In today’s cybersecurity news…
Table of Contents
- In today’s cybersecurity news…
- CISA reauthorization
- Denmark and Norway investigating electric bus “kill switches”
- European Commission looking to simplify privacy laws for AI
- Cyberattacks disrupt European Radio Stations: RTC Noord and KISS-FM Targeted
- Attacks on RTC Noord and KISS-FM: A Closer Look
- The Rising Threat to Media Organizations
- Protecting Against Cyber Threats: Best practices
One of the impacts of the prolonged US government shutdown was the expiration of the 2015 Cybersecurity Information Sharing Act, or CISA, at the end of September. one provision in a deal to reopen the government,advancing through the Senate as of this recording,would reauthorize the law. However, this is only a temporary stay of execution, as that reauthorization would only go through January 30, 2026. The House Homeland Security Committee approved legislation in September that would extend CISA for the next decade. Two members of the Senate Homeland security Committee introduced a similar bill, but a vote on it was blocked by the Committee’s chair, Senator Rand Paul, during the shutdown.
(The Record)
Denmark and Norway investigating electric bus “kill switches”
Earlier this month, the Norwegian bus operator Ruter investigated the connected capabilities of two bus models, one from the Dutch manufacturer VDL and the other by the Chinese firm Yutong. It found that, because of how Yutong buses receive over-the-air updates, the company “has direct digital access to each individual bus.” The company said it put in stricter controls for new vehicle purchases and will collaborate with local authorities on “clear cybersecurity requirements.” Danish public transport provider Movia also said it is investigating its yutong buses for any issues. However, COO Jeppe Gaard clarified that this isn’t a “Chinese bus concern,” but rather something to account for with any connected vehicle. Yutong said all vehicle data in the region is stored in an EU-based AWS data centre “protected by storage encryption and access control measures.”
(NBC News, FT)
European Commission looking to simplify privacy laws for AI
Draft documents obtained by Politico show that as part of a “digital omnibus” package meant to simplify tech laws, the European Commission will make considerable changes to the General Data Protection Regulation, GDPR. the draft creates exemptions to allow AI companies to process protected categories of data for training and operating models. The changes would also redefine what constitutes personal data, allowing anonymized data to be excluded from the GDPR. The draft
Cyberattacks disrupt European Radio Stations: RTC Noord and KISS-FM Targeted
Recent cyberattacks have disrupted operations at two European radio stations, highlighting the growing vulnerability of media organizations to ransomware and other malicious cyber activity. On November 6th, both RTC Noord in the Netherlands and KISS-FM in Spain experienced notable disruptions, impacting their ability to broadcast and communicate effectively.These incidents underscore the need for robust cybersecurity measures within the broadcasting industry.
Attacks on RTC Noord and KISS-FM: A Closer Look
RTC Noord Disruption
Dutch regional broadcaster RTC Noord discovered its computer systems were inaccessible on November 6th. The attack forced the station to temporarily revert to playing music from CDs and LPs during its morning show, a move that garnered attention online. While some operations were restored in the days following the incident, communication within the RTV newsroom remained limited to platforms like WhatsApp, indicating significant damage to their internal communication systems. The nature of the attack on RTC Noord has not been publicly attributed to a specific group as of November 11, 2023.
KISS-FM Ransomware Attack
Simultaneously, Spanish radio station KISS-FM was targeted by the rhysida ransomware gang. The group claimed responsibility for the attack and demanded a ransom of $300,000.Ransomware attacks involve encrypting a victim’s data and demanding payment for its release, frequently enough threatening to leak sensitive information if the ransom isn’t paid. The Rhysida group has been active as early 2023 and is known for targeting organizations across various sectors. Security researchers at fortinet have documented the group’s tactics, techniques, and procedures (TTPs).
The Rising Threat to Media Organizations
These attacks are part of a broader trend of cyberattacks targeting media organizations. Radio stations, television networks, and news publishers are attractive targets for several reasons:
* Disruption of Information Flow: Attacks can disrupt the dissemination of news and information, possibly impacting public awareness during critical events.
* Reputational Damage: A successful attack can damage an institution’s reputation and erode public trust.
* Potential for Data Theft: Media organizations often possess sensitive data, including subscriber information and internal communications, which can be valuable to attackers.
* Financial Gain: Ransomware attacks offer a direct path to financial gain for cybercriminals.
Protecting Against Cyber Threats: Best practices
Media organizations can take several steps to mitigate the risk of cyberattacks:
* Regular Security Audits: Conduct regular assessments to identify vulnerabilities in systems and networks.
* Employee Training: Educate employees about phishing scams,malware,and other cyber threats.
* Strong Passwords and Multi-Factor Authentication: Implement strong password policies and require multi-factor authentication for all critical accounts.
* Data Backups: Regularly back up data to a secure, offsite location.
* Incident Response Plan: Develop and test an incident response plan to effectively respond to and recover from cyberattacks.
* Network Segmentation: Isolate critical systems and networks to limit the impact of a potential breach.
* Keep Software Updated: Regularly update software and firmware to patch security vulnerabilities.
Key Takeaways
* Two european radio stations, RTC Noord and KISS-FM, were hit by cyberattacks on November 6th.
* KISS-FM was targeted by the Rhysida ransomware gang, who demanded a $300,000 ransom.
* Media organizations are increasingly vulnerable to cyberattacks due to their role in information dissemination and the potential for data theft.
* Proactive cybersecurity measures are crucial for protecting against these threats.
The recent attacks on RTC Noord and KISS-FM serve as a stark reminder of the evolving cyber threat landscape.As media organizations increasingly rely on digital technologies, investing in robust cybersecurity measures is no longer optional – it’s essential for maintaining operational resilience and public trust. Continued vigilance and proactive security practices will be critical in mitigating the risk of future attacks.