Pokie Huang:

From Sourced Network Production in New York city. “It’s 5:05”. I’m Pokie Huang. Today is Friday, July 14th. Here is the full story behind today’s cyber security and open source headlines.

Edwin Kwan: 

This is Edwin Kwan from Sydney, Australia. 

Early this week, critical infrastructure service provider Ventia took some of its key systems offline to contain a cyber incident. The company provides management, maintenance and operation services for critical infrastructure to more than 400 sites across defense, electricity, water, and gas industries in Australia and New Zealand.

The company did not provide details and only said that it has engaged external cybersecurity experts and is actively working with regulators and law enforcement. They recently announced that they are confident that the cyber incident has been contained, that key internal systems have been safely reenable, and additional key external facing networks are being progressively restored.

Olimpiu Pop: 

20,400 people die worldwide each day because of cancer. Hopefully, you don’t know anybody touched by it, but I know it well. This curse is heavy and painful for patients, for their families. Who would want to hinder them in any way? 

THT – TimișoaraHackerTeam. A somewhat obscure ransom group recently disrupted operations of a US cancer center, potentially putting patient data at risk. The group is believed to be behind several major healthcare cyber attacks. Notably, they are suspected to have been involved in a significant disruption at Israel’s Hillel Yaffe Medical Center, a central serving half a million residents. 

They usually target medium to large servers in healthcare organizations exploiting known vulnerabilities in VPNs to gain initial access. Post infiltration, they move laterally within the network causing widespread disruption and damage. The group utilizes a “living off the land” strategy, exploiting existing legitimate system tools such as Microsoft BitLocker and Jetico’s BestCrypt to avoid detection by typical security measures. 

As painful as it is to say it out loud, these guys might be Romanians. Timișoara is one of the major cities of Romania. The place where the fall of communists started for us.

 Suggested links between THT and known Chinese malware groups like DeepBlueMagic and APT41 are odd. Both groups are infamous for targeting healthcare organizations. However, the nature of these links are currently unknown.

More details including a full report about the attack can be found in the resources sections of 505updates.com 

Olimpiu Pop reporting from Transylvania, Romania.

Katy Craig: 

A breach of Microsoft-hosted US government email servers by a Chinese hacking group was detected and fixed ” fairly rapidly,” according to National Security Advisor, Jake Sullivan. The group, known as Storm-0558, was caught forging digital authentication tokens to access federal government email servers hosted on Microsoft’s Outlook platform.

This is Katy Craig in San Diego, California. 

Microsoft disclosed that the breach was detected on June 16th, with the hackers believed to have gained access around May 15th. However, Sullivan downplayed the incident stating that it was remedied quickly, and further breaches were prevented. The matter is still under investigation.

While the US government has not formally identified the source of the hack, officials are aware of Microsoft’s announcement pointing to the Chinese group. The State Department took immediate steps to secure its systems and notify Microsoft of the event after detecting anomalous activity. 

US officials have been increasingly warning about the threats posed by Chinese hackers to American business and government. Last year, FBI Director, Christopher Wray, highlighted Beijing’s intent to exploit cyber vulnerabilities for its advantage. 

The investigation into the breach is ongoing and the US government has yet to make a formal response to the cyber attack accusations. 

This is Katy Craig, stay safe out there. 

Hillary Coover: 

Hi, this is Hillary Coover reporting from Washington, DC. 

The Wall Street Journal reports that as AI tools become more accessible, we’ll see a disturbing trend of fake news and what they call “AI junk” flooding the internet. And let me tell you, this has some serious implications for spreading misinformation and all of the risks that come with that.

The accessibility of AI technology has led to a surge in fake news websites using AI to generate content for monetary gain. It doesn’t stop there. There are also concerns about AI being used for political disinformation and targeted hacking attempts. 

The YouTube community is capitalizing on OpenAI’s ChatGPT by sharing videos on how to make money from AI-generated content. But let’s be honest, many of these schemes are very sketchy. 

In response, Google is taking a stand against spam and manipulation in their search results, including content generated by AI. They really want to ensure that their users get reliable and trustworthy information. But here’s the thing, the more AI-generated content we see, the greater the risk of what experts call “model collapse.” This means that our beloved language models become less useful, and that’s not good for anyone. 

The consequences of misinformation are huge. Trust in institutions takes a hit, society becomes more divided, and political manipulation runs rampant. And let’s not forget about the damage it can do to company reputations and valuations. 

That’s why it’s crucial to step up our game. As AI tools become even more accessible, we need to educate ourselves on source vetting and other ways to fight misinformation. It’s time to take action and ensure a more reliable and trustworthy information landscape.

Pokie Huang:

That’s our updates for today, July 14th. I’m Pokie Huang. We’ll be back next Monday… at 5:05.