Cyber Intelligence Weekly

Cyber Intelligence Weekly (June 9, 2024): Our Take on Three Things You Need to Know

Welcome to our weekly newsletter where we share some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the future of cybersecurity!

To receive these and other curated updates to your inbox on a regular basis, please sign up for our email list here: https://echeloncyber.com/ciw-subscribe

Before we get started on this week’s CIW, I’d like to highlight our team that will be at Drataverse 2024, this week in San Francisco!

🌟 Drataverse 2024: Chart Your Course 🌟

📅 Join us on Wednesday, June 12, at Pier 27 in San Francisco, CA for Drataverse! Discover the future of AI and compliance, GRC predictions, and gain insights to build a proactive GRC program.

🚀 We’re thrilled to have three of our top colleagues attending Drata's event: Paul Interval, Director of vCISO Services; Launa (Forehand) Rich, Client Solutions Manager; and Greg DeLeonardis, Client Solutions Manager.

Don't miss Paul's panel, "Governance, Risk, and Compliance in an AI World," from 1:15 pm to 1:45 pm in Breakout Room 1, Floor 2. 🎟️ Secure your spot now and chart your course to success. https://lnkd.in/eQyJwVDR

Away we go!

1. Recall Feature Rollback: Microsoft Responds to Security Criticism

Microsoft is scaling back its ambitious Recall feature after significant backlash over security concerns. Initially intended as a tool to enhance memory recall on devices using AI, the feature faced criticism for its potential privacy risks. Recall was designed to silently record a screenshot every five seconds, capturing user activity and storing it locally. However, this raised alarms within the cybersecurity community, which viewed it as a major vulnerability.

Responding to the criticism, Microsoft announced on Friday that Recall will now be an opt-in feature rather than being enabled by default on Copilot+ compatible Windows versions. This change is part of a broader effort to improve security, including requiring authentication through Microsoft's Hello function to access or enable Recall and ensuring that data remains encrypted until authenticated.

The initial implementation of Recall was seen as highly problematic. Critics argued that it could turn users' devices into a treasure trove for hackers, capturing sensitive data such as bank logins and passwords. Despite these changes, some experts, like Jake Williams of Hunter Strategy, remain concerned about the potential for abuse and legal risks associated with the feature, even in its revised form.

Microsoft's decision to scale back Recall comes amid a series of security incidents that have plagued the company. CEO Satya Nadella has emphasized the need to prioritize security in business decisions. However, the Recall rollout suggests a continuing struggle to balance innovation with robust security measures.

2. Ransomware Attack Cripples Major London Hospitals

Several major hospitals in London have been severely affected by a recent ransomware attack, leading to significant disruptions in medical services. The National Health Service (NHS) reported that the cyberattack targeted Synnovis, a company managing blood transfusions and other critical services. As a result, hospitals under King’s College and Guy’s and St. Thomas’ trusts had to cancel surgeries, postpone operations, and prioritize urgent blood testing cases.

Emergency services remained operational, but the attack caused widespread delays and cancellations of phlebotomy appointments. Mark Dollar, CEO of Synnovis, stated that the company is working diligently to assess the impact and minimize disruptions. The attack, believed to be orchestrated by the Russian cybercriminal group Qilin, has brought to light the significant cybersecurity vulnerabilities within the NHS.

A former British cybersecurity head, emphasized the seriousness of the ransomware, which completely halted essential medical processes. This incident underscores the ongoing risk of cyberattacks on healthcare systems, which often have outdated or vulnerable software. This attack follows a similar pattern seen in previous incidents, such as the 2017 WannaCry ransomware attack that disrupted services across numerous NHS trusts.

The British government has acknowledged the need for improved cybersecurity measures within the NHS. Efforts are being made to enhance security protocols, including blocking millions of malicious emails monthly and offering cybersecurity training. However, the recent attack highlights that much work remains to protect critical healthcare infrastructure from sophisticated cyber threats.

3. Apple Introduces New 'Passwords' App for Enhanced Security

Apple is set to introduce a new standalone password manager app called 'Passwords' as part of its upcoming software updates: iOS 18, iPadOS 18, and macOS 15. This announcement is expected at the Apple Worldwide Developers Conference. The new app aims to streamline and enhance password management for Apple users by leveraging the existing iCloud Keychain technology.

Currently, iCloud Keychain serves as Apple's built-in password management system, storing and generating passwords across devices. However, it's somewhat hidden in the settings, making it less accessible. The new Passwords app will bring these functionalities into a dedicated, user-friendly application, encouraging users to create strong, unique passwords for better security against data breaches.

The Passwords app will likely attract users from other popular password managers such as Bitwarden, LastPass, and 1Password. It is expected to offer features like importing credentials from other apps, categorizing passwords for WiFi networks, passkeys, and website accounts, and serving as a multi-factor authentication tool, potentially replacing apps like Google Authenticator and Authy.

LastPass has responded to Apple's move by emphasizing the importance of independence from any single vendor's operating system. They argue that users should have the freedom to access their applications and websites across different devices, operating systems, and browsers. Despite this, Apple's new app is poised to simplify password management for its ecosystem, making it more appealing for its users.

Thanks for reading!

About us: Echelon is a full-service cybersecurity consultancy that offers wholistic cybersecurity program building through vCISO or more specific solutions like penetration testing, red teaming, security engineering, cybersecurity compliance, and much more! Learn more about Echelon here: https://echeloncyber.com/about

Sign Up for Weekly Cyber Intelligence Delivered to Your Inbox

Sign up to get Cyber Intelligence Weekly in your inbox.