Security News For The Week Ending May 3, 2019
U.S. Trains UAE Spies to Spy on Americans
Reuters has written an expose on how the State Department granted a U.S. Company an ITAR license to train UAE spies on hacking. The plan, which got out of control, what to constraint the UAE spies, but once they were trained, they fired their U.S. trainers and started spying on royalty around the Middle East and even Americans in the U.S. The FBI has been investigating since 2016, with no charges.
The challenge is that if we said no to training them, they would likely go to the Chinese. If we indict them, they are less likely to be our friends and instead work with the Russians and Chinese. It is a bit of a lose-lose situation.
Read the Reuters article here and listen to Stewart Baker (formerly of the NSA and DHS) interview the journalists (the second half of this podcast) here.
Over 500% Increase in Ransomware Attacks Against Businesses
In contrast to the FBI stats from the other day, Malwarebytes Q1 2019 report paints a different picture. The FBI stats only reflect what is reported to them, while Malwarebytes stats reports what their endpoint protection software is actually seeing, whether reported or not.
While they show that consumer detections were down by 24% year over year, business detections were up 235%, indicating that attackers are going after business targets – where the data is juicier and they might pay to get it back.
In the commercial world, different than the consumer world, ransomware is up 189% since Q4 2018 and 508% since Q1 2018. This means that businesses are definitely being targeted.
One thing that is not clear from the report, but likely this includes both successful and failed ransomware attacks since this is an endpoint security product collecting the data. Source: Bleeping Computer.
Scott County Schools Suffers $3.7 Million Business EMail Compromise Loss
In case you were wondering how that $1.3 BILLION Business Email Compromise number happens – A small school district in Kentucky got suckered into paying a social engineer $3.7 million instead of paying the correct vendor. Sounds like they need some training and I bet they get some – after the horse and their money is out of the barn. Source: KnowBe4.
Supply Chain Risk is a Major Problem
Germany based CityComp, who has clients such as SAP, BT and Oracle, was hacked earlier this month. The hacker asked for $5,000 which was not paid. The hacker claims to have over 500 gig of data in 312,000 files. Which is set to be released. Because a vendor was hacked. In part because their client’s vendor cyber risk management program did not impart the seriousness of cybersecurity. Supply chain risk is a critical problem which is not being adequately handled. Read the details at The Register.
Google Adds New Option to Auto-Delete Some History
Google says that they will begin rolling out a couple of changes with respect to privacy. Although they are small changes, any change in this direction is a good thing.
Google will allow you to specify how long they should keep your app activity and location data, but there are only three options – until you delete it, for 18 months or for 3 months.
You could before and still can turn it off completely, but that makes certain Google functions less useful in some people’s view.
Ultimately a small, but good, move. Source: The Hacker News.
Global Security Officials Meet to Hammer Out 5G Security
The United States and security officials 30 European Union and NATO countries as well as Japan, Australia and Germany are meeting in Prague to figure out how to combat security threats in 5G cell networks. China and Russia were not invited!
The plan is to set up certain security conditions that Huawei and other Chinese vendors would likely not be able to meet. Stay tuned for more details. Go for it fellas. They may have just played the Chinese. Source: Reuters.