IEEE Cipher --- Items from security-related news (E163)
Summary:
The Guardian and 16 other media organizations investigated the spyware
that was used to infect and steal information from the cellphones of
targeted people, including journalists and politicians. Their findings
get at the very heart of how mobile devices, indeed any computing device,
is protected. One interesting quote from an expert:
"What that means in practice is that the only thing that can protect
iOS users from an attack is Apple – and if Apple fails, there's no
other line of defence."
Summary:
The security firm Kaseya had a remote access tool that was exploited for
a large number of ransomware attacks against its customers. Somehow
Kaseya obtained the decryption key that the victims need to recover
their files.
Summary:
It turned out that the decryption key that Kaseya gave to
victims of a ransomware attack was given to them by the FBI. The FBI
chose to delay revealing the information for 3 weeks. FBI director
Christopher Wray told a Senate Security Committee hearing that "We
make the decisions as a group, not unilaterally. These are
complex ... decisions, designed to create maximum impact, and that
takes time in going against adversaries where we have to marshal
resources not just around the country but all over the world."
Summary:
Did the REvil gang disappear into the LockBit ransomware-as-a-service group?
Rumors of a ransomware attack against the global consulting firm Accenture
have raised speculations about the possible realignment of ransomware
software groups. Accenture was threatened by LockBit with public release of
sensitive files. For its part, Accenture said it had detected and dealt with
"irregular activity" with no impact on its operations or those of its
customers.
Summary:
Mesa County Colorado has been in turmoil over an argument over who has
the right to supervise elections. The battle between the state and
county started when the login credentials for administering the
county's voting machine were shown in a video posted online. The
video was suspected of being shot by an unauthorized visitor to
a confidential meeting of officials and the voting machine vendor's
representatives.
Summary:
In July the Biden administration released a report on
Security goals for Cybersecurity for Critical
Infrastructure Control Systems. Recommendations for practices
that can assure those goals are the subject of a further report to be
released soon. An incident at a Florida
water treatment plant in February highlighted the need to securing
the cybersecurity at all levels of critical infrastructure.
Summary: Tension has developed over an SEC request to businesses for reports on all cybersecurity incidents since October 2019. The government request is voluntary and only applies to companies that downloaded a SolarWinds product that was later shown to have a serious flaw. The SEC says that they are investigating the scope of the wide-scale attack, but business leaders are concerned that they may be liable for unrelated incidents that could be revealed by the requested records.