Cybersecurity Today: The Good News Edition
In this episode, host Jim Love addresses a previous mistake regarding the location of Yellowknife and announces a special 'good news' edition. Key stories include Microsoft's dismantling of a global phishing-as-a-service operation Raccoon 0365, the recovery of nearly $2 million lost to a business email compromise scam by a Texas county, and the Commonwealth Bank of Australia's significant reduction in scam losses through AI-powered defenses. The episode emphasizes lessons learned in cybersecurity and the positive outcomes from recent countermeasures. Love also mentions that the usual host, David Shipley, will return on Monday.
00:00 Introduction and Apology
01:38 Good News Stories Overview
02:18 Microsoft Dismantles Raccoon 0365
03:59 Texas County Recovers $2 Million
05:51 CommBank's AI-Powered Scam Prevention
08:01 Conclusion and Contact Information
Episode Transcript
A couple of quick notesas we start the show.
First, an apology for an error.
I actually spend a lot of time trying todouble check the facts and the stories
that we run, and although I've been doingthis IT thing for 40 years, I never claim
that I'm the tech genius of all time.
So sometimes I struggle to make sure,I think I've got the tech facts right,
I don't live in fear of making amistake when we get it wrong, and
(00:23):
we're often not alone in that.
We fess up to it.
Sometimes though the Homer Simpsonmoment is just so embarrassing.
When I wrote the script for Wednesday'sshow, I was obsessing with the details
on the two lead stories and then decidedI'd put a short story in about a small
city in Canada that had been hit.
(00:45):
I could leave that witha really good moral.
We have to provide more assistanceto smaller cities and towns.
Bingo.
Got it all great.
Until somebody wrote me and toldme I'd made a big mistake that any
Canadian should never have made.
I said that Yellowknife was in the Yukon.
When everybody knows it's in the NorthwestTerritories, it's the capital city.
(01:09):
Duh.
So mea culpa and apologies to listenersin Yellowknife and another note on
today's show, it turns out that,Jim, you never take me anywhere.
Love your host has found both a housesitter and a dog sitter and is taking
his lovely wife to Niagara on the lake.
(01:30):
And yes, I know where that is.
So rather than try to predict the future,I thought if I'm gonna have a good time.
So should you, so I went looking for threegood news stories to start your weekend.
That's right.
Good news stories.
Microsoft dismantles, raccoon oh 3 6 5.
(01:52):
Phishing is a serviceoperations targeting healthcare.
A Texas county loses $2 millionin business email compromise
attacks, but gets it back.
ComBank AI tools slash scam losses, Asharp turnaround from past troubles.
This is Cybersecurity today,the Good News edition.
(02:15):
I'm your host, Jim Love.
Microsoft says it's dismantled theinfrastructure behind a global phishing.
As a service platform known asRaccoon 0365, the operation sold,
ready-made phishing kits that leteven low skill attackers steal
Microsoft 365 usernames and passwords.
(02:36):
Since July, 2024, Microsoft estimatesthe kits were used to steal about.
5,000 sets of credentialsacross 94 countries.
The company siezed 338 domains tiedto the scheme after a federal judge
in New York approved the action.
According to CloudFlare, which worked withMicrosoft, the kits were sold on Telegram
(03:00):
through 30 to 90 day subscriptionsgenerating more than $100,000.
In cryptocurrency payments.
The group's channel hadat least 850 members.
Court filings say that Microsoftinvestigators made four test buys to
understand how the service worked.
The alleged ringleader is Josephodi, a Nigerian programmer.
(03:23):
Microsoft has referred the caseto international law enforcement.
Although the FBI has not yet commented.
The impact was particularlysevere on healthcare.
Microsoft said at least 20US hospitals were breached.
With some incidents leading toransomware deployment, the threat
was considered so serious that HealthISAC joined Microsoft's lawsuit in
(03:45):
support of taking down the domains.
The take down is another reminder ofhow phishing kits have industrialized
cyber crime turning attacksinto subscription services with
customer support and global reach.
Disruptions like this, buy time, butas always, new services can emerge
quickly, but for now, sometimes thegood guys win Noes County, I hope
(04:12):
I'm saying it right in Texas, says,a business email Compromise scam cost
it almost $2 million this summer,
Officials believe that almost allof the money can be recovered.
Attackers used fraudulent emails posingas vendors, tricking staff into changing
banking details for county payments.
(04:32):
In three separate transactions, thecounty wired close to $1.9 million.
One payment close to a million isbeing reversed with the help of
Frost Bank while another just over$900,000 is still under investigation.
They do expect to get that back,and a smaller loss of about
$56,000 has already been recovered.
(04:54):
In response, the county suspendedelectronic payments and switched
to paper checks while theyreviewed all vendor accounts.
New rules now require in-personverification for any vendor requesting
changes to payment details, itseems like a pretty good idea.
The FBI is still investigating alongsidelocal law enforcement officials.
(05:15):
Stress that no employees will bedisciplined, noting that written
procedures weren't in placeunder prior management county.
Judge Connie Scott said cybersecurityinsurance purchased just before the
attack will also help cover losses.
the lesson's clear businessemail compromise doesn't always
require sophisticated hacking.
(05:37):
Simple policy changes like verifyingvendor details in person can make
the difference between a routinepayment and a million dollar loss.
But once again, there's some good news.
And finally, the CommonwealthBank of Australia said scam
losses among its customers havedropped 76% since early 2023.
(06:02):
Thanks to a new waveof AI powered defenses.
The bank has rolled out a scamchecker feature in its app, allowing
customers to scan suspiciousmessages for signs of fraud.
It's also introduced in-app verificationfor certain card transactions,
and invested heavily in frauddetection systems that use device
(06:24):
recognition and behavioral analysis.
CommBank has backed these effortswith yearly $900 million Australian
in spending on cyber fraud and scamprevention for the current financial year.
The strategy does appear to be payingoff with independent reporting confirming
a sharp decline in successful scams andincreased disruption of phishing attempts.
(06:48):
The bank has also partnered withfirms to deploy AI bots that waste
scammers time while gatheringintelligence on their tactics.
This progress marks a notable shiftfor an institution that has faced its
share of cybersecurity and compliance.
Embarrassments.
You may not remember the story,but in 2018, it admitted that its
(07:09):
backup tapes containing 20 millioncustomer records had gone missing.
Though it claimed therisk of exposure was.
And more recently, although notcybersecurity related, in 2024, the
bank was fined 7.5 million Australianby the Australian Communications
and Media Authority for breachingspam rules by sending millions of
(07:30):
non-compliant marketing emails.
The contrast highlights how muchhas changed in a few years from data
mishandling and compliance failures.
CommBank is now presenting itselfas a leader in scam prevention.
the lesson is clear.
Even large institutions, even if you'vehad some troubles in the past, you
(07:51):
can turn things around with sustainedinvestment, technical innovation,
cultural change and leadership.
and that's our show for today.
I thought a good news showwould be a fun thing to do.
You can reach me with tips,comments, and even some constructive
criticism or lessons on geographyor even some good news stories.
(08:14):
Tech newsday.com.
Just go to the contact us tab.
I'm your host, Jim Love.
Thanks for listening.
David Shipley will be back inthe news chair on Monday morning.
I'm sure we'll have somedepressing news for you.
Popular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
My Favorite Murder with Karen Kilgariff and Georgia Hardstark
My Favorite Murder is a true crime comedy podcast hosted by Karen Kilgariff and Georgia Hardstark. Each week, Karen and Georgia share compelling true crimes and hometown stories from friends and listeners. Since MFM launched in January of 2016, Karen and Georgia have shared their lifelong interest in true crime and have covered stories of infamous serial killers like the Night Stalker, mysterious cold cases, captivating cults, incredible survivor stories and important events from history like the Tulsa race massacre of 1921. My Favorite Murder is part of the Exactly Right podcast network that provides a platform for bold, creative voices to bring to life provocative, entertaining and relatable stories for audiences everywhere. The Exactly Right roster of podcasts covers a variety of topics including historic true crime, comedic interviews and news, science, pop culture and more. Podcasts on the network include Buried Bones with Kate Winkler Dawson and Paul Holes, That's Messed Up: An SVU Podcast, This Podcast Will Kill You, Bananas and more.