FFT news digest Mar 29 2019

Attacking the supply chain

Taiwanese computer manufacturer, Asus, has confirmed its update servers were compromised to deliver spyware to some of its customers. Asus said the attack targeted its notebook computers and insisted only "a small number of devices" had been affected. Asus was responding to research by Kaspersky which discovered that the Asus Live Update Utility had been compromised. It said 600 specific devices had been targeted and added that three other (unnamed) companies were affected. Attacking people by compromising something they trust is extremely effective and there's a risk that it results in failing to take updates. Despite this incident, it is still essential to keep software and devices updated. Asus has provided a diagnostic tool designed to provide reassurance to owners of its notebooks.

No way Huawei

More questions have been raised over the security of Huawei products, as it emerged that the Chinese company failed for years to address vulnerabilities in its home routers. A highly critical report produced by a UK government-led committee said it had found "significant technical issues" and had no confidence Huawei could remediate the significant problems it faces." The report did not suggest the issues were the result of Chinese state interference but voiced concern over Huawei's involvement in the rollout of 5G networks in the UK. Meanwhile, The Register has published details of Huawei's protracted failure to fix security issues in its range of home routers. Despite being given details of the vulnerabilities, it fixed them in only two models even though the issues were simple to exploit. None of this appears to have damaged Huawei's profits which rose to US$9 billion in 2018.

Social media

Microsoft has called on social media companies to develop an industry-wide approach to combat individuals who are "using online platforms to bring out the darkest sides of humanity.” In a blog post reacting to the recent attack in New Zealand, Microsoft President, Brad Smith, said, "it’s clear that we need to learn from and take new action based on what happened in Christchurch." He demanded cooperation from companies more used to competing with each other, and said they should build on work already underway to counter terrorism. Meanwhile, Facebook is to ban content that praises, supports, or represents white nationalism and separatism. Motherboard says the new policy will be implemented next week.

EU copyright

The EU Parliament has approved highly controversial regulations that tighten controls over sharing content online. The Copyright in the Digital Single Market Directive has united technology companies and activists who argue that the rules are incoherent and will end up the subject of court cases. The Electronic Frontier Foundation said, "We can expect media and rights holders to lobby for the most draconian possible national laws, then promptly march to the courts to extract fines whenever anyone online wanders over its fuzzy lines." While the Directive makes Internet platforms liable for content uploaded to them, it does make exceptions for some material, including memes, GIFs, and hyperlinks to news articles.

Small businesses. Big hit.

Small businesses in the UK bore the brunt of cyber crime in 2018, with an average cost estimated at £65,000 per victim, according to research from internet service provider, Beaming. 63% of businesses employing 10-49 people reported being a victim of cybercrime in 2018, up from 47% in 2017 and 55% in 2016. While malicious phishing emails claimed the greatest number of victims, ransomware attacks were the most financially damaging, costing victims £21,000 each on average. Meanwhile, separate research from Cisco looked at small and medium-sized businesses worldwide and found 53% had suffered a security breach. It also found that businesses were increasingly turning to external companies to provide cybersecurity expertise which they lacked in-house. The UK's public-facing part of GCHQ has guidance for small and medium sized organisations.

Securing remote working

Remote working is an unavoidable reality of today's world which may explain why more than a third of organisations told researchers they had experienced a security incident because of something a remote worker did. The OpenVPN survey of 250 IT leaders has advice for making remote work more secure. 1. Make sure remote working policies are reviewed and updated regularly. 2. Make sure policies are enforced (because the survey suggested this isn't being done effectively). 3. Make sure IT experts are involved in drawing up policies because (unsurprisingly) they don't work well when they're not. UK government guidance provides a 10-step plan for home and mobile workers.

In brief

Shodan is a search engine designed to find Internet-connected devices and it has launched a new tool that aims to enable organisations to keep such hardware under control. Shodan Monitor is a free add-on for paying members and is designed to simplify network monitoring so that no technical knowledge is required. 

UK domain name registrar, Nominet, has reminded organisations with co.uk domain names that they have less than 3 months to register the .uk version of their name. From June 25, anyone will be able to register the name.

Apple has admitted that there is a problem with some of its Macbook keyboards. Responding to a Wall Street Journal report, Apple apologised but (despite ample evidence to the contrary) denied there was a systemic issue.

Office Depot is to pay $25 million to settle a lawsuit that claims it lied to customers about their PCs being infected with malware so it could charge unnecessary repair fees. It continues to deny any wrongdoing.

How do you earn $122 million? One way is to send Google and Facebook fake invoices for things they hadn't bought. Lithuanian, Evaldas Rimasauskas, pleaded guilty to the scam. Much of the money is still missing.

Russia is increasingly subverting GPS signals to protect sensitive locations and cause disruption. Among the examples in a report by the Center for Advanced Defense is an incident in which GPS coordinates showed a ship located at a nearby airport.

Updates

Apple: A bumper set of updates, including some important security fixes for iOS and macOS devices. There are reports of problems with these versions, including issues with Mail and Apple Pay. While you may want to wait, the security issues being addressed are important so don't wait too long. There are also updates for iCloud for Windows, iTunes for Windows, Safari, tvOS and Xcode.

Cisco: RV320 and RV325 WAN VPN routers are still vulnerable to attack because updates weren't effective. RedTeam Pentesting has advice on what to do while Cisco gets its act together. Cisco has also published 23 other advisories, most rated 'High', for IOS XE software.

Tails: Emergency release to fix a critical security vulnerability in Tor Browser.

Thunderbird: Update addresses 2 critical vulnerabilities.

WinRAR: A reminder to make sure you have installed a recent update because the vulnerabilities it addressed are being actively exploited, according to Symantec.

Full Frame Technology

What we do 
Who we are 
Need to know
Privacy Notice
Website terms

Address

152-160 City Road
London, EC1V 2NX

Contacts
Email: info@fullframetech.com
Phone: +44 (0) 20 3290 2205
Support: +44 (0) 20 3290 2207

Company registration no. 10243217

© Copyright 2021 Full Frame Technology - All Rights Reserved