Security News for the Week Ending May 1, 2020

China, Korea, Vietnam Escalate Hacking During Covid-19 Outbreak

The Trump administration is calling out China for hacking our hospitals and research facilities who are looking for cures and vaccines for Covid-19. That should not be much of a surprise since China has always opted for stealing solutions vs. figuring them out themselves. At least that this point, the U.S. is not doing anything about this theft. Credit: CNN

At the same time, Vietnam is hacking at China’s Ministry of Emergency Management and the Wuhan government, probably trying to do the same thing and also steal information on their neighbor’s lies about their death toll. Credit: Reuters

Finally, South Korea’s Dark Hotel government hacking group is hacking at China, using 5 zero-day vulnerabilities in one attack. 5 is a massive arsenal to use in one attack, since zero-days are hard to find (or at least we think they are. Since they are unknown until they get used or announced, we don’t really know). Reports are that the group has compromised 200+ VPN servers in an effort to infiltrate the Chinese government and other Chinese institutions. Credit: Cyberscoop

Bottom line, it is business as usual, with everyone hacking everyone they can.

Israel Thwarts Major Coordinated Cyber-Attack on its Water Infrastructure

Israel says that they have reports on coordinated attacks on their wastewater, pumping and sewage infrastructure.

The response was to tell companies to take their systems off the Internet as much as possible, change passwords and update software. All good things to do but disconnecting from the Internet likely makes companies unable to operate, since most plants run “lights out” – with no onsite staff.

The attacks took place on Friday and Saturday – during the Jewish Sabbath when the least people would be around to detect and respond. Credit: The Algemeiner

Surveillance Company Employee Used Company’s Tool to Hack Love Interest

An employee of hacking tool vendor NSO Group, who was working on site at a customer location, broke into the office of the customer and aimed the software at a “love interest”.

While vendors like to claim that they are righteous and above reproach, the reality is that they have little control over what employees do. Even the NSA seems to have trouble with reports of their analysts sharing salacious images that they come across.

in fact, the “insider threat” problem as it is referred to is a really difficult problem to solve. In this case, the employee set off an alarm when he broke into the office where the authorized computer was located and was caught and fired. Most do not get caught. Credit: Vice

Over 1,000 Public Companies List Ransomware as Risk

In case you had any doubt about the risk that ransomware represents, over 1,000 publicly traded companies list ransomware as a risk to future earnings in their 10K, 10Q and other SEC filings. Companies only have to list items that have the potential to be material to earnings, so it is usually a relatively short list. Four months into 2020, 700 companies have already mentioned ransomware is on that short list. Credit: ZDNet

Nearly 3 in 5 Americans Don’t Trust Apple-Google Covid Tracking Tech

The authorities want to track the contacts of anyone who who tests positive for Covid-19. The way they want to do this is by getting everyone to install an app on their smartphone. 1 in 6 (16%) Americans don’t even have a smartphone. For the high risk group, these over 65, only 50% have smartphones and for those over 75, it is even less.

Resistance is higher among Republicans and those that think they are at lower risk. Only 17% of all smartphone owners said they would Definitely use it.

The main reason for resistance is that people don’t trust Apple, Google and others to keep their data private. Even if the tech companies wanted to keep it private, the government could demand that they hand it over. Credit: Washington Post

by