3 March 2021

Security News This Week: The SolarWinds Body Count Now Includes NASA and the FAA


SOME BLASTS FROM the past surfaced this week, including revelations that a Russia-linked hacking group has repeatedly targeted the US electrical grid, along with oil and gas utilities and other industrial firms. Notably, the group has ties to the notorious industrial-control GRU hacking group Sandworm. Meanwhile, researchers revealed evidence this week that an elite NSA hacking tool for Microsoft Windows, known as EpMe, fell into the hands of Chinese hackers in 2014, years before that same tool then leaked in the notorious Shadow Brokers dump of NSA tools.

WIRED got an inside look at how the video game hacker Empress has become so powerful and skilled at cracking the digital rights management software that lets video game makers, ebook publishers, and others control the content you buy from them. And the increasingly popular, but still invite-only, audio-based social media platform Clubhouse continues to struggle with security and privacy missteps.

If you want something relaxing to take your mind off all of this complicated and concerning news, though, check out the new generation of Opte, an art piece that depicts the evolution and growth of the internet from 1997 to today.

And there's more. Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.

In addition to infiltrating the unclassified networks of seven other US government agencies, the suspected Russian hackers who compromised the IT services firm SolarWinds as a jumping off point also penetrated NASA and the Federal Aviation Administration. Researchers and officials testified before the Senate Intelligence Committee on Tuesday about the scope and scale of the attack. The Washington Post reported ahead of the hearing that the Biden administration is preparing sanction against Russia related to the SolarWinds espionage operation and other recent incidents of aggression. The seven other breached agencies are the Departments of Commerce, Homeland Security, Energy, and State, the US Treasury, the National Institutes of Health, and the Justice Department. The White House said earlier this month that hackers also compromised 100 companies in the spree. “This is the largest and most sophisticated sort of operation that we have seen," Microsoft president Brad Smith said during Tuesday's hearing.

The New York City Police Department has a robot dog called “Digidog,” and the AI canine is already being deployed for real police work, like investigating a recent Bronx home invasion. For those concerned that police around the country might someday turn Digidog on a crowd of peaceful protesters or law abiding citizens, though, people are already trying to figure out how to disable the robot pups. Ideas include finding a way to flip the dog over, grab the hatch for the battery pack, and remove the doggo's lithium-ion power. There are also power and "motor lockout" buttons on the dogs' butts where you can deactivate them. Not quite as friendly as a wagging tail, but good to know if you're ever in a bind.

Mozilla launched a new version of its browser on Tuesday, Firefox 85, that includes an expanded anti-tracking feature called Total Cookie Protection. It uses a technique known as “cache partitioning” to make it more difficult for third parties to track you as you browse the web. Cookies are assigned to individual sites, but if companies embed elements (like “iframes” and scripts) from each others' infrastructure on their own sites, they can all start to build a picture of users' browsing. By siloing the cookies your browser saves from each other, it's more difficult for companies to use this technique.

After a week of revelations about major security shortcomings, Jamaica took down its JamCOVID website and app late Thursday. The platform is used to post statistics about Covid-19 infections and process travelers. It also has a self-reporting feature for virus symptoms. The platform exposed quarantine orders for more than half a million travelers who entered Jamaica back to March 2020. The orders include travelers’ names and their addresses while quarantining in Jamaica. The local news outlet Jamaica Gleaner first reported the exposure. Last week, TechCrunch found that Amber Group, the contractor that developed the platform, had an exposed Amazon Web Services cloud server that contained more than 70,000 negative Covid-19 test results and more than 425,000 immigration documents from travelers entering Jamaica.

No comments: