News of cybersecurity developments were skyrocketing last week, with a row in Ukraine topping the list. Cyber Hunta is the name of a Ukrainian group that on October 28th went as far as releasing the emails of close aides to Russian President Vladimir Putin, proving how Moscow immensely influenced the separatists causing havoc in eastern Ukraine. Analysts are viewing this as a retaliation attack by Washington in response to Russian political hacking of various servers in the U.S.
Intense debriefing was on the schedule this week for many companies following the recent DDoS attack targeting Dyn, the major internet infrastructure company. Investigations showed a botnet of Internet of Things devices were involved in this attack. And the more concerning issue is that a large portion of these devices were located in products in various enterprises, such as DVRs and webcams prepared for commercial use, and not in our homes. There is a fury now with all parties involved desperately seeking a solution to the disaster known as IoT security. Internet service providers are the hope of many people to find a solution in protecting and decreasing the current number of vulnerable devices.
Infrastructure facilities relying on unencrypted beeper messaging
Trend Micro has conducted recent research showing how many sensitive infrastructure facilities continue to rely on old-fashioned pagers to send commands to vital control systems. These facilities include chemical plants, HVAC companies, nuclear power plants and power generation stations continuing to use beeper messages that have never been encrypted, all to manage systems in charge of controlling contamination, diagnostics, fire incidents and pump flow rates. While cheap, unencrypted page messages are very easy to intercept and, well, hack.
Emails of Putin aides dumped by Ukrainian group
1GB of emails were released by a Ukrainian group going by the name of Cyber Hunta, unveiling how Russia did heavily influence the rebels of east Ukraine despite Moscow denying any such involvement. The rebels had destabilized the eastern portion of Ukraine and actually allowed Russian troops to gradually take over Crimea, a peninsula south of Ukraine and key for Russian naval vessels. The released emails contradicted the positions taken by Russia at the time and now. Data downloaded directly from Outlook accounts belonging to the Russian aides were in the email dump. Considering the fact that the Obama administration had threatened to retaliate against Moscow for hacking political circles in the U.S., there is a high indication that this could have been Washington’s response or a small warning for now. The origin and nature of Cyber Hunta remains unknown and a senior U.S. intelligence official denied any role by Washington in this regard.
New digital currency launched enjoying high anonymity
We have come to learn how bitcoin technology improved anonymity in comparison to credit cards. However, just recently a new currency has been launched based on blockchain promising to upgrade even the incognito mode a step higher. ZCash is a combination of blockchain and the principles of cryptography, and the company is claiming this new tech enables transactions to be carried out without any traces on the ledger, or about which wallets actually sent and received the currency. The system will just record the fact that a transaction has taken place. This has become very intriguing to interested users and as a result the company began distributing a certain amount of ZCash to various investors. The research was based in the Johns Hopkins University near Washington back in 2013 where the technology was under the close watch of Matthew Green. Researchers are saying the work behind the ZCash is quite robust and sophisticated, as reported by IEEE Spectrum. However, caution should be practiced as the complexity of the software has not allowed enough time for independent examination.
AT&T offered customer info to law enforcement
Back in 2013 The New York Times had reported that AT&T had launched a program dubbed Project Hemisphere that assembled enormous amounts of customer communication information. This data was then made available by the company to officials at the federal and local drug enforcement agencies. The database has gathered decades of call records, and according to the Times, was made available to law enforcement as part of an alliance, for drug cases involving a subpoena. However, the Daily Beast has published new reporting according to confidential AT&T documentation describes Project Hemisphere as a product that the huge communications company has been providing to government agencies for millions of dollars on an annual basis. A warrant is not needed to access the database while trillions of call records are at their disposal. This information can establish from what location a person made a call and to whom they were talking with. AT&T called on officials to keep their mouths shut on anything even resembling Project Hemisphere to the outside world, the Beast reported. This is yet another reminder of the 2013 revelation of the National Security Agency’s massive call surveillance bulk. However, the records of AT&T date back to longer than the N.S.A.
Prison awaiting hacker after publishing improper photos of celebrities
Improper photos and a variety of information was stolen from the personal storage accounts of numerous celebrities back in 2014. The hacker in charge of this theft has just recently been sentenced to 18 months behind bars. Living in Pennsylvania, Ryan Collins, 36, pleaded guilty to charges of phishing over 600 accounts to obtain their login data for various digital services. The U.S. Justice Department has said there is no evidence as of yet that Collins actually leaked the information, yet went on to describe his plan as complex to obtain all the data of the targeted victims available in Apple iCloud backups.