This week’s Cyber Security Headlines Week in Review, January 11-15, 2021 is hosted by Steve Prentice @stevenprentice with our guest Allan Alford, @AllanAlfordinTX.
Facial-recognition app Clearview sees a spike in use after Capitol attack
The CEO of Clearview, Hoan Ton-That, reported a 26 percent increase of searches over its usual weekday volume. This is significant because unlike traditional facial recognition tools used by law enforcement that use databases containing government-provided photos, such as driver’s license photos and mug shots, Clearview relies instead on a database of more than 3 billion photos collected from social media networks and other public websites. The searches are being done largely by local police departments who are answering a request for assistance from the FBI. The use of facial recognitions technologies remain contentious in many countries, including the US. (New York Times)
Ransomware gangs pursue top executives to pressure companies into paying
This new technique involves stealing data from workstations used by top executives and managers in order to obtain “juicy” information that they can later use to pressure and extort a company’s top brass into approving large ransom payouts. The Clop ransomware strain has been used to sift through a manager’s files and emails, and exfiltrate data that might be threatening or embarrassing, to the person who would most likely be in charge of approving a ransom demand for this attack or for a more conventional ransomware attack. (ZDNet)
Singapore changes the rules and will now use COVID-19 contact-tracing app data in criminal cases
Minister of State for Home Affairs Desmond Tan replied by saying that Singapore’s Criminal Procedure Code means its police can obtain any data for criminal investigations, including data gathered by the Covid app called TraceTogether. The Minister stated, “stringent measures are in place to safeguard this personal data,” that only certain officers are permitted to access the information and that it will be used only for permitted purposes and stored securely. He added that data for both witnesses and suspects will be accessed, but that witness data will be “extracted” from the dataset. Suspects’ data will be retained “for security.” (The Register)
Social media’s big terrible week
Facebook staff are being warned to avoid wearing company branded apparel for their safety. House Democrats are planning to look into the role of social media as a source of disinformation relating to events preceding and including the January 6 riot. German Chancellor Angela Merkel, as well as a Minister for the Government of France have publicly objected to the ban on President Trump’s accounts, and alternative private chat apps such as Signal, Telegram and MeWe are topping app store downloads for the first time. GoFundMe has banned Trump rally travel fundraisers. Although not appearing as strictly cybersecurity issues, these stories all have a great deal to do with privacy and they also have to do with security as the media in question have been outed as a means to incite groups to do malicious acts.(The Information, Washington Post, Bloomberg, TechCrunch, Buzzfeed)
Thanks to our episode sponsor, IT Asset Management Group
DoD halts deployment of cybersecurity system
The Pentagon’s testing office announced the halt on the $2 billion system, which was designed to detect intrusions and prevent cyberattacks, citing poor test results. This project, named the Joint Regional Security Stack, was an effort to consolidate hundreds of networks onto a single secured and classified network to provide continuous network security capabilities. The project began in 2015 and was originally set to be completed in 2019. The report citing poor performance was written before the Solarwinds supply-chain attack became public. The report recommends the Pentagon’s CIO “continue developing more effective alternatives.” A Pentagon spokesperson said the project has been postponed, with fiscal spend on it deferred through 2023. (Bloomberg)
Door opens for filing GDPR privacy complaints in any EU member state
The Advocate General of the European Court of Justice issued an opinion stating that a privacy complaint against Facebook could be handled by any of the national data protection authorities across the EU. Previously all privacy complaints had gone through the data protection office in the country a company was headquartered in, for Facebook that was the Irish Data Protection Commissioner. This opinion is not binding and would need to be upheld by the European Court of Justice. The court is hearing an appeal from Belgian regulators, originating from a September 2015 about requiring consent for placing cookies by Facebook. (RTE)
Jersey City still reeling 3 months after ransomware attack on water, sewer
Three months after a ransomware attack that blocked access to Jersey City’s water and sewer system data, threatening what the Jersey City Municipal Utilities Authority (MUA) said could have been a “public health crisis,” systems still aren’t fully restored. Officials haven’t disclosed many details. Documents do show, however, that nearly half a million dollars has been spent on remediation so far. “Despite repeated efforts … problems continued to be encountered with restoring all of the JCMUA’s internet technology network to full operation,” according to a resolution filed last month that also called out a need for “advanced technical assistance.”
(NJ.com)
Apple yanks feature that let apps bypass macOS firewalls and VPNs
Apple has removed the ContentFilterExclusionList from macOS 11.2 beta 2k, known as Big Sur. The controversial feature had allowed 53 of Apple’s own apps to bypass third-party firewalls, security tools, and VPN apps that users themselves had installed for their own protection. The list included some of Apple’s biggest apps, such as the App Store, Maps, and iCloud. Security researchers had discovered the problem this past October and had called it a security nightmare waiting to happen. (ZDNet)