Friday Five 3/19
Stolen phone access, cybersecurity in national security, and the theft of NFTs - catch up on all of the week's infosec news with the Friday Five!
1. A Hacker Got All My Texts for $16 by Joseph Cox
In a concerning story regarding SMS security, the author details how he was able to pay a hacker just $16 to get access to all of his texts. And instead of SIM swapping, which has been documented in the past, the hacker used a service called Sakari. A marketing and mass messaging company, Sakari was willing to reroute the author’s texts to the hackers’ phone for a small fee. The attack shows how weak security is in unregulated SMS tools. The exploit is concerning because once someone gains access to a phone, they can then use that to break into other apps and accounts of the user. The attack detailed in the story has significant implications for the cybersecurity industry and it’s worth reading the entire story.
2. Cyber strength now key to national security, says UK by Daphne Leprince-Ringuet
In the UK’s new defense policies for 2025, there is an increased focus on investing in new technologies. Specifically, the new spending priorities highlight significant investments in cybersecurity. By including cybersecurity as a major part of defense spending, the UK's government is elevating the importance of cybersecurity to the level of conventional tools like weapons. As part of one of the largest revamps of security policy in the last 30 years, the UK will also establish a National Cyber Force. The increased investment in security will likely trickle into the private sector and lead to more opportunities in cybersecurity.
3. Foreign operatives were active in 2020 but did not alter vote, US officials say by Sean Lyngaas
In a major report released this week by the U.S. government, it was found that though Russian, Chinese, and Iranian-linked operatives were actively trying to influence the 2020 US election, it did not affect the integrity of the vote. Specifically, the report addresses Russia’s alleged breach of some state and local IT networks and Iran’s targeting of voters with email spoofing, both of which had been previously reported. Though China considered targeting campaigns, the report concluded that they did not deploy influence efforts in a major way. The report is a reminder of how acute threats to our elections have become and is important because it verifies the integrity of the election.
4. FBI warns of escalating PYSA ransomware attacks on education orgs by Sergiu Gatlan
The FBI released a warning this week detailing how the PYSA ransomware is targeting educational institutions. The warning included indicators of compromise to help organizations guard against the relatively new ransomware. If users or organizations are attacked with PYSA, the FBI is currently advising those affected not to pay the ransom. The PYSA ransomware is just the latest cyber threat affecting schools, which have been targeted by malicious actors since they’ve gone remote during the pandemic. Educational institutions are encouraged to take all steps detailed in the advisory to mitigate potential ransomware attacks.
5. NFT digital art is already attracting hackers by Shannon Vavra
As NFTs have grown in popularity, they have also become a target for hackers. It’s not surprising that NFTs, short for Non-Fungible Tokens, have become a target for cybercriminals as they can be of high value and exist entirely online. A company that was recently affected claims that only accounts that had not enabled two-factor authentication were breached and that its encouraging all of their users to enable 2FA. As they are so new, everything about NFTs is currently being figured out; for example, there was a debate over the last few weeks about whether an exploit could be sold as an NFT. As with any new technology, especially one of apparent value, there will be some early misuse and confusion as everyone figures things out. Unfortunately, it will inevitably attract criminals who are drawn to the potential profit, too.