Global IT outage report released, and other cybersecurity news to know this month
The global IT outage affected millions of Windows users. Image: REUTERS/Mike Segar
- This regular round-up brings you key cybersecurity stories from the past month.
- Top cybersecurity news: Global IT outage analysis released; US infrastructure vulnerable to cyber attacks; Men still dominate UK cyber industry, says LinkedIn.
- The World Economic Forum’s Centre for Cybersecurity provides an independent and impartial platform to reinforce the importance of cybersecurity as a strategic imperative and drive global public-private action to address systemic cybersecurity challenges.
1. CrowdStrike releases root cause analysis of outage
Following July's global IT outage, which affected millions of Windows users, CrowdStrike has released a root cause analysis of the "Channel File 291" incident, explaining the software update crash.
Summarizing this update to a preliminary post-incident report, Security Week said: "The new CrowdStrike root cause analysis documents a combination of factors that caused the Falcon EDR sensor crash – a mismatch between inputs validated by a Content Validator and those provided to a Content Interpreter, an out-of-bounds read issue in the Content Interpreter, and the absence of a specific test – and a vow to work with Microsoft on secure and reliable access to the Windows kernel."
In the analysis document, CrowdStrike confirmed its commitment "to working directly with Microsoft on an ongoing basis as Windows continues to add more support for security product needs in userspace”.
2. US infrastructure vulnerable to cyberattacks, experts warn
Hundreds of digital systems controlling US infrastructure are vulnerable to cyberattacks, according to research by cybersecurity firm Censys, shared with Bloomberg News.
Over 430 industrial software controls were found to be accessible online, with more than half lacking authentication protections. Lead researcher Emily Austin stated, "There’s no password. They are quite literally sitting on the public internet for anybody who happens to find them to come and manipulate them as they will."
These 'human machine interfaces' control systems like dams, water pumps and oil wells, and hackers could disrupt supply or production by exploiting these vulnerabilities, warns Censys CEO Brad Brooks.
There’s no evidence of widespread hijacking, but "hackers have manipulated them", Bloomberg reports.
The US Environmental Protection Agency has contacted operators of vulnerable water systems to improve cybersecurity practices after Censys identified around 18,000 exposed systems across the US.
How is the Forum tackling global cybersecurity challenges?
3. News in brief: Top cybersecurity stories this month
The UK's cybersecurity industry remains male-dominated, with women comprising just 17.9% of the sector in May 2024, according to LinkedIn's Economic Graph team.
Enterprises are grappling with cybersecurity 'tool sprawl', managing ever-increasing numbers of products to protect their infrastructure, according to a new report from SiliconANGLE. This complex landscape is expected to grow, it says, citing a 2024 survey which found that 51% of respondents planned to increase their security providers over the next year.
The US, UK and South Korea have warned in a joint advisory of a global cyber espionage campaign by North Korean hackers to steal military secrets for Pyongyang's banned nuclear weapons programme, Reuters reports.
Eurozone banks have "room for improvement" in their cybersecurity, particularly in post-hack recovery plans, according to the European Central Bank (ECB). Following its first cyber-risk stress test in July, the ECB reviewed 109 banks' responses to cyberattacks and issued recommendations for improving emergency procedures and recovery.
A "global stop-payment mechanism" developed by INTERPOL has facilitated the largest-ever recovery of funds from a business email compromise scam, with $41 million reclaimed for a Singapore-based commodity firm, according to The Hacker News.
5. More about cybersecurity on Agenda
Cybersecurity risk presents opportunities for SMEs if they approach it as a strategic business issue rather than merely a technical one, making informed decisions accordingly, explains Akhilesh Tuteja, Global Cyber Security Leader, KPMG.
The proposed Spacecraft Cybersecurity Act aims to enhance NASA's mission protection by integrating cybersecurity from the design phase, addressing gaps in current protections that only cover operational spacecraft. Learn more about how the US could set a global benchmark for space mission security.
More on CybersecuritySee all
Kate Whiting
December 12, 2024