Pete Recommends Weekly highlights on cyber security issues April 4, 2020

Subject: How to stop trolls from taking over your Zoom call
Source: The Verge
https://www.theverge.com/2020/3/27/21197090/zoombombing-zoom-stop-how-to-porn-trolls-video-chat-screen-sharing

Zoom is an easy-to-use videoconferencing tool with a generous free tier. With people around the world isolating indoors to protect themselves against the spread of the coronavirus, it has never been more popular.But its popularity has also attracted trolls. The phenomenon of “Zoombombing,” in which an uninvited guest uses Zoom’s screen-sharing feature to broadcast porn and shock videos, has been on the rise. Most Zoom meetings have a public link that, if clicked, allow anyone to join. Trolls have been collecting these links and sharing them in private chat groups, and then signing on to other people’s calls to cause mischief.

There’s an easy way to stop this from happening, but Zoom makes it needlessly difficult to find. If you schedule a meeting from the web interface, you won’t see the option to disable screen sharing. Instead:

See also: https://www.toacorn.com/articles/cvusd-meeting-falls-victim-to-zoom-bombing/ [thx, Sabrina]


Subject: Google Says State-Sponsored Hackers Target Journalists
Source: Gizmodo
https://gizmodo.com/google-says-state-sponsored-hackers-target-journalists-1842531368

Government-backed hackers intent on spreading malware and disinformation online are masquerading increasingly as members of the press, according to new claims by Google’s threat analysis group. The team, known as TAG, tracks state-sponsored hackers and works to uncover zero-days that could undermine its users’ security worldwide. Its latest report focuses largely on state-sponsored phishing campaigns.

Among the trends recognized by TAG in recent months, state-sponsored hackers are increasingly portraying themselves as journalists online, Gidwani wrote, fingering Iran and North Korea as top offenders. The goal in some cases is to spread disinformation. But masquerading as journalists or even news outlets also allows hackers to “seed false stories” among legitimate news sources.

In other cases, according to Gidwani, foreign hacker have apparently attempted to “build a rapport with a journalist or foreign policy expert” with the goal of convincing them to open a nasty email attachment. State-sponsored hackers “regularly target foreign policy experts for their research, access to the organizations they work with, and connection to fellow researchers or policymakers for subsequent attacks,” Gidwani said.

RSS https://gizmodo.com/tag/phishing/rss


Subject: Inspector General Warns About New Social Security Benefit Suspension Scam
Source: Social Security Matters Blog
https://blog.ssa.gov/inspector-general-warns-about-new-social-security-benefit-suspension-scam/

Today, I am warning the public about fraudulent letters threatening suspension of Social Security benefits due to COVID-19 or coronavirus-related office closures. Social Security will not suspend or discontinue benefits because their offices are closed.The Social Security Office of the Inspector General has received reports that Social Security beneficiaries have received letters through the U.S. Mail stating their payments will be suspended or discontinued unless they call a phone number referenced in the letter. Scammers may then mislead beneficiaries into providing personal information or payment via retail gift cards, wire transfers, internet currency, or by mailing cash, to maintain regular benefit payments during this period of COVID-19 office closures.

other SSA Blog entries

https://blog.ssa.gov/category/fraud-2/


Subject: Doctrinal Confusion and Cultural Dysfunction in the Pentagon Over Information and Cyber Operations
Source: Lawfare
https://www.lawfareblog.com/doctrinal-confusion-and-cultural-dysfunction-pentagon-over-information-and-cyber-operations

In a Lawfare post earlier this year, I questioned the wisdom of referring to cyber operations as psychological operations. These campaigns are the bread and butter of U.S. Cyber Command’s operational activities. My interest in this question stemmed from two recent articles, one on NPR and one in the Washington Post. The former discussed past activities of U.S. Cyber Command and the latter discussed possible future activities. Taken together, both articles used terms such as “information warfare,” “information operations,” “psychological operations” and “influence operations” to describe these activities.I closed that post with a promise to comment on the doctrinal and conceptual confusions within Defense Department policy regarding all of these concepts. This post makes good on that promise.

Here’s a review of Department of Defense doctrine on “information warfare” and related terms. This review suggests that even within the Department of Defense, the terms have had elastic, imprecise and ambiguous meaning and are often used interchangeably to describe activities that are divergent in nature.

This post is a summary of an article of the same name that will appear in a special edition of the Cyber Defense Review (CDR) in summer 2020: https://cyberdefensereview.army.mil/.


Subject: Information Management: Selected Agencies Need to Fully Address Federal Electronic Recordkeeping Requirements
Source: U.S. GAO
https://www.gao.gov/products/GAO-20-59

Federal recordkeeping requirements seek to ensure transparency and efficiency in federal agency records, including electronic records. Most of the 17 agencies we reviewed had records management programs, and many of those included electronic records requirements. Some agencies’ programs hadn’t fully addressed electronic records requirements, e.g., they didn’t ensure that appropriate emails are preserved. The National Archives and Records Administration hasn’t ensured that smaller agencies at higher risk of improper records management have improvement plans. We recommended doing so and also made recommendations to 15 other agencies.

Additional Materials:


Subject: The Postal Service’s Surprising Role in Surviving Doomsday
Source: WIRED
https://www.wired.com/story/us-postal-plan-coronavirus-vaccine-doomsday/

While Congress said it was most concerned about the Postal Service’s critical role in delivering medicine across the country during the unfolding pandemic—it handled about a billion shipments of prescription drugs last year—the nation’s mail carriers potentially have an even more critical role to play in health emergencies.

If and when a mass vaccine finally arrives for Covid-19, Americans may be surprised to learn precisely who might knock at their door to distribute the life-saving aid: A mask-clad, gloved postal carrier, flanked by a deputy sheriff or National Guard soldier.

Read all of our coronavirus coverage here.

The US Postal Service and your friendly neighborhood postal carriers have always had a unique—though largely unknown—role in the nation’s Doomsday planning. Through much of the Cold War, the Postal Service would have helped register the nation’s dead following a nuclear apocalypse, determined which Americans had been displaced, and where they had all ended up. Special postcards, known as Safety Notification Cards, a.k.a. POD Form 810, asked individuals who survived nuclear war to list who they had survived with and where they were now located. No postage was necessary to mail in the displaced persons postcards, and postmasters were instructed to give the safety cards “priority in distribution and dispatch.”

After the Cold War, plans to convert the nation’s mail trucks to “Emergency Casualty Carriers” were set aside, along with those to burn the nation’s stamp stockpiles in the event of a Russian land invasion of the United States. Similarly discarded are those pre-printed postcards ready for distribution in the post-apocalyptic refugee camps (which, under another quirk of the federal government’s plans, were meant to be run by the National Park Service and located in picturesque national parks like Yosemite that presumably would not have been targeted by Soviet missiles).


Subject: American Bar Association has posted an ABA Legal Fact Check
Source: ABA via beSpacific
https://www.bespacific.com/american-bar-association-has-posted-an-aba-legal-fact-check/

“The American Bar Association has posted an ABA Legal Fact Check that answers a question that has been raised frequently during the COVID-19 pandemic: Who has the legal authority to order such stringent actions as quarantines and stay at home directives. In recent days, both the president and individual governors have asserted that power. While the federal government can issue guidelines, the legal fact check shows that the legal authority to take such actions within a state belongs to the governor while the president has the authority to close the U.S. borders to foreign travelers. The fact check notes that some legal experts believe the president also has the power to regulate travel between states through the Commerce Clause although that has never been affirmed by the courts.

  • ABA Legal Fact Check seeks to help the media and public find dependable answers and explanations to sometimes confusing legal questions and issues. The URL for the site is www.abalegalfactcheck.com.”

NB https://abalegalfactcheck.com/articles/pandemic-authority.html


Subject: FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing
Source: DHS CISA via US-CERT
https://www.us-cert.gov/ncas/current-activity/2020/04/02/fbi-releases-guidance-defending-against-vtc-hijacking-and-zoom

The Federal Bureau of Investigation (FBI) has released an article on defending against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing” when attacks are to the Zoom VTC platform).  Many organizations and individuals are increasingly dependent on VTC platforms, such as Zoom and Microsoft Teams, to stay connected during the Coronavirus Disease 2019 (COVID-19) pandemic. The FBI has released this guidance in response to an increase in reports of VTC hijacking.The Cybersecurity and Infrastructure Security Agency encourages users and administrators to review the FBI article as well as the following steps to improve VTC cybersecurity:

  • Ensure meetings are private, either by requiring a password for entry or controlling guest access from a waiting room.
  • Consider security requirements when selecting vendors. For example, if end-to-end encryption is necessary, does the vendor offer it?
  • Ensure VTC software is up to date. See Understanding Patches and Software Updates.

CISA also recommends the following VTC cybersecurity resources:


Subject: How to Digitize Your Most Important Documents
Source: The NYT via beSpacific
https://www.bespacific.com/how-to-digitize-your-most-important-documents/

The New York Times – If you have some spare time at home and want a productive project, consider creating a digital archive of your personal papers. “While this week’s World Backup Day is typically celebrated most by hard-drive makers and data-storage services, it’s supposed to make people remember to back up their computers. But even if you’re already backing up your digital files, do you have a backup plan for your one-of-a-kind documents and photos that you have only on paper — like birth certificates, marriage licenses and military-discharge papers? Scanning copies of your personal papers creates a digital archive that can also be used as a backup, especially if you have the files password-protected and stored in a secure location. And even if you don’t have a document scanner, you can create your personal archive with a smartphone, a few apps and a bit of time. Here’s a guide to getting started…”

Posted in: Cybercrime, Cybersecurity, Email Security, Government Resources, Information Management, KM, Legal Research, Privacy, Social Media, Technology Trends