Pete Recommends – Weekly highlights on cyber security issues, November 7, 2020

Subject: Google users locked out after 15 years’ use
Source: Business Insider

  • Entrusting your data to big tech platforms can be highly risky.
  • Users who have been banned by Google for supposedly violating its terms of service have been left without access to key parts of their lives.
  • Many have appealed the suspensions but have received automated responses.
  • They don’t know why they’ve been banned. “This is just how life is when you’re dealing with trillion-dollar faceless corporations,” said Aral Balkan.

[please consider


“It’s just one reason why it’s so important that we fund and develop human-scale small tech as an alternative to the stranglehold of big tech on our lives.”

He feels anger, too. “I’m extremely angry at Google for just completely locking me out or deleting all my data without a single notice, losing money, data on personal projects, contacts, so much,” he explained.

Subject: Beware a New Google Drive Scam Landing in Inboxes
Source: WIRED

The smartest part of the scam is that the emails and notifications it generates come directly from Google. On mobile, the scam uses the collaboration feature in Google Drive to generate a push notification inviting people to collaborate on a document. If tapped, the notification takes you directly to a document that contains a very large, tempting link. An email notification created by the scam, which also comes from Google, also contains a potentially malicious link. Unlike regular spam, which Gmail does a pretty good job of filtering out, this message not only makes it into your inbox, it gets an added layer of legitimacy by coming from Google itself.

A Google spokesperson says the company has measures in place to detect new spam attacks and stop them, but that no security measures are 100 percent effective. The spokesperson adds that Google is working on new measures to make it harder for Google Drive spam to evade its systems. Anyone targeted by the scam can report it to Google via the company’s support page.


Subject: Cyberlaw Clinic and EFF publish Guide to Legal Risks of Security Research
Source: Cyberlaw Clinic via beSpacific

Cyberlaw Clinic: “We are excited to announce the release of A Researcher’s Guide to Some Legal Risks of Security Research (pdf), a report authored by Sunoo Park and Kendra Albert, and co-published by the Cyberlaw Clinic and the Electronic Frontier Foundation (EFF). Just last month, over 75 prominent security researchers signed a letter urging the Supreme Court not to interpret the Computer Fraud and Abuse Act (CFAA), the federal anti-hacking / computer crime statute, in a way that would criminalize swaths of valuable security research. The case in question, Van Buren v. United States, is still pending.  Meanwhile, security researchers routinely face legal risks and receive legal threats, with documented chilling effects on their work. This harms security research, which in turn harms the security of the technologies on which we all increasingly rely. Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions (DMCA §1201), electronic privacy law (ECPA), and cryptography export controls, as well as broader legal areas such as contract and trade secret law. Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance. Aimed at researchers, the public, and technology lawyers alike, its aims both to provide pragmatic guidance to those navigating today’s uncertain legal landscape, and to provoke public debate towards future reform…”


Subject: WiFi issues, glitches delay voting at some Election Day polling places
Source: Business Insider

  • The problems come as more elections offices than ever before are using electronic devices to sign voters in and maintain voting records. Many of the same glitches also came up during primaries this year.

Technical glitches and WiFi problems delayed voting at some Election Day polling places across the United States on Tuesday morning, forcing some voters to wait longer than planned before casting their ballots.

In most cases, the technical glitches appeared to be caused by difficulties with electronic devices that sign voters in to polling places. This year, more elections offices are using those electronic devices than ever before, Politico reported in August.

Three more voting locations in the Atlanta suburbs temporarily lost power due to a blown transformer but switched to paper ballots as a backup, according to a Journal-Constitution reporter.

In Columbia, South Carolina, voting was delayed at multiple precincts, which officials attributed to slow WiFi and elections administrators being given the wrong passwords to log into voting machines


Subject: National Guard cybersecurity team deployed to UVM Health: 4 details
Source: Becker’s Health IT

Vermont Gov. Phil Scott sent a Vermont Army National Guard cybersecurity unit to University of Vermont Medical Center on Nov. 4 to accelerate the hospital’s recovery from a cyberattack, according to a press release from the governor’s office.

More articles on cybersecurity:

Emotet malware attacks up 1,200% in Q3: 5 things to know
Retailer settles HIPAA violation allegations over improper electronic device disposal: 4 details
Updates on 5 hospital cyberattacks

Other articles on cybersecurity


Subject: Phone and email scammers have pivoted during the pandemic – Here’s how to protect yourself.
Source: Washington Post

“If there has been any upside to the coronavirus pandemic, it’s that robocalls practically stopped for a time. Unfortunately, the ringing has returned. On average, the American public fields about 5 billion spam calls per month, according to call-blocker app RoboKiller. However, the company noticed a 40 percent drop in April compared with January. Nomorobo, which tracks calls to its users, reports a similar dip, catching 44.9 million robocalls in January but 23.7 million in April The reason: empty call centers. “Sophisticated criminals can push out billions of automated calls, but they need a human being to answer and get your personal information if you fall for the scam. Call centers around the world closed in April and May during the height of covid-19,” says Aaron Foss, founder of Nomorobo. Now that shutdowns have been lifted or these massive operations have transitioned to at-home workers, calls have returned to January levels. And we’re not only being bombarded by phone calls, but also by bogus emails and text messages…”

Posted in: Cybercrime, Cyberlaw, Cybersecurity, Healthcare, Legal Research, Search Engines