This week
- Massive Monday AWS outage caused by DNS
- ICO knew about MOD Afghan data breach
- JLR incident estimated to cost UK economy £1.9 billion
- AI Browsers are susceptible to prompt injection from web content
- UN Cybercrime Convention signing ceremony in Hanoi
Interesting stats
1/2 of ransomware-as-a-service (RaaS) groups offer AI-powered capabilities to their affiliates, according to ReliaQuest. LINK
3% increase in the money stolen from UK consumers by fraudsters in the first six months of the year to £629 million, according to banking industry data. LINK
Side note: Did you know about 159, a ‘safe’ phone number that most people in the UK can use to contact their bank securely? It’s operated by Stop Scams UK, with participation from most major UK telcos and banks. Nice and simple advice for your friends or family: if they think they’re being scammed, hang up and call 159 to connect to the legitimate number for your bank.
Five things
-
It’s Always DNS: Amazon Web Services faced around 15 hours of disruption to services out of its US-EAST-1 region on Monday. US-EAST-1 is one of the oldest AWS regions and the default for many services, and because of this, there was a significant impact on over 1,000 organisations that use the region for their cloud computing, from Snapchat and Reddit to Lloyds Bank to games like Roblox and Fortnite. The cascading failures were caused by failures in its DynamoDB-powered DNS management system, which helps to manage load and direct resources in the AWS network. A ‘race condition’ between two components in this system resulted in an old version of the plan being implemented while a second removed that plan, leaving services unable to connect. “This situation ultimately required manual operator intervention to correct,” said an Amazon statement. That’d explain why it took so long to resolve: cloud environments are complex and sprawling — AWS globally is estimated to have over 30% of the cloud share — and rebuilding the DNS for this is going to be no small feat. Still, it raises questions about the concentration of services in one region with a single provider, and whether it should be possible to route around this single point of failure in AWS’s network design. OUTAGE, DNS, SUMMARY, INCIDENT REPORT
-
The ICO knew about an MOD data breach affecting Afghan nationals but decided an investigation was not necessary as they were “satisfied with the steps that [MOD] were taking”. One of those steps was to file for a super injunction, which prevented UK media from reporting the breach and prevented Parliament from learning about it. Information Commissioner John Edwards told MPs that his team were unable to take notes from their meetings with the MOD “because of the classification”, and that his department did not have enough vetted staff. Edwards also said deciding “to take no further action… was not a decision to do nothing”. The breach, caused by a staffer accidentally sending a spreadsheet containing over 30,000 rows, including ‘hidden cells’, is estimated to have cost UK taxpayers £850 million. ICO
-
Jaguar Land Rover: JLR resumed production this month after significant downtime caused by a cyber-attack. This week, a report from the Cyber Monitoring Centre (CMC), an independent non-profit, estimates the financial impact on over 5,000 UK businesses at £1.9 billion ($2.5B). CMC categorises the incident as a category 3 ‘systemic event’. CMC
-
AI Browser prompt injection: AI companies are getting in on the browser game — Perplexity’s Comet and OpenAI’s Atlas to name a couple — as they try to capture more users, and many allow their AI’s to carry out tasks on web pages, ostensibly to speed up tasks. However, researchers at the browser vendor Brave say many are also susceptible to prompt injection via images and other content displayed on websites. OpenAI’s CISO, Dane Stuckey, took to Twitter/X saying that “prompt injection remains a frontier, unsolved security problem, and our adversaries will spend significant time and resources to find ways to make ChatGPT agents fall for these attacks.” But… sanitising user data is a known and solved problem. Prompt injection is just a modern version of SQL Injection that used to (and still does occasionally) plague web apps. It’s simple: expecting a phone number? —> check it’s a phone number. The novel, or ‘unsolved’ problem for AI today, is that it blurs the line between commands and content, mixing the user’s request with the user’s data. But let’s be honest, with the amount of capital pouring into AI companies, it shouldn’t be beyond them to apply some input validation. It’s been good practice for decades at this point. BROWSERS, RESEARCH
-
UN Cybercrime convention: Around 30 countries are expected to sign the UN’s landmark convention on countering the use of information and communications technologies for criminal purposes in Hanoi this weekend. The convention establishes a legal framework for law enforcement to investigate cross-border cybercrime and follows five years of negotiation. It’s not without its critics: dozens of groups, including Human Rights Watch, the EFF, and Privacy International, signed an open letter this week saying it encourages surveillance. UN, CONVENTION (PDF), LETTER
Startup spotlight
As part of my pledge to support the UK cyber ecosystem, I’ll be featuring a different UK cyber startup each week.
This week it’s Redflags, an early-stage business, finding product market fit and gaining initial customers:
- What do they do? Redflags delivers secure behaviour change, measurably reducing operational risk from cyber threats that target people in organisations, directly applying behavioural science theory and proactively intervening to guide and support your staff at precise points of risk.
- Who is it for? CISO, Security Awareness or Human Risk practitioners at mid- to large-enterprises in any sector.
- Where can you find out more? WEB, LINKEDIN
If you’re a UK-based cyber security startup interested in being featured in a ‘Startup Spotlight’ in my weekly newsletter, please fill out this form for consideration. It’s not a paid thing; just trying to support our ecosystem 🚀
In brief
-
⚠️ Incidents: Scattered Lapsus$ Hunters (SLH) says they have the details of ‘thousands’ of NSA and other US government officials, scraped from the series of Salesforce breaches earlier this year. Sticking with the NSA, China’s Ministry of State Security (MSS) says it has “ironclad evidence” that the American intelligence agency compromised China’s National Time Service Center. It’s broadly being seen as a war of words between spies on either side of the Pacific. NSA/SLH, NSA/MSS
-
🏴☠️ Ransomware: Japanese retailer MUJI has closed stores following a ransomware attack at logistics partner Askul. MUJI
-
🕵️ Threat Intel: GlassWorm, a software supply-chain work that uses “invisible Unicode characters that make malicious code literally disappear from code editors”, is spreading through users of the OpenVSX and Microsoft Visual Studio marketplaces to steal credentials, secrets, and cryptocurrency. SpaceX has disabled service for 2,500 Starlink devices in Myanmar, suspecting scammers are using them. Group-IB says that Iran-linked Muddy Water (aka Static Kitten, Mercury, Seedworm) has been targeting 100 government organisations with an updated version of its ‘Phoenix’ backdoor, and macro-laden Microsoft Word documents delivered via email. North Korea successfully compromised three Central and South Eastern European defence companies involved in unmanned aerial vehicles (UAVs) this year using recruitment lures, according to ESET. GLASSWORM, SPACEX, IRAN, N KOREA
-
🪲 Vulnerabilities: Microsoft has patched a critical remote code execution vulnerability in Windows Server Update Service (WSUS) that has already been exploited by attackers (CVE-2025-59278; 9.8/10). WSUS (ADVISORY)
-
🧰 Guidance and tools: Jersey Cyber Security Centre (JCSC) is piloting a cyber health check for 10 organisations on the island. Well done Matt & co! JCSC
-
📜 Policy & Regulation: The Netherlands is reducing and being more cautious over its intelligence sharing with the US, citing ‘politicisation’ and Trump’s shifting stance on Russia. The influential bipartisan Cyberspace Solarium Commission says the US government is ‘slipping’ on cyber, following personnel and budget cuts, and the “ability to protect itself and its allies from cyber threats is stalling.” NETHERLANDS, US
-
👮 Law Enforcement: A judge has barred spyware vendor NSO Group from targeting WhatApp. It’s the culmination of a case started back in 2019; however, a spokesperson for NSO said the ruling does not apply to NSO’s customers. Chocolate teapot. The US government has accused Peter Williams, former executive of defence contractor L3Harris’ cyber arm, Trenchant, of selling trade secrets to Russia for $1.3 million. NSO, L3HARRIS
-
💰 Investments, mergers and acquisitions: Dataminr is to acquire ThreatConnect for $290 million. Veamm has agreed to acquire data security management outfit Securiti AI for $1.7 billion. THREATCONNECT, SECURITI
And finally
- Sleep outage: Spare some thoughts for owners of Eight Sleep’s smart beds, which seemingly rely on AWS US-EAST-1 (see above) and found their beds stuck blasting heat under the covers, or stuck in an upright position. Looks like Eight Sleep could do with some sensible defaults for their $2,700 beds. SMARTBEDS