Cyberattack on DeepSeek; Six-Week Ransomware Outage at ENGlobal; UK's NCSC Assesses "Unforgivable" Vulnerabilities

As the newest industry member in the LLM space, one can expect it to be poked and prodded by researchers, competitors, and criminals alike. What's important is for organizations to have an AI Acceptable Use Policy and training in place before using the AI models. Else, they may find that company sensitive data has been collected on servers throughout the world.

I was about to suggest "use with extreme caution." However, on second thought I cannot think of a safe way to use this product. In any case, keep in mind that you are responsible for everything that you ask any computer to do and for all the properties and uses of the results.

DeepSeek is massively undercutting OpenAI on pricing, due to it operating on standard CPUs efficiently, as its API costs just $0.55 per million input tokens and $2.19 per million output tokens, compared to $15 and $60 for OpenAI's API. One problem is that DeepSeek servers, which also house user device and connection information, usage patterns and payment details, fall under China's 2017 National Intelligence law, which mandates Chinese companies assist state security agencies upon request, providing a potential data conduit for the PRC. DoD and other agencies are already blocking access to the service because of this. Secondarily, if you're looking to research the service, DeepSeek appears to have certain responses tuned to avoid any direct criticism of China or the Communist Party.

This model is interesting because, by definition, it must be developed with very constrained systems. At the same time, in the US, we keep adding more and more GPUs, so the constraints didn't necessarily have to be accounted for. The model is open source so that anyone can read through the algorithm and all that. Am I worried about this? This could be a bit of posturing from other governments to 'prove' they have the right chops. I think universally, everyone benefits. Now, to address the security concerns. Every company in the PRC has to abide by all the laws of their system, including the ones that ByteDance has. It's not surprising that information is collected. We can move that entire conversation into geopolitical in a different forum, so that's not exciting. DDoS? It's hard to say it's plausible; it could also be plausible that the entire internet is trying to sign up. If you remember, ChatGPT, when first launched, also appeared to be DDoSed. It's hard to say because the transparency with systems in that country is less than - well - transparent. Finally, the attackers' research. It appears this hosted Chatbot lacks many of the guardrails that other more mature chatbots have. It's not surprising to see all of the workarounds working. It will be interesting to see if it has to abide by any censorship guidelines and if those are now in place. How about we give this story 6 months to bake, return to it, and take the temperature then? For those just getting here, if you wonder about my stance on all this, I have some Bored Apes you may be interested in for 25 million dollars. I'm just kidding; this technology has some material use. RIP my inbox.

If I was the CEO of a company that had certain systems go down for 6 weeks without causing a material impact, I'd look at turning those systems off permanently to gain positive material cost savings.

This is an interesting story, as many people think we don't make much in the US anymore. We will build more factories in the US if we start to re-shore factories. There will be many geopolitical reasons, one of which may be population density. If you are in Info Security, consider looking at the security of these factory floor operations as a niche, because the number of factories has increased in the last few years and will continue. This is also a geopolitical story, so bear in mind that this will also apply to countries like Vietnam, Countries in Africa, Mexico, Central America, and India.

A study from Illumio Research finds that Ransomware remediation is now taking an average of 132 hours (17 working days), requiring 17.5 people and that 58% of organizations had to shut down operations after an attack, which is up from 45% in 2021. It further found that costs from reputation and brand damage exceed those from legal and regulatory actions. Latstly, failure to prioitize investments to boost resilience is impacting the ability to identify and contain attacks. Revisit your Ransomware response/recovery plans with a eye to these findings: https://www.globenewswire.com/news-release/2025/01/28/3016416/0/en/Illumio-Research-Reveals-58-of-Companies-Hit-With-Ransomware-Have-Been-Forced-to-Halt-Operations.html

The slow drip of information on a cyber incident only helps the adversary. Nearly 90 days later, parties that lost their sensitive personal information are still waiting to be notified by the company. It really doesn't appear that SEC cyber rule changes have made any difference, other than informing the federal government.

Another instance in which the compromise of PII, though an obvious problem, is dwarfed by the loss of mission-critical applications and capabilities.

I've always summarized papers like this with one line: "If companies buy crappy software, vendors will write even crappier software." This paper puts it more eloquently: 'Put simply, if the majority of customers prioritise price and features over 'security', then vendors will concentrate on reducing time to market at the expense of designing products that improve the security and resilience of our digital world.' In Roman times 'caveat emptor' (buyer beware) put all the onus on the buyer to make sure the ox being bought was not diseased, and in 1603, Britain put that in their contract law. But in 1979, the UK came out with the Sales of Goods acts (updated in 2015) that gave buyers redress for 'perishable' goods that were already perished when sold - kinda like much software today! Here's an idea: if we have broad political support in the US to ban Tik Tok over security concerns, how about banning the many, many applications with 'unforgivable' vulnerabilities that cyber criminals are exploiting every day?

Unforgivable vulnerabilities are those which represent a disregard for secure development practices, of which the paper identifies thirteen, initially identified by Mitre in 2007. The 11 mitigations are intended to manage the occurrence of these vulnerabilities. In addition to unforgivable, two other categories of vulnerabilities are identified: forgivable, where the implementation is expensive, unknown, subtle, or mitigation is too expensive; and non-exploitable where there is no code path to exploit it, it has been mitigated, or it is unlikely chaining vulnerabilities will result in exploitation. In 2017 it was found that software source code in systems doubles every 3.5 years due to user demands for added functionality as well as increased processing capacity to handle the increased functionality, which results in a similar increase in the number of defects, highlighting the need to implement those mitigations sooner than later in the software lifecycle.

Steve Lipner suggests that most attacks exploit incomplete input validation. Most remote code execution attacks exploit this. Input validation is harder than it looks, at least in part because the developer cannot know all about the environment in which his program may run. Better to maintain separation between data and procedure, as in IBM iSeries and iOS, such that procedures cannot be modified, and data, input or otherwise, cannot be executed. Fred Cohen reminds us that "in a world of application-only (non-programmable) devices we could enjoy most, though not all, of the value of the modern computer." The problem is that there is a market preference for late programmability. That is why Windows is so popular and Android exists.

I've always loved this idea of 'Unforgivable' vulnerabilities. If you read through the NCSC document, there are so many common sense ones. For example, Data Input Validation bugs, like some of the stories in this NewsBites newsletter, potentially are cheap to implement and correctable mistakes that we should classify as 'unforgivable.' This is not to pass judgment on everyone, but to say that some bugs are easier to fix than others. Secure Architecture (Secure by Design?) is a really hard one to solve. One example is the notion of Shift Left. 'Write secure code.' Or, 'Just let the system make sure you write secret code.' We have been chasing this idea for almost 2 decades now. The number of CVEs does not correlate with fixing this problem. As such, that one is rated as hard. Overall, the methodology appears sound, although there may be some ambiguity in the scoring, but don't let perfect be the enemy of good or something like that.

What a cute naming scheme. The reality though, is that secure software development practices have been around for decades. Two excellent sources are: SAFECode.org and the NIST Secure Software Development Framework (SSDF). Instead of classifying whether the vulnerability is forgivable or not, implement the security best practices. That will go further in moving the industry towards secure by design.

This exploit has been added to existing Mirai botnet variants, yeah those are still operating. CVE-2024-40891 is similar to CVE-2024-40890 except that the former is Telnet-based while the latter is HTTP-based. Both attacks are unauthenticated and leverage service accounts such as supervisor or zyuser to gain privileged access. While there is no patch, you can limit access to management interfaces, as well as blocking Telnet. Addtionally block and hunt for activity from the IP addresses listed in the GreyNoise blog.

Last story was impactful, from my recollection, because of the physical requirements to console. This time, we must talk about telnet. In 2025. I'm just going to be honest: why not just use Gopher and turn on r-commands and telnet? I'm just saying this because I feel like keeping Telnet enabled now is the equivalent of just giving up on things. Unauthenticated privilege escalation on telnet on an Internet-connected device that, well, frankly, you cannot do much about because if you have one, it's in front of the firewall. I would say patch, but there is no patch at the time of this writing. They probably have a decent stack, to be honest, but this is not good. And for reference, all of the enterprise security vendors that keep telnet in their code for , you are in the same boat here. Remove telnet. Even Windows supports SSH; let that sink in.

For such a popular set of forums, only seizing 300K euros may be the most interesting part of the story. Either it's all hidden away, and we haven't found it all, or they just didn't have the money and lost their street cred. I'm betting there may be more somewhere else. Oh, and, yeah, I bet another forum will pop up somewhere else. Did anyone find it funny it was called Operation Talent? That has fueled some speculation as well.

Dismantling cybercrime hubs continues to be a major focus for law enforcement, with this takedown identifying a total of eight people as directly involved with the service, two of whom were apprehended. Beyond the domains/servers seized, a financial processor Selix, and hosting service StarkRDP were also taken down, operated by the same suspects. Services provided included AI-based tools and scripts to help discover flaws and optimize attacks, which included far more personalized and convincing phishing messages.