FFT news digest May 13 2022

Ukraine

The US, UK and EU formally accused Russia of being responsible for the cyberattack that affected thousands of satellite terminals in Ukraine and neighbouring countries. “The cyberattack took place one hour before Russia’s unprovoked and unjustified invasion of Ukraine on 24 February 2022 thus facilitating the military aggression,” the EU said. US Secretary of State, Anthony Blinken, added that Washington was working with its allies and partners to defend against Russia’s "irresponsible actions". Attributing the attack on Viasat's network to Russia barely counts as news because it was already assumed Moscow was behind it, but the coordinated statements underline the degree to which the US and its allies are determined to present a united front.

Reuters reports that the US is beginning a fresh investigation into Kaspersky Lab amid heightened fears of Russian cyberattacks. The concern is that Moscow could use Kaspersky's security software to steal sensitive information from US computers or tamper with them as tensions escalate between Moscow and the West. In March, Germany warned that the Kremlin might coerce the company into helping to attack western organisations. Kaspersky has condemned the moves, saying it's a privately-managed company with no ties to the Russian government.

On a more positive note, the US National Security Agency says the level of ransomware attacks has fallen over the past few months. Cybersecurity Director, Rob Joyce, said, “There’s probably a lot of different reasons why that is, but I think one impact is the fallout of Russia/Ukraine. As we do sanctions and it's harder to move money and it’s harder to buy infrastructure in the West, we’re seeing them less effective.” 


Threats

Managed Service: Cybersecurity agencies from the Five Eyes intelligence alliance have warned of a rise in attacks targeting managed service providers.

Data stealer: A powerful malicious software tool offers complete access to Windows systems and is being sold on underground forums for as little as $6. Blackberry

Crypto: Amazingly, people are losing money to a barely credible scam involving old videos starring Elon Musk and Jack Dorsey. They promise investors they will be paid twice the amount they send to the scammer. Bleeping Computer

App injection: There's an old-fashioned con doing the rounds that tries to persuade mobile phone users to install premium versions of common apps including Only Fans and Pokemon Go. It's unlikely any of our readers will fall for this, but some kids might... Malwarebytes

Instagram screenshots: If you receive a forgotten password link and a call asking you to screenshot it and send it to someone, be very suspicious. It's the first step in taking over your account by resetting your password (and do make sure you have two-factor authentication enabled).

Keyboards: If someone is using a mechanical keyboard, all you need is a reasonably good microphone and some newly-developed software to discover what they're typing. TechRadar

Crime stats

The global cost of cyber crime exceeded $6 trillion last year, according to the head of Italian defence and aerospace business, Leonardo. Allessandro Profumo told the Cybertech Europe conference that COVID-19 was partly responsible and he called for cooperation to confront the threat. We expect to see further increases in the amount of cyber crime given the economic pressure facing so many people and the availability of cheap (i.e. $6 a month) tools. There's also no shortage of stolen credentials, as a report from Outpost24 describes. It found more than 31,000 credentials from FTSE 100 companies available for sale on the dark web. There were more than 500 unique compromised user logins for 42% of them.

US government surveillance

US Immigration and Customs Enforcement has bypassed official and public oversight to create the ability to track most of the country's citizens. Georgetown University's study says ICE's use of data brokers means it has access to driver's licence details for 75% of US adults, as well as information from utility companies. ICE's enthusiasm for data brokers is not shared by the Pentagon. It's currently soliciting solutions to combat the "exploitation of digital footprints" which it describes as a "primary concern." Data brokers can gather vast amounts of information about us. Some of our clients ask us to find out what data are held about them. The results are invariably startling.

In brief

Spain: The country's intelligence chief has been dismissed amid a spyware scandal that has rocked the country's minority government. The phones of both the Prime Minister and Defence MInister were infected with Pegasus spyware, possibly by Morocco. Separately, Pegasus was used to hack the phones of Catalan separatist politicians.

NCSC: The UK's National Cyber Security Centre has updated its advice on using cloud services securely. It's aimed at organisations of all sizes. It has also released a free tool to check some basic email security measures (which are often implemented incorrectly or not at all).

Deep fakes: FaceMagic sells itself as a fun face-swapping app. ; “Do you want to see your boss dancing?" its app description says. But there's a less savoury side to it because on porn sites it offers users the chance to “Make AI face porn in a sec.” And, as Motherboard reports, it exploits a loophole in Apple and Google's app store policies.

Netflix: The days of unrestricted password sharing look to be coming to end sooner rather than later. The New York Times says an internal memo told employees the company aims to start cracking down on password sharing in the final three months of this year.

Fake applications: Activists are subverting the online job application process to sabotage and expose companies that try to prevent unionisation and mistreat employees. Motherboard

AirDrop: A flight from Tel Aviv was aborted shortly before takeoff because some of the passengers received photos of plane crashes on their iPhones. The images were shared over AirDrop; another excellent reason to turn the feature off unless you’re using it. BBC

Karma: A Nigerian scammer behind the theft of more than 800,000 credentials from some 28,000 victims was identified after he managed to infect his own computer with information-stealing software. Malwarebytes

Tesla overwatch: San Francisco police are using driverless cars as mobile surveillance cameras. Motherboard

This is a condensed version of the email our clients receive. You can subscribe to receive the full digest.

Full Frame Technology

What we do 
Who we are 
Need to know
Privacy Notice
Website terms

Address

152-160 City Road
London, EC1V 2NX

Contacts
Email: info@fullframetech.com
Phone: +44 (0) 20 3290 2205
Support: +44 (0) 20 3290 2207

Company registration no. 10243217

© Copyright 2022 Full Frame Technology - All Rights Reserved