Friday Five 4/9
New phishing schemes, a debate over rhetoric in cybersecurity, and the new Global Trends Report - catch up on all of the week's infosec news with the Friday Five!
1. Hackers Are Exploiting Discord and Slack Links to Serve Up Malware by Andy Greenberg
New research has found that as Discord and Slack have become more common in our lives because of work from home, they have also begun to attract attention from cybercriminals as yet another way to deliver malware. Notably, the research has not found a specific hackable exploit in Slack or Discord, instead, cybercriminals are taking advantage of lesser-known features of the platforms and the trust that users place in them. Put another way, while users may be skeptical of clicking on an unknown link in an email, they’re likely more receptive to clicking on a Discord link. Cybercriminals are also taking advantage of the two platform’s ability to work as file hosting services. At the end of the day, users can protect themselves by treating Slack and Discord like other popular communication platform and making sure not to click suspicious links.
2. Malware Knocks Car Inspection Systems Offline in 8 States by Chris Brook
A malware attack last week that shut down vehicle inspection programs is expected to continue for at least another week. The company affected, Applus Technologies, has locations in eight states. Details of the attack have so far been scant; the Massachusetts RMV site suggests that a code or piece of hardware is needed to restore workstations affected by malware. Interestingly the attack seems to have affected different states to varying degrees, Georgia has already had its systems restored, while others are still feeling the effects of the attack. Hopefully, in the next few weeks, there will be some clarity about what attack vector was used to deliver the suspected malware.
3. Array of recent phishing schemes use personalized job lures, voice manipulation by Bradley Barth
A series of reports this week are cautioning end users to watch out for new social engineering techniques. The first details an attempt to infect users with a fileless backdoor trojan through fake job offers that have been tailored to match the users’ experience and expertise. With an uptick in hiring as the economy recovers, these kinds of attacks can be especially effective. Researchers are also warning of vishing attacks using voice modulation, especially scenarios in which cybercriminals pretend to be women to get sensitive information through catfishing. Though the technology is still in its early stages, down the line it could lead to extensive audio deep fakes. Finally, the IRS has issued a warning of ongoing phishing attacks from cybercriminals pretending to be the tax collecting federal agency. Users and employers should be on the lookout for all of these new and improved attack techniques.
4. U.S. Intelligence Report Warns of Global Consequences of Social Fragmentation by Julian E. Barnes
The National Intelligence Council's Global Trends Report, a report which highlights the long-term risks facing the country, was released this week. The report is released every four years by the intelligence community. Along with the changing power dynamics between the US and China and the threat of climate change, the report highlights the concern that the trust gap between the public and government could be made worse by technology like social media and artificial intelligence. From a cybersecurity standpoint, the report stresses that civilian and military infrastructure will continue to be targeted by cyberattacks and that hacking will continue to be an alternative to traditional warfare because of the perceived lower geopolitical risk and cost. Further, extremists may use cyberattacks to draw attention and autocratic governments will use increased tracking and surveillance to oppress their citizens. Past Global Trends Reports have been prescient, so the scenarios it lays out are worth serious consideration.
5. What gets lost in 'cyber Pearl Harbor'- style rhetoric by Shannon Vavra
Though national security officials have used charged rhetoric for years to underscore the threat of the cyber threats that face the nation, intelligence officials are now wondering if the fear-inducing language has backfired. Namely, there is a worry that hyping up the stakes of cyberwar has disincentivized people and mainstream outlets from thinking they can do anything about it. Former Secretary of Defense and Ex-CIA Director Leon Panetta argues that strong rhetorical language is necessary because it brings attention to an issue that still does not get the attention from the public that it deserves. In the future, it’s probably best to find a line between the strong language of the past while still stressing the issues in language potent enough to gain attention.