CyberWire Daily - Cyberattack leaves dealerships feeling stuck in neutral.
Episode Date: June 20, 2024Over 15,000 car dealerships hit the brakes after a software supplier cyber incident. The EU’s Chat Control gets put on hold. A hacker leaks contact details of over 33,000 Accenture employees. A majo...r forklift manufacturer shuts down operations in the wake of a ransomware attack. IntelBroker claims to have leaked source code from Apple. An investigation questions the ethics of AI firm Perplexity. A radiology practice notifies over half a million people of a data breach. Federal contractors pay millions in fines for inadequate cyber security during the COVID-19 pandemic. Stolen files from the Kansas City Police department are posted online. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey. Remembering the work of MIT’s Arvind. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. With all eight domains wrapped up, Sam and Joe pivot to the homestretch of Joe's studies. With the test about two weeks away, Joe discusses his approach to retaining the information and filling any remaining knowledge gaps. Selected Reading Car Dealerships Across US Halt Services After Cyberattack (Bloomberg) Car Dealers Are Idle Across the US After Second Cyberattack  (Bloomberg) EU Council has withdrawn the vote on Chat Control (Stack Diary) Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breach (HackRead) Crown Equipment confirms a cyberattack disrupted manufacturing (Bleeping Computer) Threat actor claims to have breached Apple, allegedly stealing source code of several internal tools (9to5Mac) Perplexity Is a Bullshit Machine (WIRED) Radiology Practice Hack Affects Sensitive Data of 512,000 (GovInfo Security) Federal contractors pay multimillion-dollar settlements over cybersecurity lapses (The Record) BlackSuit ransomware publishes Kansas City, Kansas, police files (StateScoop) Arvind, longtime MIT professor and prolific computer scientist, dies at 77 (MIT)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. of you, I was concerned about my data being sold by data brokers. So I decided to try Delete.me.
I have to say, Delete.me is a game changer. Within days of signing up, they started removing my
personal information from hundreds of data brokers. I finally have peace of mind knowing
my data privacy is protected. Delete.me's team does all the work for you with detailed reports
so you know exactly what's been done. Take control of your data and keep your private life Thank you. JoinDeleteMe.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to JoinDeleteMe.com slash N2K and enter code N2K at checkout.
That's JoinDeleteMe.com slash N2K, code N2K. Over 15,000 car dealerships hit the brakes after a software supplier cyber incident.
The EU's chat control gets put on hold.
A hacker leaks contact details of over 33,000 Accenture employees.
A hacker leaks contact details of over 33,000 Accenture employees.
A major forklift manufacturer shuts down operations in the wake of a ransomware attack.
Intel broker claims to have leaked source code from Apple.
An investigation questions the ethics of AI firm Perplexity.
A radiology practice notifies over half a million people of a data breach.
Federal contractors pay millions in fines for inadequate cybersecurity during the COVID-19 pandemic.
Stolen files from the Kansas City Police Department are posted online.
In our Learning Layer segment,
Sam Meisenberg and Joe Kerrigan continue their discussion
of Joe's ISC-2 CISPI certification journey
and remembering the work of MIT's Arvind.
It's Thursday, June 20th, 2024. I'm Dave Bittner,. It is great to have you with us.
If you were hoping to purchase a car in the U.S. over the Juneteenth holiday, you may have found yourself disappointed.
A cyber incident at CDK Global, a major software provider for car dealerships,
halted operations at thousands of dealerships across the U.S. on a busy holiday Wednesday.
CDK shut down systems and consulted with experts to address the issue.
Core products have been
restored, but many applications remain offline. The outage started around 2 a.m. Eastern Time,
leaving dealerships unable to perform routine tasks, from scheduling appointments to accessing
customer records. Some dealerships resorted to paper records. CDK has not disclosed the cause of the outage.
Restoration efforts are ongoing, with some functions back online but not fully operational.
The EU Council has withdrawn the vote on Belgium's chat control plan due to a lack of majority support.
due to a lack of majority support.
Belgium's draft law aimed to monitor all chat messages,
including those on end-to-end encrypted services,
to detect abusive material.
Critics argue this could generate false positives and compromise privacy.
With Belgium unable to gain support,
the proposal is postponed indefinitely.
Hungary will take over the council presidency in July
and intends to advance negotiations. Privacy advocates, including Signals President Meredith
Whitaker and NSA whistleblower Edward Snowden, have condemned the plan as mass surveillance.
The legislative process will continue after the summer, with intense debates expected.
A hacker named 888 has leaked contact details of 33,000 current and former Accenture employees
obtained through a third-party breach. The data, posted on breach forums,
includes full names and email addresses, but no passwords. Accenture, the global IT and consulting firm
based in Dublin, operates in over 120 countries. Hackread.com confirmed the authenticity of the
leaked information. 888 is known for previous leaks involving major corporations. Accenture
employees are advised to be vigilant against phishing and identity theft scams.
A ransomware attack on June 9th shut down Crown Equipment Corporation,
the world's fifth-largest forklift manufacturer,
halting production and leaving most of its 19,100 employees out of work.
Crown, based in New Bremen, Ohio, has advised employees to file for
unemployment or take vacation time. The company's website and phone systems are down, and employees
have not been paid since June 10th. Poor communication has led to a PR crisis, with
employees voicing complaints on social media. The attack reportedly involved a hacker installing a fake VPN
and creating a privileged account.
The hacker is demanding a $25 million ransom,
and the FBI is investigating.
Notorious hacker Intel Broker,
responsible for previous high-profile breaches,
has allegedly leaked source code for several of Apple's
internal tools on a dark web forum. Intel broker claims the June 2024 breach of Apple.com exposed
tools, including Apple Connect SSO, an employee authentication system, and two other lesser-known
tools. Apple Connect SSO is crucial for employee access to internal systems akin to
an Apple ID. The breach appears to affect only internal systems, not customer data.
Intel Broker, known for targeting major organizations like AMD, Zscaler, and AT&T,
has posted this information on breach forums. The authenticity of the data is uncertain,
but Intel Brokers' reputation lends credibility. The FBI is reportedly investigating the incident.
Perplexity, an AI search startup backed by investors like Jeff Bezos' family fund and
NVIDIA, faces criticism for scraping websites without permission.
Despite its claims of transparency, investigations by Wired and developer Rob Knight revealed that
Perplexity often ignores the robot's exclusion protocol, accessing content from websites that
have blocked its crawler. This includes thousands of unauthorized visits to Conde Nast sites.
Perplexity's chatbot can summarize articles and generate text based on this scraped data,
but like all AI chatbots, sometimes inaccurately and without proper attribution.
The startup's practice of using unpublicized IP addresses to evade detection
has raised significant ethical concerns.
These revelations question the integrity of Perplexity's methods and the reliability of its AI-generated content.
practice Consulting Radiologists Limited is notifying over half a million individuals of a data breach that exposed sensitive information earlier this year. The breach, detected on
February 12, involved unauthorized access to CRL's network, compromising names, birthdates,
addresses, health insurance information, and medical data. Some patients' social security numbers and
driver's license numbers were also affected. CRL discovered the breach through unusual network
activity and confirmed the extent of the compromise by April 17. Despite no evidence of misuse,
CRL is offering 12 months of identity and credit monitoring. This incident is part of a series of major health data breaches
reported in recent months,
highlighting the vulnerability of radiology practices to cyber attacks.
Two federal contractors, Guidehouse Incorporated
and Nan McKay & Associates,
paid $11.3 million in penalties
for failing to properly test the cybersecurity
of a financial assistance system for low-income individuals in New York during the COVID-19
pandemic. The DOJ stated that the contractors violated the False Claims Act by misrepresenting
their service quality. GuideHouse paid $7.6 million and Nan McKay paid $3.7 million.
The system, launched in June of 2021, was shut down 12 hours later due to compromised applicant
data. GuideHouse admitted to using unauthorized third-party data storage. The settlement is part
of the Biden administration's cyber fraud initiative aimed at holding entities accountable for risking sensitive information.
The case began with a whistleblower from Guidehouse.
The ransomware group Black Suit published hundreds of stolen files from the Kansas City, Kansas Police Department after the department refused to pay a ransom.
police department after the department refused to pay a ransom. Brett Callow, a threat analyst,
noted that BlackSuit listed KCKPD on its leak site, releasing sensitive files dating back to 2016,
including drone pics, evidence room, and finance. BlackSuit claimed KCKPD voluntarily agreed to make their case files public.
Callow emphasized that paying ransom often doesn't guarantee data destruction,
as criminals frequently break promises.
He suspects Black Suit is a rebranding of the Royal Conti Group.
Similar ransomware attacks have targeted other law enforcement agencies,
such as Wichita County Mounted Patrol,
highlighting the risks of interconnectivity in law enforcement data systems. Coming up after the break on our Learning Layer
segment, Sam Meisenberg and Joe Kerrigan continue their discussion of Joe's ISC2
SISB certification journey. Stay with us. People trying to beat the winter blues. We could try hot yoga. Too sweaty.
We could go skating.
Too icy.
We could book a vacation.
Like somewhere hot.
Yeah, with pools.
And a spa.
And endless snacks.
Yes!
Yes!
Yes!
With savings of up to 40% on Transat South packages, it's easy to say, so long to winter.
Visit Transat.com or contact your Marlin travel professional for details.
Conditions apply. Air Transat.com or contact your Marlin travel professional for details. Conditions apply.
Air Transat. Travel moves us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection
across 30 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies,
access reviews, and reporting, and helps you get security questionnaires done five times faster
with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now a message from Black Cloak. Did you know the easiest way for cyber criminals to bypass your company's
defenses is by targeting your executives and their families at home? Black Cloak's award-winning
digital executive protection platform secures their personal devices, home networks, and connected
lives. Because when executives are compromised at home, your company is at risk. In fact, over one-third of new members discover
they've already been breached. Protect your executives and their families 24-7, 365,
with Black Cloak. Learn more at blackcloak.io.
On today's Learning Layer segment,
host Sam Meisenberg is joined by my Hacking Humans co-host Joe Kerrigan as they continue their discussion of Joe's ISC2 CISPI certification journey. Welcome back to the Learning Layer segment.
We are continuing our conversation with Joe Kerrigan
as he gets ready for his CISSP exam.
Joe?
Yeah?
Hi. We finished Yeah? Hi.
We finished Domain 8.
Finished Domain 8.
Which, 8 of 8.
That's correct.
They're all done now.
So, now you have the exam scheduled, so we're, you know, maybe about two weeks away.
Right.
I guess the big question is, what to do next?
How are you going to fill those two weeks?
So, before I offer my...
I'm going to watch TV and play video games.
Exactly.
Before I offer some ideas based on my experience of working with a lot of students and seeing what's worked,
why don't you tell me your plan?
What are you thinking?
So what I've started doing already is I've been leveraging the QBank in the tool.
QBank in the tool. And I have identified that there are two domains where I need to go back in and do a little more boning up, if you will. Okay. Now, before we get there, though, I'm curious,
how did you use the QBank to find that out? Did you do questions across all eight domains,
or did you go domain by domain and create smaller quizzes? I started by going, I did a all eight domain quiz, and I got a 70 on that. How many
questions? It was 40 questions. Okay. I got a 70 on that, and I was like, well, and I looked through,
and it seemed like every time that I got an answer wrong, it was coming from one of these two domains.
Either domain three, which is security architecture and engineering,
which has a lot of different memorization about different models that, frankly, were new to me.
And then security operations, domain seven, which I'm not sure why that one is presenting a problem, but it is.
So the next thing I did was I took a test
just on those two domains. Okay. Just a quick 20 question test on those two domains. Was this
after you had studied some content or after you took the original 40 question quiz, you took
basically another one? I took another one right after the original 40 question quiz. Okay. Because
I wanted to see if this was correct. And the shocking thing was, yeah, I got a 50% on that quiz.
I was like, hmm.
How many questions?
So this was only 20 questions.
Okay.
So then just to make sure that that's what I did,
I took the other six domains in the quiz.
Okay.
And got 80% on that.
Okay.
So I'm like, all right, I think I have clearly identified two weak spots in my knowledge.
That's where I'm going to focus on for
the next couple of days. And then I'm going to get these domains up into, you know, up to a higher
knowledge level, higher retention level, then take another test. And then I will take the
computer adaptive test and continue to study for the exam over the course of the next
week and a half or so. Great. So if I could say this back to you and also just comment on one
thing I think you did really well, the home stretch, you know, this 10 days, whatever it is,
two weeks, that is for shoring up any weak areas. So step one, as you did, is identify where you need to study.
Right.
And the flow or the structure should be
start with your weaknesses
because it gives you time now.
You're not panicking
because you're not a couple days away from the exam.
You're not cramming.
You take the time you need
to actually learn the information.
And then when you get closer to exam day,
you can re-up or re-sure the strengths. And that's important. And I like
that order because it's going to help you walk into test day with confidence. If you sure up on
the strengths right before, that is a nice reminder, even the psychological that, oh, I know my stuff.
I know this, which is what you need to do to execute well on test day. So I like the flow.
Start with the weaknesses, spend as much time as you need there,
end with the strengths.
Excellent.
Well, that's what I'm doing, Sam.
Excellent.
I have one other idea that you could do.
And again, I don't want to disrupt your flow.
It sounds like it's working.
I would love to hear the other idea.
So at some point too, you need to like zoom out a little bit.
So we've talked about this concept of like
the CISPI especially is, it's a tough exam because it's both about the individual trees,
but it's also about the forest. And I really do think most of the questions are kind of the
forest level questions. So what I mean by that is I think you need to get a higher level understanding of each of the domains and try to understand how they all fit together, right?
And the course comes with domain review videos.
So those are maybe half hour per domain.
Yep.
And they are basically just the most important testable stuff within the domain.
So that's kind of one nice way to summarize all the most
important content. So that's one option. I haven't looked at those yet, but I have seen them.
There you go. And I planned on watching them, yes. Great. The other thing that's a good,
helpful zoom out is at the end of the textbook, I think they're called like chapter summaries or
something. Right. And it's just a list. It's literally just a list of like all the most
important stuff from each of the chapters, which, you know, put all of them together
and correspond to the eight domains.
My point is, something you could do
is just watch the domain summary videos.
Anything that you don't know,
that's a helpful thing to say,
oh, I need to go and study this.
Read the chapter summaries.
Huh, this is weird. I haven't
heard of this and it's really important. Let me go study that. And I kind of like those a little
bit better because you're not necessarily using questions to get that data about yourself. You're
using like most of a gut feel. It's like, do I know this or not? And in some weird ways, that can be
as useful as doing questions.
Cool.
Well, I'll do all those things.
Because I want to pass this test on the first time I take it.
You will.
I'm not worried about it.
Okay.
I've seen all the work you've been putting in over all this time.
I know the background.
I know what you got on your diagnostic.
I know your scores. So if I were a betting man, I'd put a lot of money on you passing. Awesome. Well, good luck on the homestretch. We'll talk
next week and we'll actually dive a little bit more into the cat and I'll get you prepared for
the practice test and then obviously the real thing in a couple weeks.
That's Sam Meisenberg joined by Joe Kerrigan. Thank you. fault-deny approach can keep your company safe and compliant. And finally, Arvind Mittal, the esteemed professor at MIT, passed away on June 17th at the age of 77.
passed away on June 17th at the age of 77.
Known simply as Arvind, he was a cherished member of the MIT community,
inspiring many with his brilliance and zest for life.
Arvind's pioneering research in data flow computing and parallel processing left an indelible mark on the field.
His work not only improved computational efficiency,
but also revolutionized digital
hardware design. Arvind's legacy includes developing influential tools and languages
like ID, PH, and BlueSpec, and founding companies such as Sandburst and BlueSpec Incorporated.
Throughout his nearly five-decade tenure at MIT, Arvind was a dedicated mentor and leader, deeply committed
to academic excellence. His infectious positivity, party laugh, and unwavering generosity brightened
the lives of colleagues and students alike. Arvind's influence extended beyond MIT, advising
governments and universities worldwide. His accolades included membership in the National Academy of Engineering
and the American Academy of Arts and Sciences.
Arvind believed in the joy of discovery,
emphasizing that true scientific pursuit comes from a passion for knowledge.
He is survived by his wife, two sons, and two grandchildren.
Arvind's legacy of kindness, wisdom, and groundbreaking research
will be fondly remembered by all who had the privilege of knowing him.
And that's The Cyber Wire. For links to all of today's stories, check out our daily briefing
at thecyberwire.com.
We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that
keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show,
please share a rating and review in your favorite podcast app. Please also fill out the survey in
the show notes or send an email to cyberwire at n2k.com.
We're privileged that N2K's Cyber Wire is part of the daily routine of the most influential leaders and operators in the public and private sector,
from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people.
We make you smarter about your teams while making your teams smarter.
Learn how at n2k.com.
This episode was produced by Liz Stokes.
Our mixer is Trey Hester with original music and sound design by Elliot Peltzman.
Our executive producer is Jennifer Iben.
Our executive editor is Brandon Karp.
Simone Petrella is our president.
Peter Kilpie is our publisher.
And I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow. Thank you. solutions that are not only ambitious, but also practical and adaptable. That's where Domo's AI
and data products platform comes in. With Domo, you can channel AI and data into innovative uses
that deliver measurable impact. Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy. Learn more at ai.domo.com. That's ai.domo.com.