Musk's Doge staffers are granted accounts on US nuclear networks. A Canadian power utility faces a cyber attack and 1.7 billion stolen passwords from info Steeler malware are dumped on the dark web. Welcome to Cybersecurity Today and Happy World Password Day. I'm your host, Jim Love, two members of Elon Musk's Department of Government Efficiency.
Doge were granted accounts on classified US government networks that handle sensitive nuclear weapon information according to an NPR investigation, published on April 28th. The individuals. Luke Ferrier, a 23-year-old former SpaceX intern. We've heard of him before, and Adam Ramada, a Miami based venture capitalist.
Were reportedly given access to the Department of Energy's Enterprise Secure Network or ESN and the Department of Defense's, secret Internet Protocol Router Network or SIPR Net, both of which are used to transmit highly classified nuclear data. The ESN is operated by the National Nuclear Safety Administration, or NNSA, and is responsible for transmitting restricted data about America's nuclear weapons design and special nuclear materials.
SIRP Net is used by the Department of Defense to communicate classified information, including data related to nuclear weapons with the Department of Energy. Sources familiar with the matter told NPR that Ferrier and Ramada had accounts on these systems for at least two weeks. However, it remains unclear whether the accounts were ever activated or used to access classified information.
The Department of Energy initially denied any Doge personnel had accessed the NNSA systems, In a statement to N-P-R-A-D-O-E spokesperson said, no. Doge personnel have accessed these NNSA systems. The two Doge individuals in question worked within the agency for several days and departed DOE in February. Later the DOE clarified that while the accounts had been created, they were never activated or accessed.
The development follows previous controversies involving Doge activities within federal agencies. There have been other reports of Doge employees exfiltrating data from crucial government systems and using less than stringent security practices In a world of government espionage, the Doge team certainly has been targeted and I would maintain that. Many of them have probably been hacked, although I admit that's just conjecture.
But they are facing what must be some of the most accomplished security services in the world. And So this goes beyond excessive credentials. It goes to the very idea that the highest levels of security authorization could be issued without vetting that would be appropriate for the most sensitive data the US possesses.
Even if you support the Trump administration's effort to streamline government operations, it's clearly out of balance with the need to maintain stringent security protocols, especially concerning nuclear information. Nova Scotia Power. A Canadian power utility is actively managing a cybersecurity incident that has impacted its internal IT systems.
The breach has affected customer service operations, including the My Account, online portal, and customer care phone lines leading to service delays. However, the company confirms that critical infrastructure operations such as electricity generation, transmission, and distribution remain unaffected. The incident was identified by Nova Scotia Power's internal IT team, who promptly activated incident response and business continuity protocols.
External cybersecurity experts have been engaged to assist in the investigation and system restoration efforts. The company has also reported the incident to law enforcement authorities. While the specific details of the attack and the identity of the perpetrators have not been disclosed, a thorough investigation is ongoing to assess any potential impact on stored information. Customers have been advised to remain vigilant for suspicious communications and report any unusual activity.
Emera Corp. The parent company of Nova Scotia Power is a Canadian energy company with operations in the US and the Caribbean. The company has stated that the cybersecurity incident is not expected to have a material impact on its financial performance and operations in the US and Caribbean remain unaffected. Ironically, earlier this year, Nova Scotia Power had asked the province's utility regulator for permission to spend $6.8 million to upgrade their cybersecurity.
The utility identified 12 sites that would have upgrades under this plan. The deadline to provide written submissions on the matter was May 14th. it appears by getting in ahead of this, the hackers may have clearly established the business case for the much needed security improvements, but not without doing some damage. We hope by sharing this, that others who may be facing similar business cases will realize the importance of moving quickly. And it's world password day.
So here's a story that will ruin the day for you. A massive trove of more than 1.7 billion stolen credentials has surfaced on the dark web according to new research from cybersecurity firm Flare. The credentials collected over 18 months were primarily extracted using info stealer malware, a growing threat that quietly siphons data from infected devices.
The leaked data includes usernames, passwords, browser cookies, auto fill data, and crypto wallet credentials, Flare's analysis, which examined over 20 million info stealer logs, found evidence of infection on more than 26 million endpoints. These logs are now circulating widely on underground forums and are even being sold as searchable lookup services.
Info stealers such as redline, raccoon, and Vidar work silently and often enter systems through phishing emails, fake software cracks or malicious online ads, but once installed, they can scrape credentials directly from the browser and the apps often without triggering antivirus alerts. Unlike ransomware, info stealers, don't encrypt data or announce themselves, making them harder to detect.
And this is a massive threat to corporate security posture, said Eric Clay of Flare we're seeing info Steelers become the most common initial infection vector in enterprise breaches. The old days, I remember when we used to celebrate world password Day by lists of common passwords, including the fact that people used password as a password or that they reused passwords. It's gotten more serious.
Many info Stealers now can not only capture login credentials and passwords, but they also get session cookies enabling attackers to hijack active logins and bypass even multifactor authentication. That puts even well defended networks at risk if stolen sessions are resold and reused. So security experts are urging organizations to strengthen endpoint monitoring, audit credential usage, and monitor for signs of session hijacking.
But as we return to the idea of world password day with stolen credentials in the billions now traded like commodities, don't. We have to ask ourselves if we haven't finally got to get a better method of establishing and maintaining identity, maybe the real goal should be to never have another World Password Day, and that's our show. You can reach me at [email protected] or on LinkedIn, or if you're watching on YouTube, you can just leave a comment under the video.
And if you like what we're doing, why not support us? Go to buy me a coffee.com/tech podcast. That's buy me a coffee.com/tech podcast. And um, well. Buy us a coffee and a quick shout out to our latest coffee member all the way from Denmark. Welcome David, and thank you very much. Look forward to talking to you. I'm your host, Jim Love. Thanks for listening.