Friday Five 1/15
Deepfakes, ransomware tactics, and Signal clones - catch up on all of the week's infosec news with the Friday Five!
1. Deepfake laws emerge as harassment, security threats come into focus by Shannon Vavra
New legislation on the state and federal level is seeking to address doctored videos and audio files. Better known as deepfakes, these altered videos or recordings often depict a prominent figure acting in some compromising or embarrassing way. A proliferation of deepfakes raises the valid concern that the public will not be able to tell the difference between a real or fake video and will further fuel our misinformation crisis. Such problems were evident this week after supporters of the president questioned the validity of his concession speech video. One possible solution could be authenticating correct information instead of labeling certain information as false. Although, with how rampant misinformation has become, the horse may have already left the barn.
2. Some ransomware gangs are going after top execs to pressure companies into paying by Catalin Cimpanu
In the ongoing fight against ransomware, a concerning trend of targeting the workstations of top executives has emerged. The concept is that only executives possess the kind of important information that a ransomware gang could use to leverage a company into paying a ransom. This new tactic is just the latest example of the sophisticated development of ransomware as an illicit business. In a few short years, we’ve gone from individuals targeting home consumers to targeting strategic elements of corporations. As of now, this tactic has mostly been limited to the Clop ransomware strain, but the fear is that the success associated with this selective targeting will incentive other ransomware groups to adopt the approach.
3. How Law Enforcement Gets Around Your Smartphone's Encryption by Lily Hay Newman
In the name of national security, governments and law enforcement agencies have consistently argued for backdoors in encryption tools meant to keep users’ data safe. Despite their alleged lack of access, new research this week has helped show that some governments already have the tools and methods to access locked smartphones. It turns out with how poorly the data is being protected, there’s no need for a federal backdoor. There is hope; researchers say that phones - iPhones in particular - have the infrastructure to allow for strong encryption, The researchers claim they've provided technical recommendations to Apple and Google on how to extend and improve encryption protections. If you’re interested in encryption or how your data on your phone is protected, the article is a fascinating read.
4. Thousands of Users Unknowingly Joined Signal Because of 12-Year-Old's App by Joseph Cox
In a slightly bizarre story, at least 10,000 of Signal’s new users can be attributed to a 12-year-old who made a clone of the popular encrypted chat app. The clone - since removed from the Google Play Store is called Calls Chat and lets users communicate with people on the Signal app even if they’ve never heard of Signal. Though Calls Chat has no malicious intent, it is a potentially troubling indicator of what others could do with Signal's open source code. Apparently, it’s an ongoing problem. Using Signal’s code, people can upload their app to the Google Play Store, except add a tracker or a delivery device as a way to make money. The story is a good example of the pros and cons of open source code.
5. Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hacks - sources by Christopher Bing
The FBI is investigating a mysterious postcard related to the suspected Russian hacking operation that targeted dozens of US companies and agencies. The postcard in question was sent to FireEye’s chief executive officer days after it revealed the hacking campaign. According to reports, the postcard contained a cartoon with the text: “Hey look Russians”, and “Putin did it”. Experts think the message was intended to troll or intimate the company in the early days of its investigation. The tactic has been used in the past and is the latest development in a story that has roiled the cybersecurity world.