Tag Archives: Shutdown

Security news for the Week Ending January 11, 2019

Australian Emergency Notification System Hacked

The Australian Emergency Warning Network, run by a private company, was hacked.  The hacker sent out a message that said “EWN has been hacked.  Your personal data stored with us is not safe.  We are trying to fix the security issues.  Please email support at .. if you want to unsubscribe.”

This service seems similar to the CodeRED system that many Colorado cities subscribe to. In Colorado it is a voluntary sign up process.  It seems like that is the case with this one too.

The alerts went out by email, text and voice.  The company shut down the system during the attack to limit the number of messages that went out;  still tens of thousands did go out.

This happened right after the Australian government passed a law requiring companies to create backdoors to their software and make data available to the government on request.  Are these related?  Unknown.  Details here.

 

Federal Shutdown is Impacting Cyber Defenders

As a follow up to this week’s opinion piece on the Federal shutdown impacting cybersecurity, the Department of Homeland Security cancelled its 2019 Cybersecurity and Innovation Showcase due to the shutdown.  That was supposed to be their largest cybersecurity event of the year.  They said the hope to reschedule it after the government reopens.

The Department of Commerce has also cancelled events and powered down web servers that have cybersecurity standards on them.

DHS’s new cyber security agency, the Cybersecurity and Infrastructure Security Agency (CISA)has furloughed 45 percent of its workforce.  CISA is still manning its “Watch floor” and has some unpaid people who will respond to a major attack on critical infrastructure.

A former attorney at the FTC pointed out the obvious – that “the government shutdown is anxiety inducting, and drives great employees away from government service.”  If it wasn’t bad enough that people who do cybersecurity work get paid less than those doing the same work in the private sector, now they have to worry about getting paid too.  Details here.

Comcast Debuts Xfinity xFI Advanced Security

Comcast announced a new service using the buzzword of the week, AI, saying that their AI powered service is designed to monitor, block and inform customers about online threats while providing protection for all connected devices in the home.  It appears to run inside the Comcast router.  A solution like that is a smart way to do it since you do not have to install anything on a device, but it is limited in what it can do since most data is encrypted.

Cost is $5.99 a month, but you have to have the xFi Gateway, which rents for $11 to $13 a month, depending on the market.  Details here.

 

Coinbase Suspends Ethereum Classic

In the ongoing saga of cryptocurrency attacks, this one creates a new low.

One thing people have always said is that since cryptocurrency uses distributed ledgers, it is immune from people changing history and reusing coins.

W.R.O.N.G.!!!

Multiple sources said that they saw more than 100 ledger blocks “reorganized” (i.e. changed after the fact) – something that should never happen.

Coinbase suspended trading on that particular cryptocurrency.  It is only one of over 2,500 different currencies.

Coinbase said that they saw about 88,000 Ethereum coins being double spent, worth about $460,000, but I saw other reports that said the attack is ongoing and the numbers were much larger.  Source: Coindesk.

Weather Channel (App) Caught Selling User Data Without Permission

The Weather Channel collected user location data under the guise of telling you what the weather is where you are, but in fact, was selling that location data.  The City of Los Angeles is suing them over the misrepresentation.

The NY Times article said that they also sold the data for targeted marketing and to hedge funds for gathering consumer preference information.  The Weather Channel is owned by IBM.

Amazon’s Ring Video Camera Allow Employees in Ukraine Unrestricted Access to All Videos

Let me start by saying that an Amazon spokesperson says that this is not the case, but the Intercept says that multiple former employees say that Ring has given R&D employees in Ukraine unrestricted access to all videos, including those from inside your home to employees, executives and engineers.  The videos are not encrypted because, they say,  that would make the company less valuable.

A Ring spokesperson refused to answer questions about their data security practices but offered a written statement that says that they have strict policies in place for all employees.

After the article was published, Ring tried to do some damage control by still not answering questions, but issuing another email saying “Ring employees never have and never did provide employees with access to livestreams of their Ring devices,” a claim contradicted by multiple sources.

I have a Ring device and was considering buying more.  Not anymore.  Looking for a competitor.

One more time, caveat emptor.  Source:  The Intercept.

Facebooktwitterredditlinkedinmailby feather

The Security Implications of the Federal Shutdown

O P I N I O N

The President says that the shutdown is about security and I think he is right, but not in the way he is thinking.

We have to take this agency by agency, but just look at the numbers.  The EPA, probably no one’s favorite agency for different reasons, says it is furloughing 13,000 out of its 14,000 employees.  Is it likely that some of those employees serve cybersecurity (or even physical security) functions?  Maybe the 1,000 people are all of the folks managing cybersecurity, but I doubt it.

TSA screeners are considered essential, so they are supposed to work even though they are not being paid.  Some number of them (TSA isn’t saying how many) have been calling in sick.  Given the horrible stats regarding TSA agents detecting contraband and the fact that TSA turnover is 80% or more a year in some cities, there is no way that this is not negatively impacting your security.  It is affecting my security less because I haven’t had to fly lately, but if I did, it would affect my security too.

Even if the TSA attrition rate is not climbing during the shutdown, they are not hiring anyone right now. That alone puts security at a disadvantage.  The TSA has 50,000 agents.  If you assume they have to replace only 25,000 every year, if the shutdown lasts a month and the stats don’t go up, they will have to replace about 2,000 people.  How easy will that be given that the government is/was shut down.  The TSA says that standards won’t suffer, but you can do your own math.

Many so called government employees are actually contractors.  It is possible that some companies are choosing to pay their employees to work at federal jobs even though they are not and likely will not be paid (historically, federal employees got back pay after they returned to work but contractors did not), but some companies do not have the resources to do that.  Combine that with the government issuing what they call “stop work” orders to contractors and you have to believe that there is an impact.  One stat I read tonight said that 40% of the federal labor force is contractors.  Assuming that is close to true, surely some of those people are not working as a result of the shutdown and probably some of them perform security functions.

Other parts of Homeland Security includes 187 departments and several hundred thousand employees.  At least some of them have been furloughed; others are working without pay, while others are looking for other jobs.

Who are the most likely to find other jobs?   Certainly it is not those with the least skills.  When it comes to cybersecurity, it is the ones with the most skills and likely, if they leave, they will get a pay raise.  And, they won’t come back.

So while the government will never admit how much the shutdown affected security, the longer it goes on, the greater the effect is.

Just my two cents.

 

 

Facebooktwitterredditlinkedinmailby feather