US Gov Warns of Ransomware Attacks on Pipeline Operations
DHS’s CISA issued an alert this week to all U.S. critical infrastructure that a U.S. natural gas compressor station suffered a ransomware attack. While they claim that the attackers did not get control of the gas compression hardware, they did come damn close. The ransomware took all of the machines that manage the compressor station offline. The utility was able to remotely WATCH the compressor station, but that remote site was not configured to be able run the site. The result was that other compressor stations on the same pipeline had to be shut down for safety reasons and the entire pipeline wound up being shut down for two days.
It appears that there was no customer impact in this case (perhaps this station fed other downstream stations that were able to be fed from other pipelines), CISA says that there was a loss of revenue to the company. The article provides guidance on protecting industrial control networks.
While this time the bad guys were not able to take over the controllers that run the compressors, that may not be true next time. Source: Bleeping Computer
Amazon Finally Turns on Two Factor Authentication for Ring Web Site After PR Disaster
After many intrusions into customer’s Ring video cameras where hackers took over cameras and talked to kids using very inappropriate language, Ring finally made two factor authentication mandatory for all users. While other competitors turned on two factor authentication years ago, Amazon didn’t, probably because they thought customers might consider it “inconvenient”. Source: Bleeping Computer
Real-ID Requirement To Get On An Airplane is Oct 1st
After 9-11, Congress passed the Real ID act (in 2005) to set a single national standard for IDs used to get on airplanes and get into government buildings. For years, Homeland Security has been granting extensions and now, the current plan is for Real ID to go into effect for getting on airplanes and into government buildings in about 8 months.
DHS says that only 34% of the ID cards in the US are Real ID compliant.
That means that IF the government doesn’t change the rules and if people don’t have some other form of approved ID, potentially 66% of the people will not be able to get on an airplane after October 1 or even enter a federal office building.
That might cause some chaos. Driver’s license officials say that even if they work 24-7, they could not issue all of the remaining ID cards by October 1. Will DHS blink? Again? After all, we are coming up n the 20th anniversary of 9-11 and if terrorists have not been able to blow up airplanes or government buildings using non-Real-ID compliant IDs in the last 19 years, is this really a critical problem? Better off to have a Real ID compliant ID card and not have to argue the point. Source: MSN
One more time Hamas tricked Israeli soldiers into installing spyware on their phones. The Palestinians created fake personas on Facebook, Instagram and Telegram, including pictures of pretty young women such as this one.
Unfortunately for the Palestinians, the Israeli Defense Forces caught wind of their plan and actually took out their hacking system before they were able to do much damage.
What is more interesting is that this is the third time in three years that the Palestinians have tried this trick. And, it keeps working. Source: Threatpost
AT&T, Verizon Join IBM in Exiting RSA Over Coronavirus
As fears of Coronavirus spread, the effect on the economy is growing. Mobile World Congress, the largest mobile-focused tech conference in the world, being held in Barcelona this year, was cancelled. Source: The Verge
Last Week, IBM cancelled their attendance and booth at RSA in San Francisco. This week their cancellations were joined by Verizon and AT&T. My guess is that attendance will be down significantly as well, without regard to whether tickets were already paid for or not. The total of exhibitors and sponsors who have decided to cancel is now up to 14. Source: Business Insider
These events generate huge income for businesses in the host cities and are very important for vendors looking for business.
This is likely going to continue to be an issue for event organizers and more events are likely to be cancelled.