The article discusses a troubling trend where cybersecurity professionals, facing economic pressures and stagnating salaries, are turning to cybercrime for additional income. The Chartered Institute of Information Security (CIISec) has noted a rise in Dark Web advertisements for cybercriminal services, such as developing phishing pages or using AI for malicious coding, by individuals with legitimate cybersecurity day jobs. This shift is driven by mass layoffs and economic uncertainty in the cyber sector, exacerbating stress and employee dissatisfaction. Experts recommend that enterprises improve their understanding of cybersecurity roles, provide professional development, and focus on mental health to combat insider threats and close the skills gap.

Broke Cyber Pros Flock to Cybercrime Side Hustles darkreading

OneBlood, a nonprofit blood provider serving several states, is experiencing a ransomware attack that has significantly disrupted its operations. This has led hospitals to implement conservation strategies, impacting patient care. OneBlood continues to operate at reduced capacity without specifying when normal operations will resume. The American Hospital Association (AHA) is coordinating with state and federal bodies, including the Association for the Advancement of Blood & Biotherapies (AABB), to manage the situation. The AHA and Health Information Sharing and Analysis Center released a bulletin highlighting the need for hospitals to integrate third-party suppliers into their risk management plans due to increasing ransomware attacks on critical healthcare providers.

Southeast hospitals impacted by cyberattack on OneBlood; AHA, Health-ISAC post updated advisory on cyberattacks against health care suppliers aha.org

Recent cyberattacks on U.S. healthcare facilities, including a massive ransomware attack on UnitedHealth’s Change Healthcare subsidiary, highlight the sector's urgent need for enhanced cybersecurity measures. A recent report by SecurityScorecard gives the healthcare sector a "B+" rating for cybersecurity, indicating moderate progress but significant areas needing improvement, such as supply chain risks and application security. Chief Technology Officers (CTOs) play a critical role in navigating these challenges, taking on increased responsibilities in strategic decision-making and innovation to protect patient data and maintain operational efficiency. The rise of ransomware groups like BlackCat and BlackSuit underscores the necessity for robust cybersecurity strategies, including regular software updates, network segmentation, and adherence to HIPAA regulations. Advanced AI-driven solutions, like those offered by Cyble, can provide real-time monitoring and vulnerability management to strengthen healthcare defenses.

Healthcare Sector Preparedness: The Critical Role of CTOs in Cyber Defense The Cyber Express

CrowdStrike has responded to Delta Air Lines’ claims that the cybersecurity company is responsible for the recent tech outage, which significantly disrupted the airline’s operations and led to substantial financial losses. In a letter to Delta’s legal team, CrowdStrike asserted that the airline’s threats of legal action have contributed to a misleading narrative. The company emphasized that it swiftly took responsibility for its actions, while Delta failed to do the same. CrowdStrike’s attorney, Michael Carlinsky, noted that if Delta pursues litigation, it will need to justify its own response to the outage to the public, shareholders, and a jury. Delta has not commented on the letter, and its CEO Ed Bastian has estimated the outage cost the airline about $500 million.

CrowdStrike, whose liability is contractually limited to an amount in the “single-digit millions,” attributed the outage to a bug in a quality-control tool used for system updates. Despite apologizing and offering assistance, the company claimed Delta did not utilize the support offered. CrowdStrike highlighted that most airlines recovered within days, but Delta continued to face issues into the following week, canceling over 5,000 flights. The U.S. Department of Transportation is investigating Delta’s handling of the disruption. Delta’s CEO has noted that the airline’s heavy reliance on Microsoft and CrowdStrike exacerbated the situation, prompting an internal review to draw lessons from the event.