Security News
A series of police raids in Belgium have resulted in the apparent shutdown of the Sky ECC encrypted mobile phone network. As the second major encrypted phone network to be shut down by police in Europe, Sky ECC's seeming downfall has parallels with the Encrochat story, where French and Dutch police man-in-the-middle'd the encrypted phone network on suspicion it was being used mainly by organised criminals.
Last week, we argued over whether or not the media, including El Reg, should stop using the word hacker as a pejorative. The original meaning of hacker and hacking, in the context of computing, didn't denote criminality nor ill-intent, and referred to an avoidance of a standard solution.
While businesses have continued to fortify their networks against remote invaders, most have overlooked the potential for cyber threats from physical intruders. While such attacks are extremely rare in comparison to the endless virtual attacks launched every day, physical security gaps can allow threat actors to circumvent otherwise strong defenses to inflict serious damage.
"The COVID-19 pandemic compounded this with new challenges in securing remote workforces, making it essential that we quickly become more adaptable and learn how to better protect workers in any environment. While our total detections are down this year, we must remain vigilant. The threats we are seeing are more refined and damaging than ever before." Despite an overall drop in detections for Macs and Windows in 2020, it's clear the COVID-19 pandemic influenced the cybercrime world so much that many anticipated campaigns either never arrived, arrived with less impact, or were replaced entirely with attacks more suited against users during a pandemic.
According to a report from radio station France Inter, numerous cybercriminals connected to the Egregor ransomware gang have recently been arrested. Since Tuesday [last week], police in the two countries have been working together in an effort to dismantle a cybercrime group suspected of initiating hundreds of ransomware attacks dating back to September 2020.[] Police arrested a number of hackers suspected of working with the Egregor cybercrime gang, providing hacking, logistical, and financial support.
UPDATE. The virulent malware known as Emotet - one of the most prolific malware strains globally - has been dealt a blow thanks to a takedown by an international law-enforcement consortium. "One of the things that makes Emotet so dangerous is that Emotet opens the door to other types of malware, as it were. Large criminal groups were given access to some of those systems for payment to install their own malware. Concrete examples of this are the financial malware Trickbot and the ransomware Ryuk.".
The Sophos Rapid Response team has just written up a recent case study of a network attack that involved the account of a sysadmin who had died three months before. The account of the late employee wasn't shut down because various internal services had been configured to use it, presumably because the deceased had been involved in setting up those services in the first place.
UPDATE. A non-password protected database exposed 323,000 court records for at least four months, according to researchers. The database exposed the names of various people involved in sensitive criminal, domestic-abuse or child-custody court cases, related to a county in Illinois.
The Singapore government has decided to use data gathered by its TraceTogether COVID-19-coronavirus contact-tracing app in criminal investigations. Minister of State for Home Affairs Desmond Tan replied by saying that Singapore's Criminal Procedure Code means its Police can obtain any data for criminal investigations, including data gathered by TraceTogether.
Phone scams, where a person or a computer calls you up and tries to trick you into saying, buying or doing something you later regret, are still a prevalent sort of cybercrime. What we have noticed is that most of the scam calls we're getting these days are automated, and that the calls themselves - just like phishing emails that are trying to cajole you into taking the next step by yourself - are merely calls-to-action, not full-on sales pitches in their own right.