The world of technology is abuzz with activity every moment. The fast-paced twenty-first century has no room for stillness. Similar is the case in the world of cybersecurity, where the good and bad actors are always engaged in outsmarting each other. The outcome of this relentless strive is reflected in the news headlines that make it to our mobile screens and newspapers. Here are the top picks for cybersecurity news for the past week:

FBI Director Feels Getting Into Criminals’ Device Encryption Ensures Faster Resolution Of Cases

While addressing the Law School at Fordham University, FBI Director Christopher Wray said on 2th July 2019, Thursday that he completely seconds the Attorney General William Barr’s assertion when he says that cooperation with the law enforcement agencies is essential for tech companies to ensure quick access into the encrypted phones and apps of criminals and suspects.

He further spoke of his disappointment in people who claim that such intrusion into encrypted devices of criminals weakens cybersecurity because, in today’s time when attackers are always a step ahead, it becomes incredibly crucial to implement this measure for the upkeep of national security.

To prove his point, he gave examples of previous cases involving phishing protection where co-operation from apps helped locate the criminals and give them the deserved punishment. Lastly, he concludes by saying that this issue is a severe one and concerns not just national security but also public safety.

Instances Cited By The FBI Director

Christopher Wray mentioned two cases from a New-England town. In one of the cases, a nine-year-old girl, who was being abused, was located and rescued with the help of information provided by an app. In another case, two young girls had been rescued in less than 12 hours, with the help of an app.

 

Chinese Camera App Users Remain Vulnerable To Information Requests By Govt.

The camera apps with Chinese origin make users vulnerable to loss of personal data to the Beijing government if there are requests from the latter. These apps have a user base comprising hundreds of millions of active users, but they do not have as stringent privacy policies as is expected from applications to ensure phishing protection. There is the constant fear that the companies might become subjects of the government’s fury if they oppose their commands and naturally, user privacy comes much below in their priority list.

Some of these apps explicitly mention in their privacy policies that the users’ information might be revealed to third parties, but it is not clear who is being referred to by ‘third parties’ in the clause. Government requests for information have to be complied with at all costs, but then those requests rarely come. But the fact remains that users’ data remains vulnerable to the demands of information from the Government of Beijing.

Comments Of Famous Chinese Companies

Meitu, a popular photo-editing app, which is based in China, mentions in its privacy policy that it collects user names, genders, types of devices, locations, and uploads it on the cloud. When asked, Meitu declined to deny that it shared data with the Chinese government.

Another popular Chinese app, TikTok, has been accused of collecting and sharing user data, which it denies.

 

CISCO To Pay $8.6 Million In Whistle-Blower Case

Cisco has agreed to pay a sum of $8.6 million to federal, state and local agencies for a whistleblower case about a cybersecurity flaw. A Denmark-based employee of a Cisco partner had made attempts to alert the company of the weakness in the software used for a particular line of their surveillance cameras as early as in November 2008. However, no action whatsoever was taken by the firm until 2012 when an update of the same surveillance camera was launched. Another blunder that the company did was to keep users of the flawed camera oblivious of the weakness or even the rectified update till as late as 2015.

The offered settlement amount is small, but it shall send out a much-needed message to the rest of the companies to critically examine vulnerability reports before discarding them with the assumption of being exaggerations.

What Was The Flaw?

James Glenn, the employee who had pointed out the flaw, made several attempts to let the firm know of the vulnerability before finally approaching the local authorities and law enforcement personnel working within LAX seeking redressal of the problem. The flaw made it easy for anyone to access the device which was a sufficient reason to defy the code of conduct of the National Institute of Standards in Technology (NIST), which puts forward a road-map for security measures to be taken by the companies who wish to do business with the federal government. This only speaks of the lack of efficiency in incorporating anti-phishing solutions.

 

Capital One Hacker Apprehended After Being Unsuccessful In Concealing Her Identity

In what seems like the most significant data breach of a financial institution, the FBI has been successful in arresting the prime suspect, a 33-year-old woman, who has been a former employee at Amazon Web Services as a Software Engineer. The accused Paige A. Thompson, from Seattle was vicious and sly enough to execute a breach of this magnitude that involved data of 106 million credit card applications comprising information like names, addresses, phone numbers, dates of birth, in addition to 140,000 social security numbers, 80,000 bank account numbers, and some credit scores and transaction data. However, she wasn’t as cautious in concealing her identity, which ultimately made it possible for the phishing prevention team at FBI to get hold of her within just ten days of the breach being reported.

How Did She Execute The Data Breach?

  • She exploited a misconfigured firewall – a failure of the anti-phishing services of the bank.
  • She gained access to a Capital One cloud repository and exfiltrated the data.
  • She then posted the stolen data to her GitHub account, having her real name and resume.
  • She even spoke about the data breach openly.

This final act, where she spoke openly about her deed, brought forth her crime. A user who viewed her online activity informed Capital One immediately.

How She Failed To Cover Her Tracks

While engaging in data breaches of this intensity, a certain level of cautiousness and research needs to be put in, but it seems that Thompson went down in this particular area as she used the anonymity network Tor and the VPN IPredator for the Capital One data breach. However, what she probably didn’t realize was that these aren’t the best means of concealing one’s identity.

 

Attack On School Districts – Louisiana Govt. Declares Emergency Situation

To uphold the phishing attack prevention, the governor of Louisiana has declared a state of emergency immediately after a series of attacks on three of the state’s school districts which resulted in shutting down of phones and locking and encryption of data.

States and local governments have become the new favorite target of cybercriminals who attack them with ransomware tools, infecting all computer networks of an organization and locking up their critical files until a ransom payment is made.

The attack on Louisiana has disturbed the functioning of school districts in Sabine, Morehouse, and Ouachita parishes in North Louisiana. Consequently, phones, files, and computer equipment have become inaccessible. Local law enforcement, state officials and the FBI have been informed of the attack and investigations continue in this regard. The emergency that has been imposed is implemented to fulfill two requirements: to ensure protection against phishing attempts in the future and to facilitate the ease of investigation.

 

Mobile Phone Firm ‘Sure’ Faces A Cyber Attack

Another cyber attack has led to the loss of bank and other personal details of employees of the mobile phone firm ‘Sure’. The attack was executed by targeting the workers of Sure in a phishing attack. Clearly, due to lack of implementation of anti-phishing measures, sensitive information belonging to the workers has been compromised in the attack. These details include the names, residential addresses, sort codes, and account numbers of the workers.

Although the number of affected people is not very huge (comprising less than 400 people), there is still a risk for those affected. As a countermeasure, Sure is reaching out to all the people affected by the incident and have also asked certain groups such as the suppliers to remain all the more cautious and alert.

An Acknowledgement And Promise To Bolster Anti-Phishing Measures

The attack was carried out by the hacker, gaining access through a worker’s email account. Thus, acknowledging the drawbacks in its anti-phishing measures, the company has apologized and announced that reviews are being made to ensure that no such attacks happen in the future.

 

FTC Recommends Victims To Go For Free Credit Monitoring From Equifax

The 2017 data breach that exposed the details of over 147 million consumers with Equifax made the company announce compensation to all those users who had been victims of the mentioned breach. They announced to distribute $700 million among the consumers and even offered them the option of choosing to opt for a free credit monitoring by Equifax for ten years.

The Federal Trade Commission (FTC) recommends that those affected by the Equifax breach should opt for the free credit monitoring facility instead of claiming the compensation because the $700 million is to be distributed among the many users who claim compensation. So naturally, per head share becomes less and might come down to being even less than $125 per person.

The more the number of people claiming a monetary compensation, the lesser the per head share. Hence the FTC is advising people who haven’t already submitted their claims to go for the free credit monitoring option. It has also been mentioned that people who have already submitted their requests shall get another chance to change their decision.

 

Ransomware Attack On Georgia Department Of Public Safety

In a recent ransomware attack in the Georgia Department of Public Safety (DPS), the departments of Georgia State Patrol, Georgia Capitol Police, and Georgia Motor Carrier Compliance Division were deeply affected. The attack disrupted activities to such an extent that the entire department had to shut down its IT systems, which included email servers, public website, and backend servers. The ransomware also attacked the laptops installed in police cars across the state making officers incapable of accessing data.

What Are The Steps Being Taken?

Consequently, officers are now working and communicating via car radios or work phones instead of laptops to request for any information needed. The department has taken necessary steps upon discovering the attack. The Georgia Technology Authority has been notified which has incorporated phishing prevention software and are conducting a forensic analysis on the DPS system.

 

Data Breach At Insurance Firm Ameritas

As the implementations of measures for protection from phishing increase, so are increasing the instances of data breaches. One of the most recent data breaches occurred at the Lincoln-based insurance company, Ameritas, where the workers became prey of the malicious attackers trying to extract information of customers through a phishing attack.

The data breach led to an exposure of the personal details of customers, which included their names, addresses, email addresses, social security numbers, and policy numbers. Once the breach was discovered, the firm took immediate actions and disabled the unauthorized access and conducted a password reset for the entire enterprise. Following this, an internal investigation was carried out to pinpoint and locate the victims of the breach. The firm conducted a step by step follow up and then notified the customers about the data breach.

What Measures Has Ameritas Taken?

Ameritas has employed a risk-consulting firm to investigate the incident and incorporated stricter security measures to ensure protection from phishing attacks. They have also started with additional training programs for their employees to avoid repetition of such attacks in the future. They have also announced compensation for affected users by providing them free identity and credit-monitoring services for one year.

 

Watertown City School District Faces A Ransomware Attack

Watertown City School District underwent a ransomware attack recently which disrupted the functioning of all the computers in the district and also disabled access to the files. The attack first came to the notice of the School Superintendent Patricia LaBarr, who couldn’t access her email in spite of trying several times. She reported the same to the concerned authorities and eventually was informed by experts from the Mohawk Regional Information Center (MORIC) that it was indeed the result of a ransomware attack.

What Steps Have The Authorities Taken?

As a coping and settling mechanism, all staff members have been asked to refrain from logging into any computer. Meanwhile, the district has initiated necessary steps to secure its critical computer networks.

The U.S. Department of Education and the Department of Homeland Security has been informed about the attack and investigations continue in this regard. But no ransom demand has yet been made by the attackers. The district is working in close association with the local, state, and federal agencies to reach the roots of the matter and aim to find out the answers at the earliest.