Cybersecurity Current Events: Feb. 17th, 2025

Cybersecurity threats always seem to be relentless, and this week is no exception. From quantum hacking risks in cryptocurrency to government data breaches and global cybersecurity initiatives, digital security remains a top priority for businesses and governments alike.

Some of this week's highlights include concerns over Elon Musk’s DOGE potentially increasing the vulnerabilities to quantum attacks, Finland’s large-scale cybersecurity exercises, and a major leak from the Canada Border Services Agency.

Let’s dive into the biggest cybersecurity stories shaping the digital world this week.

1. France’s VRIF Press Service Expands to the U.S. with New Cybersecurity Offering

Summary:

France’s VRIF Press Service has launched a new cybersecurity service, Control, in the U.S. market. Control provides businesses and government agencies with advanced cyber threat detection, incident response, and digital forensic capabilities. This expansion signals a growing international effort to combat cybercrime with AI-driven security solutions and real-time monitoring.

Timeline: Newsfile Corp. made a press release on February 17, 2025

Threat Actors: N/A; Represents an industry-wide response to the growing use and dependency on AI technology.

Key Implications:

• Increased global cybersecurity collaboration between the U.S. and France.
• More organizations will be gaining access to cutting-edge cyber defense solutions.
• Growing reliance on AI for threat detection and response.

Actionable Steps:

1. Businesses should explore AI-driven security solutions to evaluate the possibilities for enhanced protection.
2. Evaluate existing incident response plans in light of emerging threats.
3. Monitor international cybersecurity partnerships for new tools and resources.

Additional Resources: The Whig Standard

2. Experts Warn Elon Musk’s DOGE is putting the U.S. at risk for Quantum Computing Attacks

Summary:

Cybersecurity experts have expressed concerns that the U.S. National Institute of Standards and Technology (NIST), which is responsible for developing cybersecurity standards—particularly the development and documentation of encryption to protect against quantum computing attacks—may be at risk of being downsized, if not dismantled, due to Elon Musk's governmental efficiency initiatives.

Timeline: Reported on February 12, 2025

Threat Actors: While there are no specific "threat" actors, the possible downsizing of NIST poses significant threat to the future of security competency within the U.S. and the organizations that rely on NIST frameworks to dictate their cybersecurity posture.

If you or your organization is in need of consultation on this matter, EIP Networks offers free security assessments in which you can discuss your options with our expert team.

Key Implications:

• Risk of large-scale threats if quantum computing advances rapidly.
• Potential need for new quantum-resistant encryption standards in blockchain security.
• Uncertainty of the future of cybersecurity standards and self-regulation needs within the U.S.

Actionable Steps:

1. Organizations should stay informed on quantum-resistant encryption.
2. Developers should research and implement post-quantum cryptography as soon as possible.
3. Businesses should employ expert consultancy in preparation for future threats.

Additional Resources: The New Scientist

3. ZainTech and Fortinet Strengthen Cybersecurity Across the Middle East

Summary:

Telecommunications giant ZainTech has partnered with Fortinet to enhance cybersecurity measures across the Middle East. The partnership will focus on delivering advanced threat detection, cloud security, and managed cybersecurity services to regional businesses and governments.

Timeline: Reported on February 17, 2025

Threat Actors: N/A

Key Implications:

• Improved cybersecurity posture for Middle Eastern enterprises.
• Increased adoption of zero-trust architectures in regional networks.
• Greater demand for managed security services in high-risk industries.

Actionable Steps:

1. Organizations in the Middle East should evaluate their current solutions in order to see how new security solutions could improve their posture.
2. Businesses should consider adopting a zero-trust security framework.
3. Stay updated on cybersecurity developments in regional telecom industries.

Additional Resources: The Fast Mode

4. Finland Strengthens Cybersecurity in the North with Large-Scale Exercises

Summary:

Finland is ramping up its cybersecurity defenses in the Arctic and Northern regions through extensive cybersecurity training exercises. The initiative is part of Finland’s broader effort to bolster national security and infrastructure protection against rising cyber threats.

Timeline: First Reported on February 12, 2025. Article was edited on the February 14th, 2025.

Threat Actors: N/A; Believed to be a response to the lessons learned from the conflict between Russia and Ukraine. (Finland shares a border with Russia)

Key Implications:

• Greater cybersecurity readiness for Finland’s critical infrastructure.
• Enhanced military-cyber collaboration to counter nation-state threats.
• Increased cybersecurity focus on Arctic geopolitical tensions.

Actionable Steps:

1. Governments should invest in cybersecurity drills and training programs.
2. Businesses should enhance incident response and crisis management plans.
3. Monitor Arctic security developments for geopolitical cybersecurity risks.

Additional Resources: High North News

5. Doxbin Data Breach: Hackers Leak User Records and Blacklist Files

Summary:

In very dramatic fashion, hackers have reportedly breached Doxbin, a notorious online database known for doxing (publishing private information of individuals). The breach exposed user records, chat logs, and a “blacklist” file containing sensitive information on high-profile targets. The group, as outlined on their official site and previously active Telegram channel (now removed), asserts that they infiltrated Doxbin’s systems, erased user data, blocked administrators from access, and revealed sensitive information of those managing the site. They claim their actions were a retaliation to accusations directed at one of their members.

Additionally, Tooda has published a database containing over 136,000 IDs, usernames, and email addresses from Doxbin’s user base. While they maintain they have taken complete control of Doxbin’s backend, they also leaked a document called “Doxbin Blacklist,” reportedly listing individuals who allegedly paid to keep their personal details off the site.

Timeline:

February 13, 2025

Threat Actors: The hacker group known as Tooda has taken responsibility. There appears to be a long-term rivalry between the two groups.

Key Implications:

• Increased risk of harassment, identity theft, and targeted attacks for those that have been exposed.
• Law enforcement likely to escalate investigations into the online doxing.
• Potential legal actions against Doxbin and other platforms hosting sensitive user data.

Actionable Steps:

Although the actions of Doxbin and its users contradict the values upheld by EIP Networks, there are important lessons to be learned that can help strengthen the protection of your personal data.

1. Users should monitor personal data for leaks and update security settings regularly.
2. Understand that just because data isn't meant to be stored in a particular place, it doesn’t eliminate all potential risks. Always be discerning about the websites and organizations you grant access to your personal information, and limit exposure whenever possible.

Additional Resources: HackRead

6. Canada Border Services Agency Internal Data Breach Exposes Employee Information

Summary:

Last week, an email attachment unintentionally exposed personal and workplace data of approximately 18,000 Canada Border Services Agency (CBSA) employees to 70 managers. On February 7, affected CBSA employees were informed of the internal breach via an email that clarified a mass message had been sent to management on February 3. The email mistakenly included an attachment with sensitive information such as gender details, pension eligibility, job classifications, shift schedules, and leave balances.

Timeline: Internal data breach occurred February 3, 2025 and employees were informed February 7, 2025.

Threat Actors:Insider Threat; If one of the recipients has a compromised email, the breach could quickly become an external issue (nothing has been reported to insinuate this has occurred).

Key Implications:

• Employees, even within government agencies remain the first threat to any organization.
• Possible nation-state interest in border security data could increase risks to accidental information sharing
• Stronger data protection policies within government networks and as a whole are needed.

Actionable Steps:

1. Government agencies should strengthen internal data security measures.
2. Employees should use multi-factor authentication (MFA) for work accounts.
3. Monitor for potential phishing attempts targeting affected personnel.

Additional Resources: The Vancouver Sun

7. Ransomware Attack Disrupts Sault Tribe Programs

Summary:

A ransomware attack has severely impacted The Sault Tribe of Chippewa Indians, causing disruptions to essential services. While investigations are ongoing, the attack has limited access to critical resources, affecting both tribal members and employees. Recovery efforts are underway, but officials warn of potential long-term consequences. New phone numbers have been assigned to many of the tribal services, and while facilities remain open, many are operating at limited-capacity, pending the following re-evaluation next week.

Timeline: Attack occurred on Fegruary 9, 2025. Reported on February 14, 2025.

Threat Actors: Currently unknown ransomware group

Key Implications:

• Highlights the growing trend of cybercriminals targeting Indigenous communities.
• Financial and operational setbacks for affected tribal services.
• Increased demand for cybersecurity measures within tribal organizations.

Actionable Steps:

1. Conduct regular data backups and implement strong ransomware defenses.
2. Increase cybersecurity awareness and training among tribal organizations.
3. Monitor updates on recovery efforts and adjust security strategies accordingly.

Additional Resources: The Sault News

8. Cybercriminals Target Papua New Guinea’s Tax Office

Cybercriminals have attacked Papua New Guinea’s tax office, compromising sensitive taxpayer information. The breach has raised concerns about the security of government financial systems, particularly in developing nations. Officials are investigating the attack while working to restore affected systems.

Timeline: Reported on February 17, 2025

Threat Actors: Currently Unknown cybercriminals

Key Implications:

• Potential financial fraud and identity theft risks for taxpayers.
• Need for stronger cybersecurity policies in government financial institutions.
• Increased focus on protecting sensitive economic data from cyber threats.

Actionable Steps:

1. Governments should enhance cybersecurity infrastructure for financial systems.
2. Individuals should monitor their financial records for signs of fraud.
3. Increased collaboration between cybersecurity experts and financial institutions. Specifically in underserved geographical markets.

Additional Resources: The National

9. Cybercriminals Increasingly Target U.S. Food and Agriculture Sector

Summary:

Following the release of the 2024 Ransomware Cyber Threat Report, it is clear cybercriminals are ramping up attacks on the U.S. food and agriculture sector, threatening supply chains and critical infrastructure. Recent cyber incidents have targeted food processing plants, logistics firms, and agricultural cooperatives, highlighting vulnerabilities in the sector’s cybersecurity.

Timeline: Policy Brief released February 13, 2025. Referencing various reports throughout 2024 and 2023.

Threat Actors:Unspecified cybercriminal attacks and groups.

Key Implications:

• Increased isruptions to food production and distribution networks.
• Increased risk of ransomware attacks affecting food prices and supply chains.
• Need for cybersecurity modernization in agriculture and food logistics.

Actionable Steps:

1. Food industry leaders should prioritize cybersecurity investments.
2. Implement stronger access controls and incident response plans.
3. Governments should enforce stricter cybersecurity regulations for the food sector.

Additional Resources: The Foundation for Defense of Democracy

This week's current events represent the larger scope of cybersecurity from a global perspective ranging from the targeting of governments services to businesses continuity, and even individual data. From quantum hacking risks to national security breaches, this week’s events highlight the importance of proactive cybersecurity measures. Organizations must invest in advanced security solutions, conduct regular training, and stay informed on emerging threats.

Partnering with EIP Networks for People-First Cybersecurity

Need expert cybersecurity guidance? EIP Networks provides cutting-edge solutions to protect your business from cyber threats.

EIP Networks remains committed to a person-first approach to cybersecurity, delivering tailored solutions to meet your organization's unique needs. Stay ahead of threats by engaging with our current events and weekly roundups here on our Blog, LinkedIn or X (Twitter), and learn how to fortify your security posture by booking an assessement with our expert team. #WeDoThat