📰 CISA Director says Banning Ransomware Payments is Off the Table| Tuesday Times | July 9, 2024

josem.serrano

What is Tuesday Times?

Tuesday Times is a weekly Tuesday series where we highlight a handful of recent cybersecurity-related news stories. We'll provide brief summaries of these news stories and link the articles directly, should you want to read more!

Feel free to comment on any of the articles highlighted, or share your own in the comments below!

CISA Director says Banning Ransomware Payments is Off the Table| Tuesday Times | July 9, 2024

CISA director says banning ransomware payments is off the table

• While it may seem counterintuitive at first, the director of the Cybersecurity and Infrastructure Security Agency (CISA) has recently said that banning or making ransomware payments is very unlikely to happen. Since most cybersecurity agencies and experts strongly recommend not making ransomware payments, why wouldn't it be logical to make these types of payments illegal?
• If a small business gets hit by a ransomware attack, the amount of time this situation disrupts their business could lead to them going out of business. Even if it became illegal to make ransomware payments, companies would shift to making these payments in the dark and stop reporting these cases to the appropriate agencies which would lead to inaccurate threat intelligence data.
• According to Security Intelligence, the U.S. government's plan to combat ransomware attacks is to "include stricter incident reporting standards, continued law enforcement efforts, shared intelligence, collaborative efforts, and secure-by-design."

Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers

• For this week's data breach alert, we have a large leak of 33 million phone numbers by a "cloud communications company" called Twilio. Twilio allows companies like Authy, a multi-factor authentication code company, to build communication options directly into their platform by using APIs that enable you to send and receive SMS messages, make phone calls, use multi-factor authentication, etc.
• A common trend we've seen in previous data breaches that unfortunately continues here is that the data was breached via an "unsecured API endpoint." The threat actors compiled a list of phone numbers, entered them into this API until they got a hit, and "if the number was valid, the endpoint would return information about the associated accounts registered with Authy."
• If you use Authy, you might have been affected and could be the potential target of "SMS phishing or SIM swapping attacks." The good news is that Twilio found "no evidence that the hackers gained access to its systems or that they obtained other sensitive data, but as a precaution urged Authy users to install the latest Android and iOS security updates."

California advances unique safety regulations for AI companies despite tech firm opposition

• Last week, California advanced legislation focused on regulating Artificial Intelligence (AI). This bill is meant to "reduce risks created by AI" and focuses on deepfakes, employment opportunities, and even AI discrimination.
• According to AP, "Democratic state Sen. Scott Wiener, who authors the bill, said the proposal would provide reasonable safety standards by preventing “catastrophic harms” from extremely powerful AI models that may be created in the future."
• Some large tech firms like Meta vehemently oppose the bill and claim that this would "AI ecosystem less safe, jeopardize open-source models relied on by startups and small businesses, rely on standards that do not exist, and introduce regulatory fragmentation." On the other hand, AI researchers support the idea of introducing a new state agency to oversee developers and provide best practices.