Security News for the Week Ending February 25, 2022
Scammers Figure out How to Fake Out Facial Biometrics
Multi-factor authentication is not magic. For the most part, it is software. And if software is not well written, it can be fooled. That means that we should not be surprised if scammers try to use deep fakes and other techniques to fool automated facial recognition. It is also a trade-off of security and convenience. In Israel it takes 90 seconds for automated facial recognition to see if you are you. In the U.S., it takes 45 seconds and in the U.K. it takes 35 seconds. Less time means, not surprisingly, less accuracy. Credit: Cyber News
Russia’s Invasion of Ukraine Threatens IT Industry
Some U.S. software companies were founded in Russia. Others have a significant software development presence in Russia. Some company owners, like Gene Kaspersky, are rumored to be pals of Putin’s. The Parallels Desktop software for running Windows on a Mac historically did all of their development in Moscow and Novosibirsk. And there are lots more. Not only is buying new software a concern, but so is installing any updates. As if we needed more security challenges. Credit: ZDNet
Anonymous Declares Cyberwar on Russia
This could either be nothing or something. Sometimes the informal hacking collective Anonymous does cause damage, but a lot of the time, they don’t cause anything. One thing in favor of this being something is that Ukraine is a big software development hub and there are probably a lot of Ukrainian software developers who are not terribly happy right now. They might be interested in getting even. Right now, all I can say is stay tuned. Credit: Cybernews
And Then There is the Other Team
The Conti ransomware gang says that they are ready to hit critical infrastructure in support of Mother Russia. This could get seriously messy if they are successful. Everyone remembers the Colonial Pipeline attack. Is worldwide critical infrastructure secure? No, that would be a bit optimistic. Again, we have to wait and see. Credit: CSO Online
Oracle Gets to Play with the Big Boys – Finally
Amazon won the first top secret government cloud hosting project, building the CIA’s secure cloud. Years later, Microsoft and Amazon waged a bit of a war to win DoD’s version of that cloud. Oracle, which also has a cloud, was left in the dust, but finally, Oracle won something. They are going to host a secure cloud for the Air Force. While this is not a $10 billion contract like the others, it might be worth as much as a billion. Credit: Yahoo