Friday Five 5/20
In this week's Friday Five, read about the outing of a ransomware mastermind, growing threats against the global maritime supply chain, an under-the-radar iPhone exploit, and more!
1. Your iPhone Is Vulnerable to a Malware Attack Even When It’s Off by Dan Goodin
Academics at Germany’s Technical University of Darmstadt figured out how to exploit an iPhone’s Bluetooth chip so that a phone could be vulnerable to a malware attack even when the phone is turned off. According to researchers, the “design of [low-power mode] features seems to be mostly driven by functionality, without considering threats outside of the intended applications. Find My after power off turns shutdown iPhones into tracking devices by design, and the implementation within the Bluetooth firmware is not secured against manipulation.” Read the full article at Wired to find out more about how an attack could work.
2. US Names and Shames Venezuelan Doctor as Notorious Ransomware Maker by Carly Page
The U.S. Justice Department recently announced that they’ve discovered a Venezuelan cardiologist, Moises Luis Zagala Gonzalez, created and has been running the notorious Thanos ransomware-as-a-service (RaaS) operation, including renting out ransomware tools to cybercriminals and teaching them how to use said tools. At least 38 copies of the software were sold, according to the FBI. Read more here about where and by whom Gonzalez’s software was used and the charges he faces.
3. Angry It Admin Wipes Employer’s Databases, Gets 7 Years in Prison by Bill Toulas
Lianjia, a Chinese real-estate brokerage giant, had their data wiped by one of their disgruntled IT admins, something which ultimately cost the company $30,000 in recovery efforts. Han Bing, the accused employee, had been pushing a security project that aimed to fix security gaps in Lianjia’s systems but was largely ignored by his superiors. Read the full article from Bleeping Computer to find out more about the fallout of the insider attack, how Bing was caught, and what's next for him.
4. The Vulnerable Maritime Supply Chain - A Threat to the Global Economy by Kevin Townsend
The global maritime supply chain is becoming increasingly vulnerable to sophisticated cyberattacks. This important because a successful attack could have a severe impact on the global economy. As Kevin Jones, the Dean of Science and Technology at Plymouth University puts it, “closing down one maritime supply route can cause a knock-on log jam that affects the world economy at the rate of billions of dollars every day,”
This story looks at research done on the maritime supply chain by Jones and the Universities Maritime Cyber Threats Research Group. While there are still no known "serious examples of vessel compromise," the closing of even a few main ports due to cyberattacks could cut off the supply of goods dramatically to the point that they could lead to a "catastrophic failure of systems." Read the full article at SecurityWeek to find out why attackers may be motivated to attack the maritime supply chain, what could potentially be attacked, and the theoretical effects of an attack.
5. DOJ Says It Will No Longer Prosecute Good-faith Hackers Under CFAA by Zack Whittaker
In light of a 2021 landmark Computer Fraud and Abuse Act (CFAA) ruling by the Supreme Court, the U.S. Justice Department announced in a statement this past week that it will no longer bring charges against security researchers and hackers acting in good faith. "The department has never been interested in prosecuting good-faith computer security research as a crime, and today’s announcement promotes cybersecurity by providing clarity for good-faith security researchers who root out vulnerabilities for the common good," said U.S. Deputy Attorney General Lisa Monaco. Read more to find out why the CFAA has long been criticized and what this change means moving forward.