This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.
Stan’s Top of the News
Our two top stories this week both point to the need for our “leaders” in Washington to take action. We need more data and information on cybercrime and we need to put some guardrails on AI. And we need to do it now.
- Opinion-To keep fighting ransomware, the United States needs more information: By the Editorial Board. The good news on ransomware is that attacks seem to be decreasing where, in the past, they’ve hit hardest. The bad news is that the numbers might not tell the full story. … There’s one number that throws all the others into some doubt: FBI and Justice Department representatives said recently that only around 20 percent of ransomware victims report attacks. How many ransoms were paid that authorities never heard about? … The government and its peers deserve credit for what they’ve done so far to fight cybercriminals: improving global law enforcement cooperation to track down malicious actors, disrupting gangs as well as cryptocurrency exchanges that have become hotbeds for laundering stolen funds, devoting more money to defenses. To know just how much credit that is, however, the statistics have to be more than best guesses. Washington Post Free Link.
- Microsoft Says New A.I. Shows Signs of Human Reasoning: A provocative paper from researchers at Microsoft claims A.I. technology shows the ability to understand the way people do. Critics say those scientists are kidding themselves. … When computer scientists at Microsoft started to experiment with a new artificial intelligence system last year, they asked it to solve a puzzle that should have required an intuitive understanding of the physical world. … “Here we have a book, nine eggs, a laptop, a bottle and a nail,” they asked. “Please tell me how to stack them onto each other in a stable manner.” … The researchers were startled by the ingenuity of the A.I. system’s answer. Put the eggs on the book, it said. Arrange the eggs in three rows with space between them. Make sure you don’t crack them. … “Place the laptop on top of the eggs, with the screen facing down and the keyboard facing up,” it wrote. “The laptop will fit snugly within the boundaries of the book and the eggs, and its flat and rigid surface will provide a stable platform for the next layer.” From New York Times Free Link.
New. Family Protection Newsletter: Did you know we created the Family Protection Newsletter, for non-cyber experts? For your parents, friends, those who need to protect themselves in a digital world. We feature info on how to freeze your credit and what ‘marriage scams’ are in Edition 1. Sign up or share with a friend! Click here to learn more and quickly add to your free subscription!
How Hackable Are You? Take our test. Find out how hackable you are and download our free 8-step guide.
- How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basics. Please take our short quiz as your answers will help you and guide us to improve community safety.
Upcoming events. Please join us.
- Invasion of the Body & Mind (Data) Snatchers: What you need to know. What you need to do. May 25, 11:00 am – 12:30 pm PT.
- Los Angeles Cybersecurity Workforce Coalition: The monthly meeting of the workforce coalition, Tue, July 11, 1:00 pm – 2:00 pm PT. There is no meeting in June.
Cybersecurity Nonprofit of the Week … Open Cybersecurity Alliance
Kudos this week to the Open Cybersecurity Alliance (OCA). The Alliance works with other organizations to make sure cybersecurity tools work effectively with the other technology buried deep inside the Internet. That the Internet is as secure as it is owes a lot to OCA and their commitment to Internet security. We’re happy to spotlight OCA so our readers can better appreciate the work being done by nonprofits like OCA. Like SecureTheVillage, the Open Cybersecurity Alliance is a member of Nonprofit Cyber.
Live on Cyber with Dr. Stan Stahl – Live on LinkedIn and Your Favorite Podcast Platform
Bridging the Cybersecurity Gap: SecureTheVillage’s Mission and Vision: (Video) (Podcast): Join Dr. Stan and Julie this week as they take a deep dive into the origin and purpose of SecureTheVillage, born out of a need to enhance cybersecurity practices among small and mid-sized organizations. Stan and Julie outline the pressing need for improved cybersecurity practices and discuss SecureTheVillage’s approach towards combating cybercrime, one that is built on community cooperation and active involvement, and the vital role of personal behavior change and awareness. We explore SecureTheVillage’s upcoming launch of a new cybersecurity pilot program to address the challenges facing individuals and businesses, funded by an inaugural grant from the Center for Internet Security’s Alan Paller Laureate Program. … As always, Stan and Julie provide actionable tips and thoughtful wisdom in an engaging conversation on the complexities of cybersecurity and privacy.
Section 2 – Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
Let’s Be Careful Out There.
- Elderly Hilton Head woman scammed out of $500K. Her banks failed to stop it, lawsuit says: It isn’t always easy to tell if your personal information has been stolen for fraudulent purposes or your accounts have been compromised. Here are some common signs that you might be a victim of identity theft. … The eight-month and nearly $500,000 gut-wrenching ordeal began with a single download. Shirley, a 74-year-old Hilton Head retiree living near Coligny Beach, mistakenly thought an email — purportedly from the online payment system PayPal — was legitimate. When she opened it, the fraudulent message warned the woman’s account had been hacked, and offered a “customer support” software solution to fix the issue. But neither the email nor the software came from PayPal. The file was designed and delivered by thieves to bleed all the cash they could from her accounts. From https://www.islandpacket.com/news/local/crime/article275300846.html
- IRS flagged more than 1 million tax returns for identity fraud in 2023: The IRS flagged more than 1 million tax returns for potential identity theft during the 2023 tax season, according to the U.S. Department of the Treasury, signaling that such fraud continues to be a pervasive problem for taxpayers. From <https://www.cnbc.com/2023/05/17/irs-flagged-more-than-1-million-tax-returns-for-identity-fraud-in-2023.html>
- Fraud Continues Meteoric Rise: The numbers are in, and they aren’t good. The Federal Trade Commission has issued its data book on fraud reports for 2022. U.S. consumers reported $9 billion in fraud losses, compared to $6.1 billion the year prior. Because fraud often goes unreported, this report only shows the tip of the iceberg. Even so, it provides important insights into certain threats everyone should be aware of. AARP Link.
- Lemon Group Uses Millions of Pre-Infected Android Phones to Enable Cybercrime Enterprise: Lemon Group’s Guerrilla malware model an example of how threat actors are monetizing compromised Android devices, researchers say. … Millions of Android phone users around the world are contributing daily to the financial wellbeing of an outfit called the Lemon Group, merely by virtue of owning the devices. … Unbeknownst to those users, the operators of the Lemon Group have pre-infected their devices before they even bought them. Now, they’re quietly using their phones as tools for stealing and selling SMS messages and one-time passwords (OTPs), serving up unwanted ads, setting up online messaging and social media accounts, and other purposes. From <https://www.darkreading.com/threat-intelligence/threat-actor-millions-pre-infected-android-phones-cybercrime-enterprise>
Guard Your Privacy.
- FTC says fertility tracking app Premom shared sensitive health data with third parties: The Federal Trade Commission accused the developer of a free fertility app of sharing sensitive personal information and health data on its users with China-based firms and other third parties without obtaining permission. From <https://therecord.media/ftc-says-fertility-tracking-app-premom-shared-sensitive-data>
- Antiabortion Group Used Cellphone Data to Target Ads to Planned Parenthood Visitors: Wisconsin group used precise geolocation data until last year to direct ads to women it suspected of seeking abortions. Wall Street Journal Free Link
Section 3 – Cybersecurity News for the Cyber-Concerned.
Montana gives TikTok the boot. Users kick back.
- Montana is banning TikTok. But can the state enforce the law and fend off a lawsuit?: Montana’s first-of-its kind law that makes it illegal for residents to use TikTok in the state is already facing its first legal challenge with a lawsuit filed by five people who use the app and argue the law is an unconstitutional violation of free speech rights. From <https://apnews.com/article/tiktok-ban-montana-china-data-chinese-government-71143a3a87c9a0b692d927f72b6fec70>
This Week in Whack-A-Mole.
- Knocking down Hive: How the FBI ran its own ransomware decryption operation: The FBI’s effort to take down one of the world’s most prolific ransomware gangs, Hive, earlier this year marked a departure for the bureau because it was particularly focused on the group’s victims. Deputy Attorney General Lisa Monaco told Click Here in an interview recently that the FBI and Justice Department had decided to put a newfound emphasis on victim recovery. “We need to take those steps that can help prevent the next victim,” she said. “And [we’re putting] victims at the center of our strategy.” From <https://therecord.media/hive-ransomware-decryptors-fbi-bryan-smith-interview-click-here>
- US offers $10 million reward for info on Russian hacker accused of cyberattack on major US police department: The US State Department on Tuesday offered a $10 million reward for information leading to the arrest or conviction of a Russian man accused of a 2021 ransomware attack on the Washington, DC, Police Department that led to the leak of sensitive police files. Mikhail Pavlovich Matveev, a Russian National, is allegedly a prolific ransomware affiliate currently based in Russia, according to the FBI. From <https://www.cnn.com/2023/05/16/politics/us-reward-russian-hacker/index.html>
This week in cybercrime.
- Six million patients’ data feared stolen from PharMerica: PharMerica, one of the largest pharmacy service providers in the US, has revealed its IT systems were breached – and it’s feared the intruders stole personal and healthcare data belonging to more than 5.8 million past customers. From <https://www.theregister.com/2023/05/18/pharmerica_data_breach/>
- Food distributor Sysco says cyberattack potentially leaked 125,000 Social Security numbers: A cyberattack on Sysco, one of the world’s largest food distributors, gave hackers access to the sensitive personal information of more than 125,000 current and former employees. From <https://therecord.media/sysco-data-breach-social-security-numbers>
- The Philadelphia Inquirer wasn’t able to print its Sunday newspaper due to a cyberattack: Inquirer publisher Lisa Hughes said “we are currently unable to provide an exact time line” for full restoration of the paper’s systems. … The Philadelphia Inquirer experienced the most significant disruption to its operations in 27 years because of what the newspaper called a cyberattack.From <https://www.nbcnews.com/media/philadelphia-inquirer-wasnt-able-print-sunday-newspaper-due-cyberattac-rcna84405>
- ScanSource says ransomware attack behind multi-day outages: Technology provider ScanSource has announced it has fallen victim to a ransomware attack impacting some of its systems, business operations, and customer portals. From <https://www.bleepingcomputer.com/news/security/scansource-says-ransomware-attack-behind-multi-day-outages/>
- NationsBenefits class action lawsuit overview: NationsBenefits LLC implemented “impermissibly inadequate data security” measures that left the personal information of 3 million consumers vulnerable to cybercriminals, according to a class action lawsuit filed May 5 in Florida federal court. From <https://topclassactions.com/lawsuit-settlements/privacy/data-breach/nationsbenefits-class-action-claims-data-breach-affects-3m-consumers/>
Book Review: Smart cybercriminals don’t hack technology. They hack people.
- ‘Fancy Bear Goes Phishing’ Review: The Art of Hacking Humans: Cybercriminals don’t merely work through expert understanding of computer networks. The biggest vulnerabilities they target are in our brains. “You may not be interested in hacking,” says Scott J. Shapiro, adapting a quote often attributed to Leon Trotsky, “but hacking is interested in you.” Estimates of the losses attributable to cybercrime vary between $600 billion and $6 trillion a year, he continues, citing the former IBM chief executive Ginni Rometty, who has said that if data is “the world’s new natural resource” then cybercrime “is the greatest threat to every profession, every industry, every company in the world.” … In “Fancy Bear Goes Phishing,” Mr. Shapiro, a professor of law and philosophy at Yale, makes the case that, despite its technological trappings, “hacking is about humans.” Wall Street Journal Free Link.
Other cybersecurity stories in the news.
- Ex-DC Metro contractor logged in to sensitive system from Russia, watchdog finds: A former Washington, DC, Metro transit system contractor retained access to “critical and sensitive” Metro data from his computer in Russia after he left his job in a breach that raises broader security concerns about one of the nation’s largest transit systems, according to a report released Wednesday. … The cybersecurity vulnerabilities of the Washington Metropolitan Area Transit Authority are “a cause of grave concern” that the authority’s networks are “at unacceptable risk” of hacking or other forms of compromise, a report from the WMATA’s inspector general concluded. From <https://www.cnn.com/2023/05/17/politics/dc-transit-system-russia-breach-cybersecurity/index.html>
- A Global Scavenger Hunt for Classified Documents Pits Gamers vs. U.S. The government secrets leaked on Discord have become fodder for users seeking fun and attention: Videogame enthusiasts are scouring popular social-media platforms in the hope of finding classified U.S. military documents, turning the recent national-security crisis over leaked secrets into a global scavenger hunt. … The competition pits online users eager to see secrets against the U.S. government, which wants to keep those secrets off the internet. From <https://www.wsj.com/articles/the-hottest-online-game-hunting-for-classified-documents-98a2791?mod=hp_listc_pos3>
Section 4 – Managing Information Security and Privacy in Your Organization.
Turn off RDP if you don’t need it. And be sure to properly configure things if you need it. Don’t go out half-naked.
- The FBI is telling businesses to stop using remote desktop software – here’s why: A known threat actor is using RDP to steal files. The FBI, the US Cybersecurity and Infrastructure Security Agency (CISA), and the Australian Cyber Security Centre (ACSC) are urging businesses to “strictly limit the use of Remote Desktop Protocol (RDP) and other remote desktop services” and thus minimize the threat coming from the BianLian ransomware group. From <https://www.techradar.com/news/the-fbi-is-telling-businesses-to-stop-using-remote-desktop-software-heres-why>