Friday Five: 6/5 Edition
The city of Minneapolis hit with a DDoS attack, Zoom's new security policy causes social media uproar, and a wave of cyber-attacks target anti-racism sites - catch up on the week's news with the Friday Five.
1. Minneapolis Hit with DDoS Attack Amid Social Unrest by Lucas Ropek
Amid protests over the police killing of George Floyd, the city of Minneapolis was the target of a distributed denial-of-service (DDoS) attack that temporarily disabled a number of the city’s websites and systems. The cyberattack occurred early Thursday morning and flooded the city’s servers with enough traffic to crash them. Fortunately it did not have a lasting impact. There was no evidence of a data breach or loss of data, and most of the systems were already back up and running by 9 a.m. the same day. City CIO, Fadi Fadhil, attributes the quick response time to the city’s proactive measures that they have in place to respond to and mitigate disruptions. The city’s IT team will continue to monitor their systems to ensure the issue is fixed and to further protect the network from future disruptions.
2. Joomla Team Discloses Data Breach by Catalin Cimpanu
The free and open-source content management system software Joomla announced this week that a security breach took place as a result of an unencrypted file on an Amazon Web Services S3 bucket owned by the company. The file, which was a full backup of the site, was left on the AWS bucket by a member of the Joomla Resources Directory (JRD) team and is said to contain details for roughly 2,700 users who created profiles on the JRD website. The details that could have been exposed include full names, business addresses, business email addresses, businesses phone numbers, company URL, encrypted passwords, IP addresses and more. Although most of this information was already public so the severity of the breach is low, the Joomla team is still recommending all JRD users to change their passwords. It is unclear whether anyone has found and downloaded the data from the bucket, but the incident is still under investigation.
3. Zoom’s Pledge to Work with Law Enforcement Spurs Online Blowback by Nico Grant
On a conference call on Tuesday, the CEO of Zoom, Eric Yuan, said the platform’s highest standard of digital security, end-to-end encryption, does not extend to users who use the app for free. Zoom claimed its video calls featured that level of security, something which would make it impossible for third parties to decipher communications. In reality, all calls have a lower level of encryption. The CEO justified this decision by pointing out that the company wants to work together with the FBI and local law enforcement “in case some people use Zoom for the bad purpose”. Yuan’s comments caused an uproar on social media, and many found them to be tone-deaf amid the nationwide marches against police brutality. To address users’ concerns, Yuan assured everyone during his weekly webinar that the company was striving to “do the right thing” for vulnerable groups whose abuse is sometimes broadcast through Zoom’s platform, and he echoed his support for the black community. Many users have vowed to drop the platform and switch to competitors, and some paying users have even cancelled their subscription.
4. Iran- and China-Backed Phishers Try to Hook the Trump and Biden Campaigns by Dan Goodin
Could the 2020 presidential election experience the same security disruptions as the 2016 election? Well it’s beginning to feel that way. The campaigns of both candidates were recently targeted by state-backed hackers from Iran and China. Shane Huntley, head of Google’s Threat Analysis Group, said that an Iran-backed group targeted the Trump campaign while a China-backed group targeted the Biden campaign; both groups used phishing emails as their main tactic. The personal email accounts of campaign staff were targeted in efforts to gather as much information as possible that could be used to activate password resets and other account-recovery services. There is currently no indication that either attack campaign succeeded, but Google officials sent the campaigns their standard government-backed attack warning and referred the information to federal law enforcement.
5. George Floyd Death: Anti-Racism Sites Hit by Wave of Cyber-Attacks by BBC News
In the wake of the death of George Floyd and nationwide civil unrest in the U.S., anti-racism organizations, as well as government and military websites, are experiencing a spike in cyberattacks. Attackers are using the distributed denial of service attacks to try to knock these websites offline so people are unable to access information or services. A web infrastructure and website security company observed an extra 19 billion DDoS attacks – a 17% jump from the previous month – following Floyd’s death and the ensuing protests around the country. The problem was particularly severe for certain types of organizations, as those who speak out against oppression continue to face cyber-attacks that attempt to silence them. If recent history is any indication, real world protest and violence is usually followed by attacks on the internet.