Dissidents are getting destroyed by information attacks and tech isn't doing enough to help

A pair of researchers have written an eye-opening editorial and call to action on the ways that repressive states have used the internet to attack dissidents, human rights advocates and political oppositions -- and how the information security community and tech companies have left these people vulnerable. Read the rest

News report claims Dutch spies hacked Russian cyberwar operation and pwned their CCTVs, then recorded video of Russian government hackers attacking the DNC

Dutch left-leaning daily de Volkskrant has published a remarkable -- but thinly sourced -- report claiming that a Dutch spy agency called the General Intelligence and Security Service of the Netherlands (AIVD) hacked into the network of a notorious Russian spy group called "Cozy Bear" or APT29, thought to be an arm of the Russian spy apparatus, and obtained direct evidence of Russian state involvement in the hacking of the DNC during the 2016 US election campaign. Read the rest

Origin story of the Mimikatz password cracker is a parable about security, disclosure, cyberwar, and crime

Five years ago, Benjamin Delpy was working for an unspecified French government agency and teaching himself to program in C, and had discovered a vital flaw in the way that Windows protected its users' passwords. Read the rest

Simple steps your small organization can take to defend itself against cyberattacks

Respected security researcher Dan Wallach from Rice University has published a short (18 page) guide to securing small organizations against three kinds of cyberattack: Untargeted, ​remote ​(spammers, ​phishers, ​ransomware ​griefers, ​etc.); Targeted, ​remote ​(spear ​phishers); and Targeted, ​in ​person ​(immigration ​agents, ​police, ​criminal ​trespass). Read the rest

Kaspersky's explanation for possessing secret NSA cyberweapons is a doozy

Kaspersky -- a respected Russia-based security company -- has been under a cloud since they were accused of stealing NSA cyberweapons on behalf of the Russian government. But the company has a perfectly innocent -- if complicated and at times bizarre explanation for how it came to be in possession of the NSA's crown jewels. Read the rest

Facebook's security is like a "college campus," but they face threats like a "defense contractor"

A leaked recording of Facebook security chief Alex Stamos (who refused to help with an illegal NSA spying program when he was CSO for Yahoo) has him describing the company's IT culture as being "like a college campus, almost" while the company has the "threat profile of a Northrop Grumman or a Raytheon or another defense contractor." Read the rest

Mobile ad technique allows stalkers to follow you around a city for less than $1000

This month, University of Washington researchers will present Exploring ADINT: Using Ad Targeting for Surveillance on a Budget — or — How Alice Can Buy Ads to Track Bob at the Workshop on Privacy in the Electronic Society in Dallas; the paper details a novel way that stalkers and other low-level criminals can accomplish state-grade surveillance on the cheap with targeted ad-purchases. Read the rest

Hackers hack hackers to steal their hacking tools and deflect blame

Rule #1 of hacking is "attribution is hard" (other contenders: "don't be on fire," "don't get involved in a land-war in Asia" or "there is no security in obscurity"), which is to say, it's really hard to say who hacked you, in part because it's really easy for hackers to make it look like someone else did the deed. Read the rest

Equifax blames hack on state actors, but breach followed spat with security contractor

Equifax sources say that the massive breach of 140,000,000 Americans' personal information was the result of state-sponsored hackers, likely from China, but attribution is hard and inexact. Read the rest

Ukraine is Russia's testbed for launching devastating cyberwar attacks with total impunity

Ever since the Ukrainian "Maidan" revolution, the country has been subjected to waves of punishing cyberwar attacks, targeting its power grids, finance ministry, TV networks, election officials, and other critical systems. Read the rest

Journalism After Snowden: essays about a free press in a surveillance state

Journalism After Snowden: The Future of the Free Press in the Surveillance State is a new essay collection from Columbia Journalism Review Books with contributions from Ed Snowden, Alan Rusbridger (former editor-in-chief of The Guardian); Jill Abramson (former New York Times executive editor; Glenn Greenwald, Steve Coll (Dean of Columbia Graduate School of Journalism), Clay Shirky, Cass Sunstein, and Julia Angwin. Read the rest

The Russian Britney Spears Instagram hackers also used satellites to hide their tracks

Pity poor Turla, the advanced persistent threat hacking group closely associated with the Russian government who were outed yesterday for their extremely clever gimmick of using Britney Spears's Instagram account as a covert channel for controlling compromised computers in the field while protecting their "command and control" servers; today, Turla faces another devastating disclosure, a report that Turla exploited gaps in the security model of satellite TV and internet systems to make it possible for compromised computers to contact the C&C servers without revealing their locations. Read the rest

Russian malware communicates by leaving comments in Britney Spears's Instagram account

A key weakness in malicious software is the "Command and Control" (C&C) system: a central server that the malware-infected systems contact to receive updates and instructions, and to send stolen data. Anti-malware researchers like to reverse engineer malicious code, discover the C&C server's address, and then shut it down or blacklist it from corporate routers.

Read the rest

It's very hard to maintain an anonymous Twitter account that can withstand government-level attempts to de-anonymize it

It's one thing to set up an "anonymous" Twitter Hulk account whose anonymity your friends and colleagues can't pierce, because the combination of your care not to tweet identifying details, the stilted Hulk syntax, and your friends' inability to surveil the global internet and compel phone companies to give up their caller records suffice for that purpose. Read the rest

Amnesty: hackers spent months building personas used to phish Qatari labor activists

In a new report, Amnesty International summarizes the security research they did on the victims of a sophisticated phishing attack aimed at Qatari labor activists, dubbed "Operation Kingphish." Read the rest

How governments and cyber-militias attack civil society groups, and what they can do about it

The University of Toronto's Citizen Lab (previously) is one of the world's leading research centers for cybersecurity analysis, and they are the first port of call for many civil society groups when they are targeted by governments and cyber-militias. Read the rest

The democratization of censorship: when anyone can kill as site as effectively as a government can

On the eve of the Stuxnet attacks, half a decade ago, I found myself discussing what it all meant with William Gibson (I'd just interviewed him on stage in London), and I said, "I think the most significant thing about any of these sophisticated, government-backed attacks is that they will eventually turn into a cheap and easy weapon that technically unskilled people can deploy for petty grievances." We haven't quite got there yet with Stuxnet, but there's a whole class of "advanced persistent threat" techniques that are now in the hands of fringey criminals who deploy them at the smallest provocation. Read the rest

More posts