The US House Committee on Homeland Security has summoned Crowdstrike’s CEO to explain what happened, A new malware strain that attacks critical infrastructure has surfaced in Ukraine, and the deal that was supposed to be the biggest start up acquisition in history has fallen apart.
Welcome to Cyber Security Today. I’m Jim Love, sitting in for Howard Solomon.
CEO George Kurtz has been summoned to testify before the US House Committee on Homeland Security.
Committee Chairman Mark E Green stated: “We cannot ignore the magnitude of this incident, which some have claimed is the largest IT outage in history.”
The full impact of the outages is still being assessed, with disruptions reported in airports, financial services and even things like emergency call centers and surgical procedures.
While relieved it wasn’t a cyberattack, the committee warned about the national security risks of network dependency. They emphasized that hostile nations are closely watching the US response.
CrowdStrike CEO Kurtz has committed to full transparency, stating on social media: “You have my commitment to provide full transparency on how this occurred and the steps we’re taking to prevent anything like this from happening again.”
As CrowdStrike held a 14.7% market share in endpoint protection last year, it’s taken a big hit on its stock and while there have not yet been stories of customer defections – it may be too early – their future sales will certainly take a hit of some sort, but the full impact of that will take some time to assess.
Let’s put it this way, the old adage that any publicity is good publicity doesn’t work if you are a security vendor.
Sources include: The Register
A new malware strain is causing alarm in the cybersecurity world, threatening critical infrastructure sectors globally. Dubbed FrostyGoop, this malware was discovered during an investigation of a January cyberattack on a Ukrainian energy company.
The attack in Ukraine disrupted heating for over 600 apartment buildings leaving residents in freezing temperatures for nearly two days. What’s particularly concerning is FrostyGoop’s ability to target a wide range of devices critical to infrastructure operations.
Security firm Dragos reports that FrostyGoop exploits Modbus, a communication protocol widely used in industrial systems since the 1970s. The malware can send seemingly legitimate commands to various devices, potentially disrupting all critical infrastructure sectors.
Robert Lee, CEO of Dragos, warns: “FrostyGoop has the potential to disrupt all critical infrastructure sectors, not just the electric sector, and it currently isn’t detectable by traditional antivirus tools.”
Experts recommend that infrastructure operators limit device connections and ensure Modbus devices aren’t exposed to the public internet. As investigations continue, the cybersecurity community remains on high alert for this evolving threat to our essential services.
Sources include: Axios
In a surprising turn of events, cybersecurity firm Wiz has walked away from a reported $23 billion acquisition offer from Alphabet, Google’s parent company. This deal would have been the largest startup acquisition in US history.
Wiz CEO Assaf Rappaport confirmed the decision in a memo, stating: “Saying no to such humbling offers is tough, but with our exceptional team, I feel confident in making that choice.”
Instead of joining Google Cloud, Wiz is now setting its sights on reaching $1 billion in annual recurring revenue and pursuing an initial public offering. This move comes just months after Wiz raised $1 billion in investment, valuing the company at $12 billion.
The potential acquisition faced several hurdles, including likely regulatory scrutiny. Google has already been under antitrust pressure for its search dominance, and recent big tech takeovers have faced intense regulatory opposition.
This development marks a significant shift in the cybersecurity landscape, where consolidation was expected. As Wiz charts its independent course, the industry will be watching closely to see how this decision shapes the future of cloud security and tech acquisitions.
It’s not the first time that a startup has not taken an offer. Mark Zuckerberg turned down and big dollar offer from Yahoo and – that worked out okay.
So it will be interesting to see if the Wiz has the same magic.
Sources include: The Register
That’s our show. You can find the show notes with links at technewsday.com or .ca – take your pick. Cybersecurity returns to its three shows a week.
I’ll be sitting in for Howard Solomon for a few more shows. We’ll let you know when Howard will be back.
Thanks for listening.
