Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside
MOVE OVER VIRUSES, step aside worms: Ransomware has the spotlight and isn’t about to give it up. From taking down entire fuel pipelines to hijacking hospital networks, it’s the cyberattack du jour. Not only do you have the potentially disastrous consequences of being locked out of your most important files and systems, you also have to decide if you’re willing to pay cold, hard cash to get access to them again, if you even get access after paying.
That’s where the name comes from—ransomware attacks literally hold your data for ransom. There are a few variations on the theme, but it’s usually very recognizable. Malware is used to encrypt your files (in some cases even double-encrypt them) so they require a specific key to be unlocked. The damage can quickly spread across computers and networks. In some cases you might be locked out of your system completely, along with any other systems on the same network.
The United States suffered 65,000 ransomware attacks last year – or over seven an hour. And it will likely get worse.
What was previously seen as a nuisance is fast becoming a national security problem as cybercriminals target key parts of the country’s infrastructure. A recent attack on Colonial Pipeline sparked panic buying that emptied many gas stations across the Southeast, while another attack on JBS raised fears about the domestic beef supply.
In an unprecedented sting operation, the U.S. Federal Bureau of Investigation (FBI) and Australian Federal Police (AFP) ran an encrypted chat service called ANoM for nearly three years to intercept 27 million messages exchanged between criminal gang members globally.
Dubbed Operation Ironside (AFP), Operation Greenlight (Europol), and Operation Trojan Shield (FBI), the long-term covert probe into transnational and serious organized crime culminated in the arrests of 224 offenders on 526 charges in Australia, with 55 luxury vehicles, eight tons of cocaine, 22 tons of cannabis and cannabis resin, 250 firearms, and more than $48 million in various currencies and cryptocurrencies seized in raids around the world.
A total of more than 800 arrests have been reported across 18 countries, including New Zealand, Germany, and Sweden. Europol called it the “biggest ever law enforcement operation against encrypted communication.”
Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg.
Critical infrastructure is becoming more dependent on networks of interconnected devices. For example, only a few decades ago, power grids were essentially operational silos. Today, most grids are closely interlinked — regionally, nationally, and internationally as well as with other industrial sectors. And in contrast to discrete cyberattacks on individual companies, a targeted disruption of critical infrastructure can result in extended supply shortages, power blackouts, public disorder, and other serious consequences.
Mobile phishing exposure doubled among financial services and insurance organizations between 2019 and 2020. Cyberattackers are deliberately targeting phones, tablets, and Chromebooks to increase their odds of finding a vulnerable entry point.
A single successful phishing or mobile ransomware attack can give attackers access to proprietary market research, client financials, investment strategies and cash or other liquid assets, according to a new Lookout research team report released May 6.
The Financial Services Threat Report disclosed that almost half of all phishing attempts tried to steal corporate login credentials. Other findings include that some 20 percent of mobile banking customers had a trojanized app on their devices when trying to sign into their personal mobile banking account.
Despite a 50 percent increase in mobile device management (MDM) adoption from 2019 to 2020, average quarterly exposure to phishing rose by 125 percent. Malware and app risk exposure increased by over 400 percent.
Seven months after the release of iOS 14 and Android 11, 21 percent of iOS devices were still on iOS 13 or earlier, and 32 percent of Android devices were still on Android 9 or earlier. That delay of users updating their mobile devices creates a window of opportunity for a threat actor to gain access to an organization’s infrastructure and steal data, according to the report.
The competition to dominate Africa’s artificial intelligence and critical infrastructure markets is geopolitical and Beijing is racing for the lead. During the past 20 years, China has been rapidly building its communications infrastructure and advancing data-surveillance capabilities globally, and has taken a strong interest in spearheading development of Africa’s technology markets. President Xi Jinping’s Belt and Road Initiative has been the primary conduit for China’s expansion on the continent.
When the BRI was first introduced in 2013, many African leaders shared Xi’s view that inadequate infrastructure was the greatest barrier to economic development. So far, 40 out of 54 African countries have signed BRI agreements.
THE MAIN CASUALTY of the streaming wars so far has been your wallet. Netflix, Amazon Prime Video, HBO Max, Hulu, Apple TV+, Disney+, Discovery+: They all demand a monthly tithe. Toss in a live service like YouTube TV, the music app of your choice, and whatever gaming concoction suits your needs, and you’re suddenly ringing up a pretty grim bill. But wait! Recent years have seen a bumper crop of free streaming services as well. They’re the perfect cure for subscription fatigue.
The old adage that you get what you pay for does apply here to some extent. Free streaming services typically don’t have as many viewing options as their paid counterparts, and most make you watch a few ads along the way. But they’re also better than you might expect, and they continue to improve. Some even include original programming, or something close to it; the Roku Channel acquired the rights to dozens of shows that originally appeared on the ill-fated Quibi streaming service, and it began showing them on Thursday.
While you shouldn’t expect any of the following free streaming services to replace Netflix in your streaming regimen, you shouldn’t count them out either. Each almost certainly offers at least something you want to watch, and they won’t cost you an arm and a leg—or anything at all—to take advantage.
OK, this could potentially be confusing, since Roku is made up of thousands of “channels,” including the majors like Hulu and HBO Now. But it also operates the Roku Channel, which offers an eclectic mix of movies and TV shows. Typically it doesn’t have much that’s new new, although you can find plenty of older hits like Troy and The Queen, along with slightly musty television classics like Alias and 3rd Rock From the Sun. (Most notably: It has the full run of The Prisoner, the original 1967 version, which you should watch right now if you haven’t already.)
China is the quintessential surveillance state: cameras perch on every street corner and bots monitor every corner of the internet. Chinese officials believe these measures will enable them to anticipate and preempt threats to the regime. But might Beijing’s growing reliance on surveillance actually weaken the Chinese Communist Party (CCP)’s hold on power?
China’s surveillance network is expansive and pervasive. Chongqing, for example, holds the dubious distinction of being the “most surveilled city in the world,” with roughly one camera for every six of its 30 million residents. Facial recognition systems identify those captured on camera, instantly recording their ethnicity and party membership. The state wastes no opportunity to gather biometric data, weaponizing it against Uyghurs and others suspected of disloyalty. And on WeChat – the Chinese equivalent of Facebook, WhatsApp, and Apple Pay combined – government monitors are ever-present. At the cutting edge, Chinese officials are testing artificial intelligence-powered analytics, which purport to predict unrest before it occurs.
AFTER MONTHS OF testing and delays, Amazon announced last Friday that it would finally launch Amazon Sidewalk on June 8: The new service will keep your Echo, Ring, and other Amazon devices connected to the internet, even if your internet service provider goes out. And as usual, your devices will be automatically enrolled in the program unless you opt out. Here are the potential benefits and the potential privacy issues to consider.
Amazon bills Sidewalk as “a new way to stay connected.” Simply put, it uses Amazon smart-home gear to create a series of mini mesh networks, meaning your devices can stay connected further away from your router, and even stay online when your Wi-Fi goes down.
To do this, Amazon uses Bluetooth and unused slices of the wireless spectrum, with Ring cameras and Echo speakers acting as the main bridges (actually called Sidewalk Bridges) to keep everything connected. For something to work with the network, it’s going to need to be compatible with the Sidewalk standard, so expect Amazon to make and market devices that meet that standard soon (for example, Tile is already on board. More on that in a moment.)