Tag Archives: Ring

Security News for the Week Ending February 21, 2020

US Gov Warns of Ransomware Attacks on Pipeline Operations

DHS’s CISA issued an alert this week to all U.S. critical infrastructure that a U.S. natural gas compressor station suffered a ransomware attack. While they claim that the attackers did not get control of the gas compression hardware, they did come damn close. The ransomware took all of the machines that manage the compressor station offline. The utility was able to remotely WATCH the compressor station, but that remote site was not configured to be able run the site. The result was that other compressor stations on the same pipeline had to be shut down for safety reasons and the entire pipeline wound up being shut down for two days.

It appears that there was no customer impact in this case (perhaps this station fed other downstream stations that were able to be fed from other pipelines), CISA says that there was a loss of revenue to the company. The article provides guidance on protecting industrial control networks.

While this time the bad guys were not able to take over the controllers that run the compressors, that may not be true next time. Source: Bleeping Computer

Amazon Finally Turns on Two Factor Authentication for Ring Web Site After PR Disaster

After many intrusions into customer’s Ring video cameras where hackers took over cameras and talked to kids using very inappropriate language, Ring finally made two factor authentication mandatory for all users. While other competitors turned on two factor authentication years ago, Amazon didn’t, probably because they thought customers might consider it “inconvenient”. Source: Bleeping Computer

Real-ID Requirement To Get On An Airplane is Oct 1st

After 9-11, Congress passed the Real ID act (in 2005) to set a single national standard for IDs used to get on airplanes and get into government buildings. For years, Homeland Security has been granting extensions and now, the current plan is for Real ID to go into effect for getting on airplanes and into government buildings in about 8 months.

DHS says that only 34% of the ID cards in the US are Real ID compliant.

That means that IF the government doesn’t change the rules and if people don’t have some other form of approved ID, potentially 66% of the people will not be able to get on an airplane after October 1 or even enter a federal office building.

That might cause some chaos. Driver’s license officials say that even if they work 24-7, they could not issue all of the remaining ID cards by October 1. Will DHS blink? Again? After all, we are coming up n the 20th anniversary of 9-11 and if terrorists have not been able to blow up airplanes or government buildings using non-Real-ID compliant IDs in the last 19 years, is this really a critical problem? Better off to have a Real ID compliant ID card and not have to argue the point. Source: MSN

Sex Works

One more time Hamas tricked Israeli soldiers into installing spyware on their phones. The Palestinians created fake personas on Facebook, Instagram and Telegram, including pictures of pretty young women such as this one.

View image on Twitter

Unfortunately for the Palestinians, the Israeli Defense Forces caught wind of their plan and actually took out their hacking system before they were able to do much damage.

What is more interesting is that this is the third time in three years that the Palestinians have tried this trick. And, it keeps working. Source: Threatpost

AT&T, Verizon Join IBM in Exiting RSA Over Coronavirus

As fears of Coronavirus spread, the effect on the economy is growing. Mobile World Congress, the largest mobile-focused tech conference in the world, being held in Barcelona this year, was cancelled. Source: The Verge

Last Week, IBM cancelled their attendance and booth at RSA in San Francisco. This week their cancellations were joined by Verizon and AT&T. My guess is that attendance will be down significantly as well, without regard to whether tickets were already paid for or not. The total of exhibitors and sponsors who have decided to cancel is now up to 14. Source: Business Insider

These events generate huge income for businesses in the host cities and are very important for vendors looking for business.

This is likely going to continue to be an issue for event organizers and more events are likely to be cancelled.

Security news for the Week Ending January 11, 2019

Australian Emergency Notification System Hacked

The Australian Emergency Warning Network, run by a private company, was hacked.  The hacker sent out a message that said “EWN has been hacked.  Your personal data stored with us is not safe.  We are trying to fix the security issues.  Please email support at .. if you want to unsubscribe.”

This service seems similar to the CodeRED system that many Colorado cities subscribe to. In Colorado it is a voluntary sign up process.  It seems like that is the case with this one too.

The alerts went out by email, text and voice.  The company shut down the system during the attack to limit the number of messages that went out;  still tens of thousands did go out.

This happened right after the Australian government passed a law requiring companies to create backdoors to their software and make data available to the government on request.  Are these related?  Unknown.  Details here.

 

Federal Shutdown is Impacting Cyber Defenders

As a follow up to this week’s opinion piece on the Federal shutdown impacting cybersecurity, the Department of Homeland Security cancelled its 2019 Cybersecurity and Innovation Showcase due to the shutdown.  That was supposed to be their largest cybersecurity event of the year.  They said the hope to reschedule it after the government reopens.

The Department of Commerce has also cancelled events and powered down web servers that have cybersecurity standards on them.

DHS’s new cyber security agency, the Cybersecurity and Infrastructure Security Agency (CISA)has furloughed 45 percent of its workforce.  CISA is still manning its “Watch floor” and has some unpaid people who will respond to a major attack on critical infrastructure.

A former attorney at the FTC pointed out the obvious – that “the government shutdown is anxiety inducting, and drives great employees away from government service.”  If it wasn’t bad enough that people who do cybersecurity work get paid less than those doing the same work in the private sector, now they have to worry about getting paid too.  Details here.

Comcast Debuts Xfinity xFI Advanced Security

Comcast announced a new service using the buzzword of the week, AI, saying that their AI powered service is designed to monitor, block and inform customers about online threats while providing protection for all connected devices in the home.  It appears to run inside the Comcast router.  A solution like that is a smart way to do it since you do not have to install anything on a device, but it is limited in what it can do since most data is encrypted.

Cost is $5.99 a month, but you have to have the xFi Gateway, which rents for $11 to $13 a month, depending on the market.  Details here.

 

Coinbase Suspends Ethereum Classic

In the ongoing saga of cryptocurrency attacks, this one creates a new low.

One thing people have always said is that since cryptocurrency uses distributed ledgers, it is immune from people changing history and reusing coins.

W.R.O.N.G.!!!

Multiple sources said that they saw more than 100 ledger blocks “reorganized” (i.e. changed after the fact) – something that should never happen.

Coinbase suspended trading on that particular cryptocurrency.  It is only one of over 2,500 different currencies.

Coinbase said that they saw about 88,000 Ethereum coins being double spent, worth about $460,000, but I saw other reports that said the attack is ongoing and the numbers were much larger.  Source: Coindesk.

Weather Channel (App) Caught Selling User Data Without Permission

The Weather Channel collected user location data under the guise of telling you what the weather is where you are, but in fact, was selling that location data.  The City of Los Angeles is suing them over the misrepresentation.

The NY Times article said that they also sold the data for targeted marketing and to hedge funds for gathering consumer preference information.  The Weather Channel is owned by IBM.

Amazon’s Ring Video Camera Allow Employees in Ukraine Unrestricted Access to All Videos

Let me start by saying that an Amazon spokesperson says that this is not the case, but the Intercept says that multiple former employees say that Ring has given R&D employees in Ukraine unrestricted access to all videos, including those from inside your home to employees, executives and engineers.  The videos are not encrypted because, they say,  that would make the company less valuable.

A Ring spokesperson refused to answer questions about their data security practices but offered a written statement that says that they have strict policies in place for all employees.

After the article was published, Ring tried to do some damage control by still not answering questions, but issuing another email saying “Ring employees never have and never did provide employees with access to livestreams of their Ring devices,” a claim contradicted by multiple sources.

I have a Ring device and was considering buying more.  Not anymore.  Looking for a competitor.

One more time, caveat emptor.  Source:  The Intercept.