripts, and photos to assist others in creating fake accounts for similar fraudulent purposes.
Leaders of Fortune 500 companies developing AI applications face a potential nightmare: hackers tricking AI into revealing sensitive data. Zurich-based startup Lakera has raised $20 million to address this issue. The funding round, led by Atomico with participation from Citi Ventures and Dropbox Ventures, brings Lakera’s total funding to $30 million. Lakera’s platform, used by companies like Dropbox and Citi, allows businesses to set guardrails for generative AI, protecting against prompt injection attacks.
Lakera CEO David Haber highlighted the importance of safety and security as companies integrate generative AI into critical functions. Existing security teams encounter new challenges in securing these applications. Lakera’s platform, built on internal AI models, ensures that generative AI applications do not take unintended actions. Customers can specify the context and policies for AI responses, preventing the disclosure of sensitive information.
A unique advantage for Lakera is Gandalf, an online AI security game used by millions, including Microsoft. The game generates a real-time database of AI threats, keeping Lakera’s software updated with thousands of new attacks daily. That helps in maintaining robust security measures for their clients.
Lakera competes in the generative AI security landscape with startups like HackerOne and BugCrowd. Matt Carbonara of Citi Ventures praised Lakera’s focus on prompt injection attacks and its team’s capability to build the necessary countermeasures for new attack surfaces.
CrowdStrike has issued a preliminary review of the recent issue affecting its Falcon sensor and Windows operating system. On July 19, 2024, a problematic update to CrowdStrike’s Rapid Response Content led to a system crash on Windows machines running sensor version 7.11 and above. The update was designed to gather telemetry on new threats but inadvertently caused an out-of-bounds memory read, resulting in a Windows blue screen error.
The faulty update was quickly reverted within an hour of deployment, and systems online after the fix were not affected. The issue was traced back to a bug in the Content Validator, which allowed problematic content to pass validation. CrowdStrike is now taking steps to improve its testing and validation processes to prevent similar issues in the future. That includes enhancing error handling, adding more validation checks, and implementing a staggered deployment strategy for updates.
Update: Our preliminary Post Incident Review (PIR) is available at the link below. Details include the incident overview, remediation actions, and preliminary learnings. More to come in our full Root Cause Analysis (RCA).
Automated recovery techniques, coupled with strategic…
CrowdStrike will release a detailed Root Cause Analysis later, and the impacted channel file has been deprecated to prevent further disruptions. The company is also improving its monitoring and providing customers with better control over update deployments.
Malaysia is urging social media platforms to strengthen their efforts in combating cybercrimes, including scams, cyberbullying, and child pornography. The government has seen a significant rise in harmful online content and has called on companies like Meta and TikTok to enhance their monitoring and enforcement practices.
In the first quarter of 2024 alone, Malaysia reported 51,638 cases of harmful content referred to social media platforms, surpassing the 42,904 cases from the entire previous year. Communications Minister Fahmi Fadzil noted that some platforms are more cooperative than others, with Meta showing the highest compliance rates—85% for Facebook, 88% for Instagram, and 79% for WhatsApp. TikTok followed with a 76% compliance rate, while Telegram and X had lower rates.
The government has directed social media firms to address these issues more effectively, but it is up to the platforms to remove content that violates their community guidelines. Malaysia’s communications regulator continues highlighting problematic content to these firms, aiming to curb harmful online activity.
Malaysia’s digital minister has urged Microsoft and CrowdStrike to consider compensating companies affected by last week’s global tech outage. The disruption, caused by a faulty update to CrowdStrike’s security software, impacted computers running Microsoft’s Windows operating system, affecting internet services worldwide and various industries.
In Malaysia, five government agencies and nine aviation, banking, and healthcare companies were affected. Minister Gobind Singh Deo has requested a full report from Microsoft and CrowdStrike on the incident and asked them to implement measures to prevent future outages. He also emphasised the need for the companies to consider compensation claims from affected parties, with the government ready to assist where possible.
The total amount of losses has yet to be determined. Tony Fernandes, CEO of Malaysia’s Capital A, which operates AirAsia, highlighted the significant impact on airlines and other businesses, calling for appropriate compensation from the tech firms responsible.
A global system failure on 19 July 2024, caused by a CrowdStrike Windows update, left gate screens blue and blank at airports worldwide. The update resulted in failures with Windows servers, virtual machines, and end point systems, affecting 8.5 million devices. Experts believe the update may have skipped quality checks, leading to widespread ‘blue screens of death’ and inoperable systems.
Organisations have struggled to restore operations, with Gartner releasing guidelines for immediate and long-term measures. Security teams are advised to be vigilant for opportunistic attacks, such as phishing and ransomware, as hackers exploit the chaos. The incident underscores the importance of resilience in the face of interconnected system vulnerabilities.
Chris Morales of Netenrich warned of potential phishing attacks, credential stuffing, and brute-force breaches during the outage. Gartner also highlighted the need to manage employee burnout as help desk staff face increased workloads. Ensuring temporary measures are properly decommissioned will be crucial to avoid further issues.
Long-term recommendations include focusing on resilience through redundant systems, continuous data backup, and comprehensive supply chain oversight. Jenna Wells of Supply Wisdom emphasised the importance of proactive business continuity plans to mitigate future incidents, stating that it’s not a matter of if but when an event will occur.
A congressional committee requested the CEO of the security company CrowdStrike, responsible for Friday’s widespread computer outage, to testify, intensifying legislative examination of the event. The House Homeland Security Committee’s Republican leaders have requested that CrowdStrike CEO George Kurtz testify on Capitol Hill by Wednesday to explain the causes of the outages and the mitigation measures being implemented.
Kurtz previously confirmed that a defective content update for Windows users caused the outages, impacting businesses and government organisations globally. Microsoft estimates that 8.5 million Windows devices were affected. Microsoft spokeswoman Kate Frischmann stated that the outages’ impact was due to CrowdStrike’s reach, not Microsoft’s. Security companies often have significant access within Windows to block attacks effectively, but this can also lead to negative escalation of issues when errors occur. Microsoft also highlighted how it must grant these companies such access due to a 2009 agreement with European antitrust authorities whereby Microsoft has to offer security companies the same powers it does to its own security products.
Why does it matter?
The global IT outage underscores the significant reliance on a limited number of software services, raising national security concerns and the lawmakers underscore the importance of learning from this event to safeguard critical infrastructure. CrowdStrike’s role in identifying malicious activities potentially also highlights the risk of international adversaries exploiting such vulnerabilities. As noted by FTC Chair Lina Khan, the incident has brought attention to the dependence on Microsoft products and the inherent fragility of concentrated systems.
