Hackers demand millions, halt operations at 15,000 US car dealerships
A cyberattack on Wednesday, June 19, impacted CDK Global, a major software provider for North American car dealerships. The attack caused widespread disruption, halting management tools at thousands of dealerships. The hackers, believed to be based in Eastern Europe, demanded tens of millions of dollars in ransom.
The attack affected approximately 15,000 dealerships, disrupting an industry that generates over $1.2 trillion in annual sales. The outage occurred during a critical end-of-quarter sales push.
Although CDK briefly restored its systems, a second wave of attacks led to another shutdown.
The company warned that full recovery could take days, during which dealerships have had to revert to manual operations, slowing down sales, halting repairs and delaying deliveries.
The breach not only caused “operational chaos” but also led to a substantial ransom demand, which CDK is reportedly considering paying. Meanwhile, scammers have exploited the situation by posing as CDK representatives to deceive customers.
“CDK associates are not contacting customers for access to their environment or systems,” CDK Global said in a statement. “Please only respond to known CDK employees and communications.”
After decades of consolidation, the industry heavily relies on a few key players like CDK for essential management services, ranging from arranging financing and insurance to managing inventory and processing sales and repairs.
According to the National Automobile Dealers Association, there are approximately 16,800 new car dealerships in the United States.
New CISA cybersecurity measures to fight ransomware raise privacy concerns
Ransomware attacks are causing significant damage to organizations of all sizes, exploiting unknown vulnerabilities. To combat this, the Cybersecurity and Infrastructure Security Agency (CISA), a division of the Department of Homeland Security, has initiated the Ransomware Vulnerability Warning Pilot. This program notifies organizations about potential ransomware threats, potentially preventing millions in damages.
For example, UnitedHealth Group, suffered a ransomware attack earlier this year, resulting in nationwide health care service outages and costing the company $872 million. The attackers allegedly stole 6 terabytes of patient data and demanded a $22 million ransom.
“We’ve normalized the fact that we have shifted the burden of cybersecurity onto individuals and small businesses, which are least prepared to bear that burden,” CISA Director Jen Easterly said. “We’ve normalized this crazy misalignment of incentives where technology companies have prioritized speed to market and driving down cost and cool features over security.”
By addressing these vulnerabilities, organizations can significantly reduce their risk of becoming victims of cyber extortion and avoid the severe financial consequences that follow.
The pilot program, which currently includes 7,000 organizations, is expected to be fully operational by the end of 2024. It works by CISA identifying vulnerabilities and alerting organizations, providing them with necessary information to patch their systems and prevent attacks.
However, privacy advocates are concerned about one of the tools used in the program — the administrative subpoena. A 2022 review of CISA’s procedures showed that the agency can issue subpoenas to organizations or individuals to gather information on internet-based systems without a court order, as these subpoenas do not require judicial review, and opting out is not possible.
These subpoenas can be issued secretly, without the knowledge or consent of those targeted. CISA can retain personally identifiable information for six months if it relates to a suspected cybersecurity incident.
CISA ensures that personally identifiable information is promptly deleted in accordance with established procedures. Despite this, the lack of judicial oversight and the secretive nature of these subpoenas have raised concerns about potential privacy violations and abuses of power.
CISA also offers its own cybersecurity tools and has started a process for organizations to submit their own free tools and services for both the public and private sectors.
Biden defends memory after classified documents report: The Morning Rundown, Feb. 9, 2024
President Biden fires back after a special counsel report questions his memory. And Russian President Vladimir Putin is asked about releasing a Wall Street Journal reporter detained in his country. These stories and more highlight The Morning Rundown for Friday, Feb. 9, 2024.
Get up to speed on the stories leading the day every weekday morning. Get The Morning RundownTM newsletter straight to your inbox!
Biden defends memory after special counsel report on classified documents
“My memory is fine. My memory – take a look at what I’ve done since I become president,” Biden said. “None of you thought I could pass any of the things I got passed. How’d that happen? You know, I guess I just forgot what was going on.”
While special counsel Robert Hur found that Biden willfully retained and disclosed classified military and national security information, he recommended the president not face any charges. Hur also noted that Biden cooperated with the investigation.In the nearly 400-page report, Biden’s memory was called into question, at times referring to it as “hazy,” “fuzzy,” “faulty,” and having “significant limitations.”
According to Hur, Biden had trouble remembering key dates such as the years he was vice president or when his son Beau died, a claim the president vehemently countered.
“I know there’s some attention paid to some language in the report about my recollection of events,” Biden said. “There’s even reference that I don’t remember when my son died. How in the hell dare he raise that? Frankly, when I was asked the question, I thought to myself it wasn’t any of their damn business.”
“I am well-meaning. And I’m an elderly man. And I know what the hell I’m doing,” Biden said. “I’ve been president — I put this country back on its feet. I don’t need his recommendation.”
Biden calls Israel’s response in Gaza ‘over the top’
After responding to questions about the special counsel’s report, President Biden was asked about the ongoing war between Israel and Hamas and the fighting in Gaza. Biden said Israel’s military response in Gaza has been “over the top,” in what is being considered the president’s sharpest public criticism of Israel’s operations in the territory.
"We are clear in condemning the horrific attacks of Hamas.
We are also clear in condemning the violations of int'l humanitarian law in Gaza.
We need an immediate humanitarian ceasefire.
We also need the immediate & unconditional release of all hostages."
The president said he’s seeking a “sustained pause in the fighting” to help aid Palestinian civilians. Biden said “a lot of innocent people are starving and dying” in Gaza, and “it’s got to stop.” Before Biden’s comments, Israeli Prime Minister Benjamin Netanyahu rejected a cease-fire proposal from Hamas, saying the terms were “bizarre.”
Trump wins Nevada caucuses; SCOTUS hears Colorado ballot case
Straight Arrow News political reporter Ray Bogan reported that the justices asked tough questions of both sides, but two of the court’s liberal justices, Elena Kagan and Ketanji Brown Jackson, directed particularly difficult questions to the lawyer representing Colorado’s voters.
“I guess my question is why the framers would have designed a system that would, could result in interim dis-uniformity in this way,” Justice Jackson said. “Where we have elections pending and different states suddenly saying you’re eligible, you’re not, on the basis of this kind of thing.”
Zelenskyy fires top general; Putin speaks on detained WSJ reporter
In a major shakeup on Thursday, Feb. 8, Ukrainian President Volodymyr Zelenskyy fired his top general after nearly two years of the country’s war with Russia. In a post on X, Zelenksyy thanked the outgoing general for his service but said, “The time for… a renewal is now.”
Zelenskyy has appointed the commander of Ukraine’s ground forces to be the new leader of the army. The change came as the Senate voted to advance a standalone $95 billion national security bill for additional aid to Ukraine, Israel, and other U.S. allies.
Today, I made the decision to renew the leadership of the Armed Forces of Ukraine.
I am grateful to General Zaluzhnyi for two years of defense. I appreciate every victory we have achieved together, thanks to all the Ukrainian warriors who are heroically carrying this war on… pic.twitter.com/GBj9gBI0vT
— Volodymyr Zelenskyy / Володимир Зеленський (@ZelenskyyUa) February 8, 2024
Meanwhile, former Fox News host Tucker Carlson posted his interview with Russian President Vladimir Putin to his website and X on Thursday, Feb. 8.
The interview, lasting more than two hours, was Putin’s first with Western media since the start of the war. During the interview, Putin said Russia would be open to a prisoner exchange, which would see the release of Wall Street Journal reporter Evan Gershkovich, who has been detained since March 2023.
Putin repeated Russia’s claims that Gershkovich was guilty of espionage. Allegations that the reporter, the newspaper, and the U.S. government deny. The Wall Street Journal said it was encouraged to see Russia’s desire for a deal.
“Evan is a journalist, and journalism is not a crime. Any portrayal to the contrary is total fiction,” the Journal said. “Evan was unjustly arrested and has been wrongfully detained by Russia for nearly a year for doing his job, and we continue to demand his immediate release.”
Feds offer $10 million reward for info on hive ransomware hackers
On Thursday, Feb. 8, the State Department announced a $10 million reward for anyone who could provide information about the identification and/or location of anyone who holds “a key leadership position in the Hive ransomware variant transnational organized crime group.” According to the State Department, the Hive group has targeted victims in more than 80 countries across over 1,500 institutions, leading to more than $100 million in theft.
Hive Ransomware targeted victims in the United States and globally. Today we are holding them accountable. @StateDept is announcing rewards of up to $15M for information leading to identification, arrest, and/or conviction of key leaders and participants of Hive Ransomware. pic.twitter.com/tjjB3Tx0sB
In 2022, the FBI penetrated Hive’s network, helping prevent more victims from paying up to $130 million in ransoms. The State Department is also offering a reward of $5 million for any information that leads to an arrest of anyone from any country trying to take part in Hive ransomware activity.
Americans to eat 1.45 billion chicken wings on Super Bowl Sunday
Super Bowl Sunday, Feb. 11, is almost here. That means there’s the potential for lots of touchdowns, lots of celebrity-filled commercials, and lots of chicken wings. Make that lots and lots of wings. Americans are expected to eat 1.45 billion wings during the big game. That’s a billion with a “B.”
Regarding Sunday’s matchup, BWW social media admin quipped, “if the game goes to overtime, america will get free wings.” https://t.co/Yf4AjRkjOi
There is a side of good news to go with all those wings. According to the National Chicken Council, the price of wings is down compared to this time last year. The cost of fresh chicken wings is down 5%, and frozen chicken wings are 11% cheaper.
As of January, AARP reports fresh and frozen chicken wings average $3.26 and $3.17 respectively per pound. Just something to chew on as we get closer to kickoff.
FBI, European partners take down Qakbot malware network
The Justice Department announced the FBI and its European partners took down a major global malware network known as Qakbot. According to a statement from Attorney General Merrick Garland, the department “hacked Qakbot’s infrastructure, launched an aggressive campaign to uninstall the malware from victim computers in the United States and around the world, and seized $8.6 million in extorted funds.” Countries involved in the multinational effort to take down the network includes:
France
Germany
The Netherlands
The United Kingdom
Romania
Latvia
“We’ve seized 52 servers in the United States and abroad. By seizing these servers, we’re preventing Qakbot from resurrecting to cause further additional harm,” U.S. Attorney for the Central District of California Martin Estrada said on Tuesday, Aug. 29. “Through this operation, we’ve recovered from the Qakbot criminal organization over 6.5 million credentials, victim credentials. Now, these victim credentials are things such as email logins and passwords, very sensitive information that these victims may have no idea were stolen from them.”
According to Estrada, the malware network had facilitated about 40 ransomware attacks alone over 18 months, netting Qakbot administrators about $58 million. Victims included an Illinois-based engineering firm, financial services organizations in Alabama and Kansas, along with a Maryland defense manufacturer and a Southern California food distribution company.
“Qakbot was the botnet of choice for some of the most infamous ransomware gangs,” Estrada said.
No arrests were announced in relation to the FBI’s takedown of the Qakbot malware network. Estrada would not say where administrators of the malware were located.
Cybersecurity researchers have said these administrators are believed to be in Russia and/or other former Soviet states. Estrada said the investigation was ongoing.
“Cybercriminals who rely on malware like Qakbot to steal private data from innocent victims have been reminded today that they do not operate outside the bounds of the law,” Garland said in his Tuesday statement.
Idalia makes landfall as Cat 3 hurricane: The Morning Rundown Aug. 30, 2023
Hurricane Idalia continued to strengthen as it approached landfall in Florida, and the United State is attempting to stop a company’s expedition to the wreckage of the Titanic. These stories highlight The Morning Rundown for Wednesday, Aug. 30, 2023.
Hurricane Idalia makes landfall as Category 3 hurricane
Hurricane Idalia escalated to a Category 4 storm before being downgraded to a Category 3 as it made landfall in Florida’s Big Bend region around 8 a.m. Wednesday, just after The Morning Rundown broadcast. Officials have predicted a historical and catastrophic impact.
“We are going to experience historical flood surge up into the Big Bend area. This is nothing to be messing around with, potentially 10 to 15 feet of storm surge,” Kevin Guthrie with the Florida Division of Emergency Management said. “Put that in perspective. That’s three feet higher than what was predicted for Hurricane Ian and Fort Myers Beach.”
Officials predicted wind speeds of over 130 mph when Hurricane Idalia makes landfall. A storm surge could be as high as 16 feet in some low-lying coastal communities.
Before making landfall, outer bands of Idalia have lashed Florida in between Panama City and Tampa. Dozens of counties in the Big Bend region are under a state of emergency, with residents told to leave town.
Other states like South Carolina and Georgia are also preparing for major flooding from the system.
FBI takes down major cybercrime operation
The FBI announced an operation to disrupt a major global malware network that has been used for more than 15 years to commit online crimes, including ransomware attacks. According to U.S. Attorney Martin Estrada, nearly every sector of the economy has been victimized by Qakbot, with more than 700,000 infected computers identified by the FBI and its European partners.
Officials said $8.6 million in cybercurrency was seized or frozen as part of the operation. No arrests have been announced.
The location of the administrators of the malware was not disclosed. Estrada said the investigation is ongoing.
Gabon military claims power just days after election
In the small African country of Gabon, military officers have reportedly overpowered the government, taking control after a highly contested presidential election went in the favor of President Ali Bongo. The election result extends his family’s half-century reign over the region.
Video posted on social media shows military officers announcing the Aug. 26 election as void and borders closed. The military officers claimed to have dissolved all government institutions.
According to Reuters, if the power grab is a success, it will be the eighth time a coup has undermined democratic processes in West and Central Africa since 2020. Gabon’s elected president has not been heard from since the uprising.
House Majority Leader Steve Scalise diagnosed with cancer
House Majority Leader Steve Scalise (R-LA) has been diagnosed with blood cancer and has begun treatment. Rep. Scalise said doctors believe it is “very treatable.”
Scalise told his constituents he will continue to represent them in Washington, returning to work as usual after the August recess.
The White House said the diagnosis is “devastating news.”
Scalise has overcome serious health challenges in the past, surviving a shooting before a congressional baseball game in 2017. He is the second-highest ranking republican in the House after Speaker Kevin McCarthy (R-CA).
U.S. government opposes planned Titanic expedition
The U.S. government has stepped in to stop a planned expedition to recover artifacts from the wreckage of the Titanic. The U.S. argued if RMS Titanic, the firm that owns the salvage rights to the Titanic wreck, were to enter the ship’s hull or physically alter it, it would be in violation of federal law. It would also violate an agreement with the United Kingdom to treat the site as a memorial to the more than 1,500 people who died.
The company said it plans to take images of the entire wreck, including the inside. RMST said it would recover artifacts from the debris field, but does not intend to cut into the wreckage or detach any part of it.
RMST said it would work with the National Oceanic and Atmospheric Administration (NOAA), but is not seeking a permit. U.S. government lawyers said the company can’t proceed without one.
The U.S. challenge came more than two months after a submersible from a different company imploded near the Titanic wreckage, killing five people. That incident is not related to this case.
The RMST expedition was tentatively planned for May of 2024.
Late-night hosts team up for strike podcast to benefit workers
Five late-night talk show hosts have banded together to help out their co-workers who have been out of work since May of 2023 due to the writers’ strike. Stephen Colbert, Jimmy Fallon, Jimmy Kimmel, Seth Meyers and John Oliver will team up for the “Strike Force Five” podcast to discuss the strike.
All proceeds from the podcast will go to the out-of-work staff of their shows. The series will run for at least 12 episodes, with each host taking turns leading the conversation.
The first episode of the podcast is available starting Wednesday, Aug. 30.
Russian cyber attack hits US government agencies: June 16 rundown
A global cyber attack linked to a Russian ransomware group has targeted U.S. government agencies, and deadly tornadoes tore through the Texas panhandle. These stories and more highlight the rundown for Friday, June 16, 2023.
U.S. agencies hit in global cyber attack
A global cyber attack has hit several U.S. government agencies. U.S. officials say a Russian ransomware group is to blame.
According to national security, the ransomware group compromised a “vulnerability” in a widely used software. That software makes it convenient for governments and businesses to move large files.
Impacted institutions include:
The U.S. Department of Energy
Multiple Johns Hopkins hospitals
The University of Georgia
British Airways
The Minnesota Department of Education
Officials suspect there could be hundreds of more companies affected. According to U.S. cybersecurity officials, no federal data has been leaked so far in the hack.
The Russia ransomware group suspected of being behind the attack is known to demand multimillion-dollar ransoms. While stolen data is often used for extortion, none of the agencies have reported demands for money.
Teixeira indicted over discord leaks
Jack Teixeira, the Massachusetts Air National Guardsman accused of leaking highly classified military documents on the social media app Discord, has now been indicted. He’s facing six counts of willful retention and transmission of national defense information. Each count carries a maximum sentence of 10 years in prison.
The leaked documents contained information about the war in Ukraine as well as other top national security issues. In May, a judge deemed Teixeira a flight risk and ordered him to remain in jail as he awaits trial.
Tornado kills 3 in Texas panhandle town
A series of spring storms came down hard on the south Thursday, June 15. At least 3 people have died and about 100 people were injured after a tornado came barreling through the Texas panhandle.
This tornado devastated the small town Perryton, Texas. Trailer houses were destroyed, communication towers were torn down, and dozens of people were injured from the high-speed winds and thrown debris.
Meanwhile. Pensacola, Florida saw its share of devastation caused by a series of severe thunderstorms. At least one person died after a tree fell on top of their home.
The latest round of severe weather follows tornadoes that touched down in Alabama earlier this week.
U.S. submarine arrives in South Korea
The U.S.S. Michigan, a nuclear-powered submarine capable of carrying about 150 tomahawk missiles, arrived in South Korean waters on Friday. The arrival is the first of its kind in 6 years.
It’s part of a recent agreement between the U.S. and South Korea to increase the U.S.’s presence along the Korean peninsula. The two countries’ Navies were set to conduct drills meant to boost their special operations capabilities.
The arrival comes just a day after U.S. and South Korean troops conducted joint live-fire drills at a firing range in South Korea. The goal of the drills are to counteract the growing threat of North Korea’s advancing nuclear program. In protest of the live-fire drills, the North launched two short-range ballistic missiles off its east coast June 15.
“These launches are a clear violation of multiple U.N. Security Council resolutions, and they demonstrate the threat of unlawful weapons of mass destruction and ballistic missile programs pose to the region, to international peace and security, and to the global nonproliferation regime,” State Department Spokesman Matthew Miller said Thursday.
Ticketmaster, SeatGeek agree to end hidden fees
Tcketmaster and SeatGeek announced they will no longer have hidden fees applied to their ticket sales. This means the full costs of tickets will be visible to customers up front.
The announcement came the same day President Joe Biden hosted executives from Ticketmaster, SeatGeek and other companies to tout the administration’s work cracking down on “junk fees.”
According to the Government Accountability Office, hidden fees cause the price of an event ticket online to increase by 27% on average.
Pope Francis released from hospital
Pope Francis has been discharged from the hospital nine days after he underwent surgery to repair a hernia in his abdomen. The 86-year-old pope was greeted Friday with a wave of supporters outside the hospital. The surgeon who did the procedure said Francis is “better than before” the hospitalization.
The pope traditionally takes the full month of July off from travel and public appearances. While Francis still plans to attend Sunday blessings, he will have the rest of June and July to rest before he travels to Portugal in August.
FBI assists in international cybercrime bust amid heightened risk of ransomware
The FBI played a role in taking down an international cybercrime gang over the weekend. The cybercriminals reportedly blackmailed large companies and institutions for more than a decade. With the FBI’s assistance, police in Germany said they were able to identify 11 people linked to the group and identified at least 600 victims. According to Europol, the group scammed Americans out of more than $40 million in the span of two years.
The group specialized in what officials call “big game hunting.” They went after big businesses including corporations, hospitals and schools. The scammers targeted company systems then locked companies out using malware. The cybercriminals used the locked data as leverage for ransom. Ransomware is the world’s most disruptive cybercrime. Gangs break into networks and steal sensitive information before activating malware that scrambles data. The criminals demand payment in exchange for decryption keys and a promise not to dump the stolen data online.
Morning rundown: Ransomware attack on U.S. Marshals; federal TikTok ban
A ransomware attack compromised sensitive U.S. Marshals data; the White House has ordered all government agencies to purge TikTok from federal devices; and an American citizen is killed in the West Bank as the Israeli-Palestinian conflict rages on. These stories and more highlight the daily rundown for Tuesday, Feb. 28, 2023.
Sensitive U.S. Marshals data compromised
The U.S. Marshals Service is investigating a major ransomware attack that has compromised some of its most sensitive information. It includes law enforcement materials, personal information of employees, and potential targets of federal investigations.
The federal agency reported the data breach was discovered on Feb. 17. The Justice Department has labeled the cyberattack as a major incident, prompting the U.S. Marshals Service to involve Congress.
The agency is still investigating and working to mitigate potential risks that could come from the ransomware attack. The federal system that was hacked was not connected to any larger federal network.
TikTok ban on all federal devices
In an effort to keep U.S. data safe, the White House has ordered all government agencies to delete and ban TikTok from federal devices in 30 days. TikTok is owned by ByteDance, which is known to engage in data harvesting. U.S. officials have raised concerns that the Chinese government could pressure ByteDance into handing over information collected.
The ban, ordered by Congress late last year, follows similar actions from Canada, the EU, Taiwan and more than half of the states in the U.S. All federal agencies must remove TikTok from government-issued phones and block it from being accessed on the internet.
According to the White House, the ban is out of precaution following security concerns. ByteDance has denounced the concerns as misinformation and has denied spying on Americans.
Buttigieg’s use of jets to be audited
The Department of Transportation’s internal watchdog will be reviewing the use of government jets by its top official, Transportation Secretary Pete Buttigieg. Along with his predecessor in the Trump administration. And Buttigieg is welcoming the audit.
The inspector general plans to conduct an audit to determine whether the office of the Secretary has complied with federal regulations, policies, and procedures related to travel on the department’s aircraft.
The audit was requested by Sen. Marco Rubio, D-Fla., who asked the watchdog about a Fox News article that reported Buttigieg took 18 flights on taxpayer-funded private jets. The Transportation Department said those 18 flights were on federal planes over seven trips.
Buttigieg responded to the news of the audit saying it would help debunk misleading narratives.
U.S. citizen killed in West Bank unrest
A U.S. citizen is one of the latest victims of the violence in the West Bank between Israelis and Palestinians. Israeli Defense Forces said attackers opened fire on Israeli vehicles on three occasions Monday, and later set their own vehicles on fire.
There was an exchange of fire with police before the attackers fled according to the IDF. According to the Times of Israel, the 27-year-old Israeli-American was visiting to attend a wedding when he was killed.
The deadly attack followed a series of attacks and outbursts from Israeli and Palestinian residents on Sunday. A Palestinian reportedly shot and killed two settlers of Israel. In response, Israelis lit Palestinian homes and cars on fire in protest.
North Korea addresses need for grain
North Korea’s Kim Jong Un is asking the country to unify behind his leadership in order to increase the country’s grain production amid worries of food insecurity.
Foreign experts say North Korea is experiencing a serious shortfall of food in the aftermath of COVID-19 border restrictions and a reported push for greater state-control over grain supply.
The experts say they’ve seen no signs of mass deaths from famine in North Korea like they did in the ’90s when hundreds of thousands died in a food crisis.
According to South Korean assessments, North Korea is producing 4.5 million tons of grain per year when they would need 5.5 million tons per year to feed its 25 million people.
The Tesla CEO was surpassed in December of last year by Bernard Arnault, the CEO of french luxury brand LVMH. But as of Monday, with the help of Tesla’s stock surging this year, Musk’s net worth rose to $187 billion, surpassing Arnault’s $185 billion.