Pete Recommends Weekly highlights on cyber security issues May 2, 2020

Subject: Hackers hit US coronavirus response: ‘They are trying to steal everything’
Source: CNNPolitics

Washington (CNN) The Trump administration is pointing the finger at China for attempting to steal coronavirus research as officials are warning they have seen a growing wave of cyberattacks on US government agencies and medical institutions leading the by nation states and criminal groups.

Hospitals, research laboratories, health care providers and pharmaceutical companies have all been hit, officials say, and the Department of Health and Human Services – which oversees the Centers for Disease Control and Prevention — has been struck by a surge of daily strikes, an official with direct knowledge of the attacks said.

“It is safe to say that there are only two places in the world that could hit (the Department of Health and Human Services) the way it’s been hit,” the official familiar with the attacks told CNN.

The primary culprits for the HHS attacks are Russia and China, the official said, because of the size and scope of the actions. After some hesitance to attribute the wide-ranging attacks across the medical sector to any specific countries — whether for political reasons or a lack of certainty — top national security officials have decided to single out China.

“The COVID-19 pandemic has provided a unique opening to nefarious actors and cyber criminals,” a senior Trump administration official told CNN. While under attack itself, HHS, along with the cyber arm of the Department of Homeland Security, CISA, has worked to step up the defenses of those pandemic-related organizations, the official added.

Arising from the new wave of threats is the Cyber Threat Intelligence League, a global group of more than 1,400 vetted cyber security experts that have volunteered and banded together to highlight and take down threats as they emerge.

Google’s Threat Analysis Group (TAG) has specifically identified over a dozen government-backed attacker groups that are using “COVID-19 themes as lure for phishing and malware attempts, according to a new report published Wednesday.

On Thursday, WHO said it “has seen a dramatic increase in the number of cyber attacks directed at its staff, and email scams targeting the public at large” since the outbreak began.

“Disinformation, disabled computers, and disrupted communications due to ransomware, denial of service attacks, and intrusions means critical lost time and diverted resources,” Senators Tom Cotton, Richard Blumenthal, Mark Warner, David Perdue and Edward Markey wrote in a letter to Nakasone and the CISA director, Christopher Krebs. “During this moment of national crisis, the cybersecurity and digital resilience of our healthcare, public health, and research sectors are literally matters of life-or-death.”


CTI League March Report

Subject: Privacy worries prevent use of social media account for signing up for apps
Source: Penn State Newswire

UNIVERSITY PARK, Pa. — People find it convenient to use Facebook or other social media accounts to sign up for most new apps and services, but they prefer to use their e-mail address or open a new account if they feel the information in the app is too sensitive, according to a team of researchers.In a study, the researchers said participants were willing to use their Facebook ID to access relationship apps, such as class reunion and matchmaking apps, but balked at using the same feature for an app that arranges extramarital affairs.

The findings suggest that because people try to keep sensitive areas of their relationships separate from other parts of their lives, they may hesitate to use single sign-on services, said S. Shyam Sundar, James P. Jimirro Professor of Media Effects in the Donald P. Bellisario College of Communications and co-director of the Media Effects Research Laboratory.

Sample RSS feed:

Subject: The Cybersecurity 202: There’s finally a Supreme Court battle coming over the nation’s main hacking law
Source: WaPo

America’s Supreme Court “is finally considering whether to rein in the nation’s sweeping anti-hacking law, which cybersecurity pros say is decades out of date and ill-suited to the modern Internet,” according to the Washington Post’s cybersecurity writer: The justices agreed to hear a case this fall that argues law enforcement and prosecutors have routinely applied the law too broadly and used it to criminalize not just hacking into websites but also far more innocuous behavior — such as lying about your name or location while signing up on a website or otherwise violating the site’s terms of service…

[I hope they pass a law about websites that violate their own privacy and security policies /pmw1]

It would also make the Internet far safer, they say. That’s because current interpretations of the 1986 law, known as the Computer Fraud and Abuse act (CFAA), have made researchers wary of revealing bugs they find because they fear getting in trouble with police or with companies, which can also sue under the law in civil courts.

This is important because the law either says very few people are criminals under CFAA or almost everyone is a criminal under CFAA,” Jeffrey L. Vagle, a Georgia State University law professor who focuses on cybersecurity law, told me. “This question has been unanswered for years and now it’s about time that it gets answered.”

CFAA critics, however, say the law gives prosecutors far too much leeway.

Other PowerPost articles:


Subject: Coronavirus impact: Meat processing plants weigh risks of prosecution if they’re blamed for spreading infection
Source: The Conversation

Coronavirus crime

Put simply, executives at food companies like Tyson face a heightened risk of criminal prosecution for the decisions they make.

This is due to a quirk in American law, known as the “responsible corporate officer doctrine,” that allows senior executives in certain industries to be held criminally responsible for wrongdoing at their companies – even if they’ve never set foot in a plant or factory.

In the case of the coronavirus pandemic, potential criminal liability stems from a meatpacking facility sending out a contaminated product and knowing there was an outbreak among employees. While the Centers for Disease Control and Prevention has not found evidence that COVID-19 has been transmitted through meat or poultry, public health officials have said that coronavirus strains can live at low and freezing temperatures and on food packaging. And so much about the risks of COVID-19 are uncertain and evolving that companies need to be on their toes.

In addition, there’s the danger that if plants stay in operation without enough workers, there’s a greater risk for other types of food contamination, like of E. coli or salmonella. And the Food and Drug Administration has reduced the number of inspections during the outbreak, which doesn’t limit the criminal liability of executives if tainted food reaches a consumer.

Normally, criminal law insists that a defendant must be aware that he’s doing something wrong to be held liable. But courts have decided that this element of intent can be ignored in limited situations where the public’s health and welfare are at stake – namely, in the making of drugs and in food production.


Subject: Do privacy controls lead to more trust in Alexa? Not necessarily, research finds
Source: Penn State University Newswire

Trust in Amazon Alexa went up for regular users who were given the option to adjust their privacy and content settings, Penn State researchers found in a recent study. However, for power users – individuals whose skills and expertise are more advanced than others – trust went down when they were given the opportunity to make privacy setting adjustments.

That’s kind of counterintuitive,” said S. Shyam Sundar, James P. Jimirro Professor of Media Effects and co-director of the Media Effects Research Laboratory (MERL) at Penn State. “The mere presence of privacy settings seems to trigger thoughts of potential privacy problems among those who are aware of such loopholes in communication technologies”


Subject: US was warned of threat from anti-vaxxers in event of pandemic
Source: The Guardian via Yahoo

In a research paper put out by the little-known in-house journal of InfraGard – a national security group affiliated with the FBI – experts warned the US anti-vaccine movement would also be connected with “social media misinformation and propaganda campaigns” orchestrated by the Russian government.

On its website, InfraGard says it is an “FBI-affiliated nonprofit organization dedicated to strengthening national security” with a mission to protect “United States critical infrastructure”. It says it consists of local chapters and that “an FBI special agent from each field office is assigned to serve as a private sector coordinator”.

The paper, jointly written by a security consultant and a senior doctor in New York State’s largest hospital network, warned: “The biggest threat in controlling an outbreak comes from those who categorically reject vaccination.”

The paper also says that such movements have received a boost in recent years due to their “alignment with other conspiracy movements including the far right … and social media misinformation and propaganda campaigns by many foreign and domestic actors. Included among these actors is the Internet Research Agency, the Russian government–aligned organization.”

InfraGard has been criticized by civil liberties groups from its origins as a security national entity and links to the FBI.

An FBI spokesperson said: “InfraGard is a non-profit organization serving as a public-private partnership among US businesses, individuals, and the FBI.”

Subject: Companies are eager to avoid spreading the coronavirus by adding AI to their security cameras
Source: Reuters via Business Insider

  • Construction sites and shopping centers, among other companies, want to use security cameras with artificial intelligence software to ensure customers and workers comply with health guidelines to prevent the spread of COVID-19.
  • Some activists worry the technology could encroach on privacy and urge to limit the use of AI.
  • The technology can be expensive and is not entirely error-free – sometimes reporting problems when there is no risk.

OAKLAND, Calif. (Reuters) – Stores and workplaces eager to avoid spreading the novel coronavirus are equipping existing security cameras with artificial intelligence software that can track compliance with health guidelines including social distancing and mask-wearing.

Several companies told Reuters the software will be crucial to staying open as concerns about COVID-19, the respiratory illness caused by the virus, persist around the world. It will allow them to show not only workers and customers, but also insurers and regulators, that they are monitoring and enforcing safe practices.

“The last thing we want is for the governor to shut all our projects down because no one is behaving,” said Jen Suerth, vice president at Chicago-based Pepper Construction, which introduced software from this month to detect workers grouping at an Oracle Corp project in Deerfield, Illinois.

“The question becomes whether the tech remains after the public health problem goes away, and that is the real privacy fear,” said Al Gidari, a privacy expert at Stanford Law School. “Video in the store today to ensure social distancing remains to identify shoplifters tomorrow.”

Subject: Zoom or Not? NSA Offers Agencies Guidance for Choosing Videoconference Tools
Source: NSA via NextGov via beSpacific

NextGov: “Video conferencing platforms Zoom and Microsoft Teams are both FedRAMP-approved, but while Zoom offers end-to-end encryption, Microsoft Teams does not.  These are just two of nine factors the National Security Agency cites in its guide to help federal workers choose commercial telework tools for “safely using collaboration services,” as necessitated by the coronavirus pandemic. The guide, which NSA released Friday, applies only to commercial applications, and one strong recommendation from the agency is that, when possible, workers use U.S. government services such as Defense Collaboration Services, Intelink Services and others, which were designed specifically for secure government communications. But government workers still need to interact with external entities which might be sending them invitations via commercial applications, and the NSA has detailed a number of factors for them to weigh in deciding which ones to facilitate…”…

NextGov cateogries:

Subject: Managers turn to surveillance software to ensure employees are (really) working from home
Source: WaPo via beSpacific

Washington Post – Managers turn to surveillance software, always-on webcams to ensure employees are (really) working from home – “Always-on webcams, virtual “water coolers,” constant monitoring: Is the tech industry’s new dream for remote work actually a nightmare?…In the weeks since social distancing lockdowns abruptly scattered the American workforce, businesses across the country have scrambled to find ways to keep their employees in line, packing their social calendars and tracking their productivity to ensure they’re telling the truth about working from home. Thousands of companies now use monitoring software to record employees’ Web browsing and active work hours, dispatching the kinds of tools built for corporate offices into workers’ phones, computers and homes. But they have also sought to watch over the workers themselves, mandating always-on webcam rules, scheduling thrice-daily check-ins and inundating workers with not-so-optional company happy hours, game nights and lunchtime chats…beSpacific Subjects: Civil Liberties, Legal Research, Privacy

WaPo category

Bonus RSS:

Subject: Baltimore Kicks Off Aerial Surveillance Program to Help Combat Homicides, Other Crimes
Source: Newser Editors and Wire Services

(Newser) – Starting Friday, the roughly 600,000 people living in Baltimore will be constantly recorded whenever they step out under the open sky. For the next six months, up to three airplanes outfitted with wide-angle cameras will sweep over Baltimore in daytime flights designed to capture movements across about 90% of the city, per the AP. Software will stitch together photos taken once each second, creating a continuous visual record to support the street-level cameras, license plate readers, and gunfire sound detectors police already use to try to solve crimes. Analysts alerted to a crime will be able to zoom in from the citywide image and move backward and forward in time to identify the movements of potential suspects and witnesses, telling officers within hours where to look for people who traveled to and from the scene.

But Harrison says the Supreme Court has ruled “there is no expectation of privacy in a public place.” A federal judge denied the ACLU’s request for a preliminary injunction; the plaintiffs are appealing.

Subject: How Cybercriminals are Weathering COVID-19
Source: Krebs on Security

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market their cybercriminal wares and services. But it’s not all good news: The Coronavirus also has driven up costs and disrupted key supply lines for many cybercriminals. Here’s a look at how they’re adjusting to these new realities.FUELED BY MULES

One of the more common and perennial cybercriminal schemes is “reshipping fraud,” wherein crooks buy pricey consumer goods online using stolen credit card data and then enlist others to help them collect or resell the merchandise.

Most online retailers years ago stopped shipping to regions of the world most frequently associated with credit card fraud, including Eastern Europe, North Africa, and Russia. These restrictions have created a burgeoning underground market for reshipping scams, which rely on willing or unwitting residents in the United States and Europe — derisively referred to as “reshipping mules” — to receive and relay high-dollar stolen goods to crooks living in the embargoed areas.

But apparently a number of criminal reshipping services are reporting difficulties due to the increased wait time when calling FedEx or UPS (to divert carded goods that merchants end up shipping to the cardholder’s address instead of to the mule’s). In response, these operations are raising their prices and warning of longer shipping times, which in turn could hamper the activities of other actors who depend on those services.

Tags: alex holden, Coronavirus, Gemini Advisory, Intel 471, money mules, reshipping mules, Snowden, Stas Alforov
This entry was posted on Thursday, April 30th, 2020 at 2:20 pm and is filed under Ne’er-Do-Well News, Other, Web Fraud 2.0.

Posted in: Civil Liberties, Cybercrime, Cybersecurity, Employment Law, Government Resources, Health, Healthcare, Labor Law, Legal Research, Privacy