CyberWire Daily: Cloudflare Outage, National Cyber Strategy, and AI Security Insights

Cloudflare Outage and System Failures

• 💥 Cloudflare experienced its worst outage in six years due to a routine database permissions change that led to a cascading failure.
• ⚠️ An oversized configuration file, exceeding system limits, crashed critical traffic routing software, causing widespread errors.
• 🛠️ Engineers restored service by replacing the faulty file with an earlier version, resolving the system panics.

National Cyber Strategy and Vulnerability Management

• 🇺🇸 The Trump administration is preparing a new national cyber strategy with a focus on shaping adversary behavior and improving public-private partnerships.
• 🎯 CISA has mandated US federal agencies to secure Fortinet Fortiweb devices within a week due to active exploitation of a command injection flaw.
• 🛡️ The strategy aims to address fragmented ransomware responses and lacks a long-term governmentwide plan, emphasizing clear deliverables and aligned budgets.

International Cyber Threats and Espionage

• 🇬🇧 MI5 warns that China's Ministry of State Security is using LinkedIn headhunters and covert operatives to target UK lawmakers and researchers.
• 🇨🇳 The China-aligned PlushDaemon threat group hijacks software updates through adversary-in-the-middle attacks to deploy malware.
• 📱 Researchers discovered WhatsApp's entire global member directory, over 3.5 billion accounts, was accessible online without protection, exposing sensitive user data.
• 🚨 LG Energy Solution confirmed a ransomware attack by the Akira gang, with claims of 1.7 terabytes of data stolen.

AI Security and Forensic Investigations

• 💡 Rotem Tsadok from Varonis highlights the abuse of Microsoft Exchange Online's direct send feature for phishing attacks, leading to credential theft and widespread compromises.
• 🤖 Tsadok expresses concern about the rapid adoption of AI outpacing our understanding of it as an attack surface, particularly regarding incident investigation within AI ecosystems.
• 📊 AI is seen as a force multiplier for human teams, outperforming humans when provided with enough context and clear rules, especially in predictive threat detection.
• 🔒 The key advice for security leaders regarding AI is that AI security is data security; securing data is paramount for securing AI systems.

Data Secrecy and Public Access

• ⚖️ A judge ruled that Google's projected data center water usage figures in Virginia are not corporate property and must be disclosed to the public, rejecting claims of trade secrecy.