Security News for the Week Ending July 2, 2021

WD NAS Devices Are Being Wiped Worldwide

The downside of using computers beyond their end of support is that you can get hacked and all of your data can get wiped. This is what has happened to many WD My Book owners. Western Digital stopped patching them in 2015 and hackers have figured out how to remotely execute a factory reset, wiping all the data. The second thing not to do is to not have offline backups, which, apparently, a lot of these Western Digital owners also did not have. The result is many sad Western Digital owners. It does not appear that Western Digital’s own servers were hacked. Users, at this point, are just outta luck if they did not make backups. Credit: Bleeping Computer

As if this wasn’t bad enough, there is now a second zero-day way to wipe the devices. Credit: Metacurity

Pentagon Official Accused of Disclosing Classified Information

Katie Arrington, a political appointee in the DoD’s office of acquisition and sustainment and who acted as A&S’s CISO was suspended and her security clearance deactivated after being accused of unauthorized disclosure of classified information. Rumors had been that she was walked out of the Pentagon several months ago, but no announcement was made until this week. If true, she could wind up in jail. Credit: Newsweek

Politics ‘R’ Us – CISA Don’t Need No Stinkin’ Director

CISA, the Cybersecurity and Infrastructure Security Agency, part of DHS, has been without a director since ex-president Trump fired Chris Krebs last year for saying that there was no massive election fraud. President Biden nominated Jen Easterly, a graduate of West Point and Oxford, an Army Lt. Colonel and long time intelligence and NSA official, however the Senate has not voted on her confirmation. The arcane Senate rules allow any Senator to put a hold on anything for any reason. In this case, Senator Rick Scott decided that since Kamala Harris had not visited the southern border, something he thinks is important, that the Senate should not vote on the nomination of Easterly to head DHS. This has nothing to do with Easterly or security, just some Senator on a power trip. It appears that maybe next week, after DHS has not had a director for more than 6 months, during which time a major oil pipeline was shut down due to a ransomware attack, the Russians compromised a number of federal agencies twice – once via SolarWinds and again using Microsoft Exchange, and numerous other attacks, Scott may decide to stop being a dictator and allow the Senate to vote on Easterly’s appointment. The political process is very messy. Credit: ZDNet

Microsoft Testifies it Gets 10 Info Demands a Day from the Feds

Microsoft testified this week that it gets 7-10 secrecy orders every single day from the feds, demanding that they turn over customer information and not notify the customer that their information has been targeted. Since these orders are secret and often stay that way forever, cloud service customers have no way of knowing if their personal and/or sensitive information is in the hands of the government, for some unknown purpose, under likely poor security (the FBI just told Congress that it needs millions and millions of more dollars in order to protect their systems, so it is reasonable to assume that at least some FBI systems have been compromised and data stolen. We know, for example, that the Department of Justice was a victim of the SolarWinds attack). This may mean that companies that use the cloud (which is almost everyone) may need to take more security measures than they are taking – at least for sensitive data. Credit: The Register

Is Russia More Tech-Savvy Than the US?

Russia’s main military intelligence unit, called, among other names, APT28, Fancy Bear and Iron Twilight, is using cloud containers (Kubernetes) to massively scale brute force attacks against American and European businesses targeting government, military, defense contractors, energy companies, education, logistics, law firms, media, politics and think tanks. Does that leave anyone out? After they use these brute force attacks to get login information, they use those credentials to move around inside the company and steal information, often undetected. The feds (NSA, CISA, FBI and the UK’s NCSC) publicly warned businesses this week. That means that businesses need to up their security game if they want to protect their systems and information. Credit: The Hacker News

by