Pete Recommends – Weekly highlights on cyber security issues, November 7, 2021

Subject: Experts Sound Alarm On ‘Stalkerware,’ Which Can Easily Be Downloaded On Your Phone Without You Knowing
Source: CBS New York
https://pittsburgh.cbslocal.com/2021/10/29/cyberstalking-stalkerware-smartphone-apps-domestic-violence-awareness-month/

Glogolich, a police lieutenant in New Jersey, understands in many ways how hijacking a personal devices is just one way an abuser exercises control over a victim.

“I couldn’t leave my phone down without my ex-husband looking through it,” Glogolich said.

“So technology plays a big role in trapping victims and keeping them in that abusive relationship,” survivor Neisha Himes added.

Himes didn’t know the dangers of digital abuse when she was trying to leave a toxic relationship, but she has since dedicated her life to helping other victims. She said she now sees it almost every day.

So if you suspect you’re being stalked through technology, get expert help. Take the phone to a tech company so they can run programs to check it for you. And also, get police involved.

Experts say never try to delete the app yourself. The abuser will get notified and that could put a person in an even more dangerous situation.


Subject: Small Financial Institutions Say They’re Getting Squeezed by Others’ Bad Cybersecurity Practices
Source: Nextgov
https://www.nextgov.com/cybersecurity/2021/11/small-financial-institutions-say-theyre-getting-squeezed-others-bad-cybersecurity-practices/186660/

A House subcommittee got an earful from representatives of small banks, credit unions and minority financial institutions at a hearing on improving cybersecurity and customer data privacy.The House Committee on Financial Services Subcommittee on Consumer Protection and Financial Institutions convened the hearing on “Cyber Threats, Consumer Data and Financial Institutions,” to ask witnesses about their cybersecurity efforts and what additional help they need.

What the subcommittee got was a litany of issues, including small institutions’ needs being neglected by their vendors, the lack of coordination between federal agencies regulating their cyber measure and a near-monopoly by “core processor” providers that handle the vast majority of every financial institution’s back-office functions.

Rep. Ed Perlmutter, D- Colo., chairman of the subcommittee, cited the huge increase in ransomware attacks targeting financial institutions as a motivation for the hearing.

Vazquez also asked that the National Credit Union Administration be given the same kind of statutory oversight authority for credit union service organizations and third-party vendors serving credit unions that the FDIC, for instance, has over banks.

Filed: https://www.nextgov.com/cybersecurity/


Subject: The U.S. Blacklists Makers of Cops’ Favorite iPhone Hacking Tool
Source: Gizmodo
https://gizmodo.com/the-u-s-blacklists-makers-of-cops-favorite-iphone-hack-1847989119

NSO Group, an Israeli surveillance firm whose spyware has been peddled to authoritarian governments around the world, has been sanctioned by the U.S. Commerce Department. The new restrictions, which the agency announced in a press release Wednesday, will limit the degree to which American companies can provide parts or services to NSO—a decision that could seriously hobble the vendor’s business.NSO is best known for its commercial malware “Pegasus,” a product that can infiltrate smartphones and silently pilfer their contents—from text messages to voice calls to photos. The company also sells a creepy “zero-click” exploit, the likes of which apparently requires no phishing and is said to take advantage of security flaws inherent in iPhones and Android devices to compromise them. In September, it was reported that some 1.65 billion Apple devices had been vulnerable to NSO’s malware for a period of several months.

The new restrictions mean that U.S.-based companies will need to acquire a special license from the government if they want to provide services or sell products to these companies. Hypothetically, this could seriously hurt NSO’s business, as Motherboard points out that numerous large American tech companies—including “Amazon, Dell, Cisco, Intel, and Microsoft”—have provided support to the spyware firm in the past but will now face new hurdles if they wish to do so in the future.

Filed: https://gizmodo.com/tech/privacy-and-security


Subject: 10 Privacy Settings Every Amazon User Should Enable Right Now
Source: Lifehacker
https://lifehacker.com/10-privacy-settings-every-amazon-user-should-enable-rig-1847995872

“Amazon is so deeply entrenched in our lives that we all have a ton of info connected with the company. Even if you somehow haven’t directly used Amazon for shopping, you probably have used a Kindle, an Echo, or simply asked Alexa a question or two. If you’ve had a brush with Amazon anywhere, you should take a look at your account to check if your privacy settings are in order…and there are quite a few preferences that you should tweak for better privacy, or simply for a better user experience…”


Subject: Cybersecurity: Track data activity before “unusual” becomes dangerous
Source: Tech Republic
https://www.techrepublic.com/article/track-data-activity-before-unusual-becomes-dangerous/

There’s usual data activity, unusual data activity, and then there’s dangerous data activity. Christian Wimpelmann, identity and access manager (IAM) at Code42, expresses concern that not enough emphasis is placed on paying attention to data activity at the company level. In the article When Does Unusual Data Activity Become Dangerous Data Activity?, Wimpelmann looks at each type of data activity and offers advice on detecting unusual activity before it becomes dangerous.


Subject: A Drone Tried to Disrupt the Power Grid. It Won’t Be the Last
Source: Wired
https://www.wired.com/story/drone-attack-power-substation-threat/

In July of last year, a DJI Mavic 2 drone approached a Pennsylvania power substation. Two 4-foot nylon ropes dangled from its rotors, a thick copper wire connected to the ends with electrical tape. The device had been stripped of any identifiable markings, as well as its onboard camera and memory card, in an apparent effort by its owner to avoid detection. Its likely goal, according to a joint security bulletin released by DHS, the FBI, and the National Counterterrorism Center, was to “disrupt operations by creating a short circuit.”

…When it comes to the potential for consumer drones to wreak havoc, experts have sounded the alarm for at least six years, saying that their broad availability and capabilities provide opportunity for bad actors. In 2018, an explosives-laden drone carried out an apparent assassination attempt on Venezuelan president Nicolas Maduro. ISIS and other terrorist groups have used consumer-grade quadcopters for both surveillance and offensive operations.

But the Pennsylvania incident represents an alarming escalation in drone use stateside. The US has had incidents before: A drone landed on the White House lawn in 2015, and a recent surge in drone sightings near airports and other critical sites has sent the FAA scrambling. Until now, those intrusions could be written off as accidental. No longer.


Subject: Hackers have breached organizations in defense and other sensitive sectors, security firm says
Source: CNN
https://www.cnn.com/2021/11/07/politics/hackers-defense-contractors-energy-health-care-nsa/index.html

Suspected foreign hackers have breached nine organizations in the defense, energy, health care, technology and education sectors — and at least one of those organizations is in the US, according to findings that security firm Palo Alto Networks shared exclusively with CNN. With the help of the National Security Agency, cybersecurity researchers are exposing an ongoing effort by these unidentified hackers to steal key data from US defense contractors and other sensitive targets.

It’s the type of cyber espionage that security agencies in both the Biden and Trump administrations have aggressively sought to expose before it does too much damage. The goal in going public with the information is to warn other corporations that might be targeted and to burn the hackers’ tools in the process. Officials from the NSA and the US Cybersecurity and Infrastructure Security Agency (CISA) are tracking the threat. A division of the NSA responsible for mitigating foreign cyber threats to the US defense industrial base contributed analysis to the Palo Alto Networks report.

Posted in: Congress, Criminal Law, Cybercrime, Cyberlaw Legislation, Cybersecurity, Financial System, Privacy, Social Media