Welcome reader to your CybersecurityHQ report.

Headlines

A Friday audit of Indonesia’s government data centers has the country scrambling. This all comes in the wake of a ransomware attack last week that hit a trove of unbacked-up data, affecting over 230 public agencies. Despite the impact, Indonesia will not pay the $8 million ransom.

Indonesia’s communications minister, Budi Arie Setiadi, said that the data centers could back up data but that it was optional for agencies to do so. Data backup will become mandatory in the near future.

Microsoft is warning users of a newly discovered form of AI jailbreak attack they call Skeleton Key. In a blog post, the Microsoft team said, “Skeleton Key works by asking a model to augment, rather than change, its behavior guidelines so that it responds to any request for information or content, providing a warning (rather than refusing) if its output might be considered offensive, harmful, or illegal if followed.”

Through April and May of this year, the team tested their Skeleton Key method on various popular GenAI models, including Meta Llama3-70b-instruct, Google Gemini Pro, OpenAI GPT 4o, and many more. The team claims it has now taken the necessary steps to prevent Skeleton Key from working on models managed by Microsoft Azure.

TeamViewer, a popular remote access and control software company, detected a cyber breach on Wednesday. The company issued a statement assuring that “There is no evidence to suggest that the product environment or customer data is affected. Investigations are ongoing, and our primary focus remains to ensure the integrity of our systems.”

This comes after cybersecurity company NCC Group warned that TeamViewer had suffered a breach by an APT group. How many people could this affect? The company has over 640,000 paying customers worldwide, with hundreds of millions more using the free version.

Interesting Read

Want to get into the minds of CISOs around the world? Quest Mindshare recently conducted their Inside the Mind of CISO 2024 survey for Bugcrowd, gathering responses from 209 security officers. The results are well worth a browse.

Among the interesting tidbits? 75% of CISOs have done ethical hacking. 76% believe the AI threat landscape is evolving too rapidly to adequately secure against—yet 66% of teams are planning to reduce the teams in the next five years as they adopt more AI tools. 58% believe AI risks outweigh potential benefits. Check out the survey for much, much more.

Employment Tip: Practice Good Hygiene for Your Own Data

This should go without saying, but a lot of cybersecurity professionals are lax when it comes to their own devices. By maintaining rigorous standards for your data, you safeguard against the severe repercussions that can arise from cyber attacks—both for yourself and the organizations you work for.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team