FFT news digest Jun 18 2021

Ransomware

Ransomware is the most dangerous and insidious cybersecurity threat facing the UK, according to the head of the National Cyber Security Centre. "What I find most worrying isn’t the activity of state actors. Nor is it an improbable cyber armageddon. What I worry most about is the cumulative effect of a potential failure to manage cyber risk and the failure to take the threat of cyber criminality seriously," Lindy Cameron said. Of course, hostile governments may very well turn a blind eye to the activities of ransomware gangs, because the real disruption aligns perfectly with their own aims.

This week, it emerged that the latest victim of the REvil ransomware gang was ...a US nuclear weapons contractor. "The investigation is ongoing, but we recently determined that an unauthorised individual acquired certain documents from our system," Sol Oriens said. The statement comes after ransomware caused significant disruption to fuel supplies in the US and meat processing globally. Following their meeting in Cornwall, G7 leaders demanded Russia stop sheltering ransomware gangs, a call reinforced during President Biden's meeting with President Putin in Geneva. We aren't holding our breath.

This week saw some great background articles on the reality of ransomware. Kevin Beaumont describes the "hard truth" about the issue; "we aren’t prepared, it’s a battle with new rules, and it hasn’t near reached peak impact." And veteran security journalist, Brian Krebs, explains how "a self-employed web site designer and mother of two" ended up working for one of the world’s most rapacious cybercriminal groups while leaving a trail of clues about her involvement. Alas, despite recent law enforcement successes (the latest in Ukraine), ransomware is a critical risk for all organisations and it's essential to guard against it.

Threats

We've been very naughty while we've been working at home. At least that's what a majority of IT bosses believe. Tessian's report found one in three employees believe riskier security behaviours are OK when working remotely and over a quarter admit to having made mistakes that compromised their organisation's security - but which they think no-one will ever know about. Meanwhile, venture capitalists, Andreesen Horowitz, have produced a report on companies' plans for the 'new normal'. It found 10% are moving headquarters, 25% are going "remote first" and two thirds are adopting a "hybrid" model.

Fax/scan: As (some) people return to the office, attackers are welcoming them with fake fax/scan notifications. It's really worth warning users to beware of these (believable) emails. Avanan

VPNs: New figures show why it's so important to secure VPNs. Nuspire says the first quarter of 2021 saw a 1,916% increase in attacks against Fortinet’s SSL-VPN and a 1,527% increase in Pulse Connect Secure VPN.

Search: A reminder not to believe every search result you see. Attackers are stuffing thousands of PDF documents with popular keywords and using links to set off a chain of redirects that eventually lead to malicious software. Microsoft

Fake antivirus: Malicious software designed to steal banking information masquerades as Kaspersky's Android antivirus app. Beware of popular apps in unofficial stores! Cyware

Romance fraud: A 79-year old woman died with £120 to her name after being conned into sending £20,000 to addresses across the UK. Romance scams are an evil threat, especially to the elderly. BBC

Amazon: 'Prime Day' is on Monday and Tuesday - and you can bet criminals have prepared their campaigns to take advantage of it. Do take care with emails and texts promoting special offers.

Replacing passwords

The sooner passwords are consigned to the dustbin of technological history, the better the world will be. And there's growing momentum towards that glorious day. Among last week's flurry of announcements, Apple revealed plans for a new passkey feature that will allow Face ID and Touch ID-based account authentication to be used in place of a password. That brings Apple into line with Google and Microsoft which have been pursuing similar plans. Meanwhile, with the Euros in full swing, a survey of the most common crap passwords show football-related terms to be popular choices. Depressingly, the most common of all is 'Football", closely followed by 'Liverpool".

Email privacy

As part of its privacy initiative, Apple has revealed plans to allow users to put a stop to email tracking (prompting cries of alarm from some newsletter authors and marketers). As you may know, it's simple to tell whether an email has been opened - and not so simple to opt out. (Full disclosure; the platform used for this newsletter enables us to see whether you've opened it, but we only look at the overall figure rather than individual results.) Apple's Mail Privacy Protection comes with its new operating systems and it will hide your IP address and load all remote content privately in the background, routing it through multiple proxy services and assigning a random IP address into the bargain. Or, more simply, we won't know whether you're ignoring us!

Winds of change

Big Tech companies must be feeling some uncomfortable draughts of change swirling around them, with multiple moves by regulators to clip their wings. In the US, a prominent critic of Big Tech has been confirmed to lead the Federal Trade Commission. US lawmakers have also proposed five expansive antitrust laws that will impose aggressive limits on Big Tech companies and the way they do business. In Europe, UK regulators announced an investigation into Apple and Google's dominance of the mobile market. And the European Court of Justice has given Belgium the go-ahead to take a shot at Facebook, despite it being based in Dublin. All that in just one week.

Winds of change

Millions of connected security and home cameras contain a critical software vulnerability that could allow remote attackers to access video feeds, according to the US Cybersecurity and Infrastructure Security Agency. CISA says the cause of the issue is a key component used by multiple manufacturers of security cameras, as well as other internet-connected devices. The component is used to provide remote access to audio and video streams over the internet. The Taiwanese company behind it has blamed its customers for the problem. CISA has advice on what to do.

In brief

Takedown: More victories in the battle against scumbags. Interpol has taken down thousands of online pharmacies that were marketing fake and illicit drugs and medicines. And two UK companies have been wound up after being found to have run tech support scams.

Germany: The lower house of parliament removed legal provisions that exempted journalists from surveillance during terrorism investigations and ruled Intelligence agencies should be able to read encrypted messages. tagesschau

Phones: An encryption algorithm designed to protect mobile phones in the 1990s was so weak that researchers have concluded the flaws were deliberate. They say they were almost certainly designed to enable surveillance. Today's cellular connectivity is far better protected. Probably. Ruhr-Universität Bochum

AI: New tools powered by artificial intelligence can read our lips and even work out how we're feeling. Not scary at all.

Ikea: Ikea's French subsidiary has been fined €1 million after a court found it guilty of running an elaborate scheme to spy on employees and job applicants. Mind you, as Malwarebytes reports, surveillance is being used on a mass scale for remote workers.

Crooked iMac: Apple's quality control failures continue to be a source of amazement. The latest issue affects the new iMac model, with owners taking to online forums to complain the displays are skew-whiff. That's after problems with antennae, keyboards, batteries and displays.

Pink Floyd: Roger Waters is clearly not a fan of Mark Zuckerberg. When offered "a huge, huge amount of money" to allow Instagram to use "Another Brick in the Wall II" in an ad, his response was, "Fxxk you."

Updates

Windows 10: It's not your eyes! Microsoft has conceded that part of the Windows taskbar does look out of focus. “After installing KB5001391 or later updates, the news and interests button in the Windows taskbar might have blurry text on certain display configurations,” it said, adding it's working on fix.

Teams: The latest version fixes a gaping security failure that an attacker could have used to obtain full access to a user's email, chats, OneDrive and Sharepoint.

iOS: Apple has released version 12.5.4 for older iPhones and iPads that can't run iOS 14.

Instagram: Latest version addresses a flaw that allowed anyone to view archived posts and stories posted by private accounts without having to actually follow them.

Edge: Microsoft is releasing an enhanced password manager tool for its browser. We still believe it's better to have a standalone manager, rather than rely on your browser.

Firefox: Version 89.0.1 of Mozilla's web browser fixes a security vulnerability and several non-security related issues.

VMware: Three weeks after fixes were released for critical vulnerabilities in vCenter servers, thousands of instances haven't been updated and remain open to attack. There are often reasons for delays, but attackers don't care about that.

Subscribe to receive the digest by email

Full Frame Technology

What we do 
Who we are 
Need to know
Privacy Notice
Website terms

Address

152-160 City Road
London, EC1V 2NX

Contacts
Email: info@fullframetech.com
Phone: +44 (0) 20 3290 2205
Support: +44 (0) 20 3290 2207

Company registration no. 10243217

© Copyright 2021 Full Frame Technology - All Rights Reserved