Cyber Bulletin
Hi, it’s Jordan. A panel at the World Economic Forum in Davos discusses the aftermath of a hack of a $54 billion company. But first…Must Rea
View in browser
Bloomberg
by Jordan Robertson

Cyber Bulletin is exclusively for Bloomberg.com subscribers. As a loyal reader, you’re receiving a complimentary trial. If you’d like to continue receiving Cyber Bulletin, and gain unlimited digital access to all of Bloomberg.com, we invite you to subscribe now at the special rate of $129 for your first year (usually $299).

Hi, it’s Jordan. A panel at the World Economic Forum in Davos discusses the aftermath of a hack of a $54 billion company. But first…

Must Reads:

• Trump backs Musk or Ellison buying TikTok with US stake
• HPE investigating breach claims but says there’s no business impact
• FTC study finds consumer data is behind ‘surveillance’ pricing

The Cyber Angle

When Johnson Controls International Plc suffered a devastating ransomware attack in 2023, one lesson for Chief Executive Officer George Oliver was that management needs to be as transparent as possible in the wake of a breach with not only customers but also employees.

Oliver, whose company makes fire, heating and cooling and security systems, said he wanted to keep his employees informed during a confusing and distressing situation.

“We have 100,000 colleagues across the globe. Making sure they’re all aligned was a test of our culture, a test of our ability to respond,” Oliver said Tuesday during a panel on cybersecurity at the annual conference in Davos, Switzerland.

Over the last several months, I’ve occasionally written about how executives react to breaches. As the  scourge of ransomware affects organizations globally, experiences like Oliver’s can help inform other leaders how to respond if they receive the dreaded notification that their computer networks have been locked up by hackers.

The price tag for the Johnson Controls incident was about $29 million, which mostly went to responding to and remediating the breach, the company said in a regulatory filing last year. 

Oliver said managers need to understand the infrastructure of their network and how it’s secured before a breach occurs. No matter how much planning a company does, there’s still a lot of real-time learning during an incident, he added. 

“What you want to do is instill confidence,” he said. “Everyone’s going to have an event, so how do you manage that? How do you respond? Our team was prepared, we reacted, we continued to run the company fairly well while we mitigated the risk.”

Oliver was joined on stage by George Kurtz, the founder and CEO of CrowdStrike Holdings Inc., which experienced a crisis of its own last year when a faulty software update from the cybersecurity software company triggered a global IT meltdown. Kurtz said his efforts to convey information about the incident as the company learned it, across TV, social media and the internet, helped repair some trust that was lost as a result of the outage.

“If you are upfront, if you’re transparent, if you communicate not only one time but frequently, this was a big part of our response,” Kurtz said. “We did the best we could with what we had in front of us.”

Kurtz apologized on the Today Show within hours of his company’s outage, which disrupted business operations and air travel globally. Some public relations experts faulted Kurtz for not saying he was sorry during his first communication on the matter, where he explained the outage wasn’t the result of a cyberattack.

CrowdStrike is facing lawsuits over the update glitch from shareholders and also Delta Airlines Inc., whose operations were significantly impacted by it.

What We Learned This Week

President Donald Trump pardoned Ross Ulbricht, the founder of the Silk Road marketplace, delivering on a campaign promise he made to court the cryptocurrency community and libertarian voters.

Trump made the announcement on Tuesday in a post to his Truth Social platform, where he initially misspelled Ulbricht’s name. Trump said he had called Ulbricht’s mother “to let her know that in honor of her and the Libertarian Movement, which supported me so strongly, it was my pleasure to have just signed a full and unconditional pardon of her son, Ross.”

Ulbricht, who is better known by his online pseudonym “Dread Pirate Roberts,” was sentenced to life in prison in 2015 in connection to his work running Silk Road, a dark web marketplace where customers used virtual currencies to buy illegal drugs and hacker tools. — Stephanie Lai

What We’re Reading

• MrBeast, the most-followed content creator, joins new bid to buy TikTok.
• Trump signs executive order to end ‘government censorship’ of social media.
• The Philippines charges fugitive alleged cyber-fraud ‘boss’ with money laundering.
• Listen to GuidePoint Security’s Jason Baker on lessons learned from negotiations with ransomware groups.
• Swedish spam blocker Truecaller takes on AI voice clones.

Gone Phishing

Got a News Tip?
You can reach Jordan Robertson at jrobertson40@bloomberg.net. You can also send us files safely and anonymously using our SecureDrop.

More from Bloomberg

Get Tech In Depth and more Bloomberg Tech newsletters in your inbox:

  • Game On for diving deep inside the video game business
  • Power On for Apple scoops, consumer tech news and more
  • Screentime for a front-row seat to the collision of Hollywood and Silicon Valley
  • Soundbite for reporting on podcasting, the music industry and audio trends
  • Q&AI for answers to all your questions about AI
Follow Us

Like getting this newsletter? There’s more where that came from. Browse all our weekly and daily emails to get even more insights from your Bloomberg.com subscription.

Want to sponsor this newsletter? Get in touch here.
You received this message because you are subscribed to Bloomberg's Cyber Bulletin newsletter. If a friend forwarded you this message, sign up here to get it in your inbox.
Unsubscribe
Bloomberg.com
Contact Us 		Bloomberg L.P.
731 Lexington Avenue,
New York, NY 10022
Ads Powered By Liveintent Ad Choices