Monday, January 31, 2022 // Contact: Bob Bragg-IG //Weekly Sponsor: T&R
Pegasus, An Unexpected Outcome
FROM THE MEDIA: The Pegasus project report published by “Forbidden Stories”, a lesser-known media organization based in France, in conjunction with Amnesty International in July last year and now a report in the New York Times of January 28 show how the Pegasus malware could be used to tweak the strategic and economic policies of any country. The reports expose how the Israeli government leveraged supply of the malware to further its policies of drumming up international support for its continued occupation of Palestine. The reports also expose the duplicity of the United States. On one hand it helped the Israeli company NSO that develops and supplies the malware by giving it crucial components and hosting it on Amazon servers. And on the other, it ensured that no US cell phone number could be hacked with Pegasus malware and no foreign government would be able to access targets there. Hosting malware on its servers also gave it complete access to how the regimes in various countries were using the malware and against whom—a crucial input to assess the intentions of the rulers there, to finetune its foreign policy with the targeted countries.
READ THE STORY: The Citizen
A QUICK LOOK:
Researchers use GPU fingerprinting to track users online
FROM THE MEDIA: A team of researchers from French, Israeli, and Australian universities has explored the possibility of using people’s GPUs to create unique fingerprints and use them for persistent web tracking. The results of their large-scale experiment involving 2,550 devices with 1,605 distinct CPU configurations show that their technique, named ‘DrawnApart,’ can boost the median tracking duration to 67% compared to current state-of-the-art methods. This is a severe problem for user privacy, which is currently protected by laws that focus on acquiring consent to activate website cookies. These laws have led unscrupulous websites to collect other potential fingerprinting elements such as the hardware configuration, OS, timezones, screen resolution, language, fonts, etc. This unethical approach is still limited because these elements change frequently, and even when they’re stable, they can only put users into a rough categorization rather than create a unique fingerprint.
READ THE STORY: Cyber Reports
A QUICK LOOK:
A report from the US Federal Trade Commission (FTC) revealed that in 2021 Americans lost $770 million from social media frauds
FROM THE MEDIA: The US Federal Trade Commission (FTC) revealed that in 2021 Americans lost $770 million from social media frauds. These data are the result of the increased exposure of netizens through social media. The US agency received over 95,000 reports from US consumers victims of social media frauds, this marks an 18-fold increase over 2017 reported losses and more than double compared to 2020. More than 25% of individuals who reported losing money to social media fraud in 2021 said it started on social media with an ad, a post, or a message. According to the FTC, people with age between 18 to 39, were most exposed to these scams in 2021. Most of the reported scams, crooks promoted bogus investment opportunities, and in many cases, they got in direct contact with victims as supposed friends to encourage them to invest. Scammers tricked people into sending money, often cryptocurrency, on promises of huge returns.
READ THE STORY: Security Affairs
A QUICK LOOK:
Cybersecurity and Drones: How to Address the Security Threats
FROM THE MEDIA: The Unmanned Aerial Systems (UAS) industry has become a massive technological playground worldwide. UAS manufacturers spend a significant amount of money to research and develop high-tech and smart systems from aircraft-size military UAS to hand-size mini drones. Imagine what can happen when smart and cheap drones that anyone can easily purchase from a local hobby store become weapons at the hands of adversaries and cyber criminals. Forbes points out that the malicious use of these platforms in the cyber domain is an inevitable fact, and it can no longer be pushed aside. Last Christmas, we witnessed U.S. government posing export restrictions to one of the largest drone manufacturers in order to protect national security and foreign policy interests. Since drones are remotely controlled, they can be hijacked by bad actors. The Department of Homeland Security (DHS) stated, “Given their rapid technology advancement and proliferation, the public safety and homeland security communities must address the fact that drones can be used nefariously or maliciously to hurt people, disrupt activities, and damage infrastructure.” Major cyber domain threats caused by drone activity.
READ THE STORY: Tripwire
A QUICK LOOK:
Understanding why UK digital supply chain cybersecurity is crucial
FROM THE MEDIA: Enterprises in the UK especially were hit hard by the double whammy of changing processes in the wake of Brexit, and supply chain fluctuations as a byproduct of the pandemic. The turbulent climate caused many to rely on digital solutions to overcome business challenges that had been lurking for a long time — but now stood to benefit from accelerated digitalization. Service providers have built applications to assess demand and supply requirements, and implemented automation to address rising costs and personnel shortages in this area. Brexit has led some enterprises to realign the core systems of their supply chains with the aid of digital provider partners. Service providers have pivoted quickly to prevent physical supply chain headaches with digital solutions such as blockchain tech for tracking and tracing goods; customer service platforms to provide better online customer experiences and direct-to-consumer strategies; offering alternative payment options including, increasingly, cryptocurrencies; even hyperscale adoption of cloud and data storage services, across sectors.
READ THE STORY: T HQ
A QUICK LOOK:
Handling a Hybrid War in Ukraine
FROM THE MEDIA: By now Vladimir Putin must understand that an outright invasion of Ukraine would cause Russia economic pain, but the strongman may believe hybrid attacks could help him achieve his goals at a lower cost. The West can do more to disabuse him of the notion. Hybrid attacks have already begun in Ukraine. Ukrainian security services have reported hundreds of fake bombing threats this year, prompting some schools to close. A cyber attack brought down several Ukrainian government websites this month, with a message on one hacked site warning “be afraid and expect worse.” Kyiv believes the attack was carried out by Russian ally Belarus, which complicates calculations about how to retaliate. Taking down a few websites and calling in bomb threats are more annoyances than serious threats. But imagine a cyber attack that paralyzes the power grid or oil and gas network in Ukraine. Without firing a shot, Moscow could kill countless Ukrainians unable to heat their homes during the country’s brutal winter. Destabilizing the country’s nuclear-power infrastructure could be even more dangerous.
READ THE STORY: WSJ
A QUICK LOOK:
Myanmar Junta Set to Pass Draconian Cyber Security Law
FROM THE MEDIA: Myanmar’s military junta is reportedly on the brink of passing its long-threatened cybersecurity law, which in its latest form would outlaw virtual private networks (VPNs), throttle access to social media networks, and force internet companies to hand over user data to the military. The latest version of the Cyber Security Bill, which updates a draft released in February 2021, comes a year after the military seized power, plunging the country into a zero-sum struggle between the junta and a loose coalition of opponents. According to a report last week by Myanmar Now, the military administration submitted a revised version of the bill to stakeholders on January 13 and called for their feedback by January 28. The law is expected to be passed this week. The February 2o21 draft was widely criticized for compelling internet providers to prevent or remove any content deemed to “cause hatred, destroy unity and tranquility,” any “untruthful news or rumors,” or anything that is “inappropriate” to Myanmar’s culture. It also forced internet providers to gather the personal data of users, store it for three years starting from the day of usage, and hand it over to military authorities upon request.
READ THE STORY: The Diplomat
A QUICK LOOK:
Crypto outfit Qubit appeals to the honour of thieves who lifted $80M of its digi-dollars
FROM THE MEDIA: Another week, another crypto upstart admitting its lax security has been exploited and parties unknown have made off with millions. But this time there's a twist: the crypto upstart has appealed for the return of its assets by appealing to the thieves' consciences. The crypto concern is Qubit Finance – an outfit that offers decentralized lending and borrowing and operates under the motto "Lend to ascend – Borrow for tomorrow." Last Friday Qubit admitted one of its protocols had been exploited in unintended ways, with the result that attackers made off with $80 million of crypto assets. Because the attack used Qubit's protocols, it appears to have left a trace on the blockchain. One effort aims to help victims by creating a website on which they can download records of their holdings being stolen, for presentation to police. The Register wishes those whose coins were purloined the best of luck when they visit the local constabulary with that documentation.
READ THE STORY: The Register
A QUICK LOOK:
Teen Turns Down Elon Musk’s $5,000 Offer to Delete Twitter Account That Tracks His Private Jet
FROM THE MEDIA: Elon Musk reportedly made one tech-savvy teenager an offer he had to refuse when he requested the teen delete an intrusive Twitter account. Run by 19-year-old Jack Sweeney, the @ElonJet Twitter account tracks Musk's private jet's movements using public data. To date, the account has over 170,000 followers. The college student recently revealed to Protocol that he even had a private conversation with the Tesla founder himself regarding the account. It turns out, Musk isn't a fan of the teen's tracking project. In 2021, Musk tweeted that his whereabouts being shared online was "becoming a security issue." Musk apparently raised his security concerns with Sweeney directly in a private message sent to the college student last fall. "Can you take this down? It is a security risk," he messaged the teen. Sweeney joked that he would consider deleting the account in exchange for a Tesla Model 3. "How about $5k for this account and generally helping make it harder for crazy people to track me?" the billionaire quipped. Sweeney then asked if Musk would consider $50,000 in exchange for the account. Musk said that he would think about it before later responding that it didn't "feel right to pay to shut this down." Sweeney says he hasn't heard from Musk since.
READ THE STORY: Popcrush
A QUICK LOOK:
The rise of ransomware: Its cause & effect
FROM THE MEDIA: In many ways, cyber risk is its own pandemic and ransomware has quickly become the predominant strain. Reports have estimated the volume of attacks alone has increased anywhere from 200% to 300% in 2020, and are doubling again. The demands themselves are also growing. Many experts are citing a ransom increase of anywhere between 50% and 80% with remediation costs also doubling to $2 million, up from an average of $761,000 just two years ago. These increases can be attributed to the surging value of bitcoin, the increasing willingness of victims to pay, advances in intrusion techniques, and the growing market of cybercrime in general. As more and more victims pay demands, ransoms rise. As ransoms rise, more malicious actors are attracted by the potential payout, and as the pool of cybercriminals grows, so does the number of circulating strains that become more intelligent and more damaging. It’s a vicious cycle. As long as victims continue to pay, those ransoms will continue their trajectory. And the hard truth is, cybercriminals are often spending more time and resources in executing attacks than many companies are spending on cybersecurity.
READ THE STORY: Property Casualty 360
A QUICK LOOK:
Tesla hacker strikes again — to warn cars' owners
FROM THE MEDIA: The 19-year-old cybersecurity researcher who remotely accessed several Teslas through a third-party flaw has a new trick: hacking the car owners' email addresses to notify them they're at risk. This month, David Colombo discovered a flaw in a piece of third-party open-source software that let him remotely hijack some functions on about two dozen Teslas, including opening and closing the doors or honking the horn. In trying to notify the affected car owners, he then found a flaw in Tesla's software for the digital car key that allowed him to learn their email addresses. Colombo said the defect was in a Tesla application programming interface, or API. After he publicized his first discovery, a Twitter user suggested contact details for the affected owners could be found in the code that allows two pieces of software to communicate with each other, also known as an API endpoint.
READ THE STORY: Autonews
A QUICK LOOK:
Items of interest
A structured methodical process for populating a crime script of organized crime activity using OSINT(Paper)
FROM THE MEDIA: Crime script analysis is becoming an increasingly used approach for examining organized crime. Crime scripts can use data from multiple sources, including open sources of intelligence (OSINT). Limited guidance exists, however, on how to populate the content of a crime script with data, and validate these data. This results in crime scripts being generated intuitively, restricts them from being scrutinised for their quality, and limits the opportunity to combine or compare crime scripts. We introduce a practical process for populating the content of a crime script that involves simple coding procedures and uses document analysis to quality assure data that are extracted from open sources. We illustrate the process with the example of theft of oil from pipelines in Mexico committed by organized crime groups. The structured methodical process we introduce produces a crime script of high quality, helps to improve the systematic analysis of decision-making performed by members of organized crime groups, and can improve the identification of opportunities for crime control.
READ THE STORY: Springer
BRINK of WAR: Ukraine & Russia OSINT Review with PSAKI, KIRBY and NED(Video)
FROM THE MEDIA: President Biden’s team hits the media today to discuss the rising tensions in Europe over the Ukraine-Russian border.
Ukraine Conflict: Spotting Russian Troops with OSINT, Putin's Nationalism, why Russia won't Attack(Video)
FROM THE MEDIA: Yet again a new format, an illustration of the nationalism video, my thoughts on the conflict in Ukraine and an OSINT tutorial, don't say I don't spoil you. Subscribe to destroy Germany.
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com