FBI chief compares ransomware threat to 9/11


Ransomware is on This week once again became the world’s largest meat processing company, JBS SA was attacked, paralyzing its operations In Australia and North America. The company was able to resume operations in just a few days, but this situation once again highlighted the serious threat ransomware poses to global supply chains and critical infrastructure.

Researchers are conducting a more in-depth investigation of Apple’s recently released custom processor M1, and they have found various Fascinating behavior and dynamics. In the field of election security, Microsoft took a big step this week, announcing the main voting machine supplier Hart InterCivic is integrating the technology company’s open source ElectionGuard software Into its existing equipment. Hart’s first goal is to pilot ElectionGuard’s “end-to-end verifiable” voting in the real world.

Ransomware is undoubtedly a digital attack of the moment, but take a few minutes to review it this weekend Supply chain attacks. This is another notorious (and more ingenious) type of hacking, from NotPetya to SolarWinds, there are many moments in the sun, and will inevitably appear again.

But wait, there is more! Every week we collect all safety news that WIRED has not covered in depth. Click on the title to read the full story and stay safe there.

After a series of high-profile ransomware attacks disrupted critical US services, the US Department of Justice said this week that it is prioritizing ransomware investigations similar to terrorism investigations.The message is Reuters first reported“This is a dedicated process to ensure that we keep track of all ransomware cases, no matter where in the country it may be mentioned, so you can establish connections between participants and work to disrupt the entire chain,” the chief deputy Deputy John Carlin said the attorney general.

At the same time, FBI Director Christopher Ray tell Wall Street Journal The agency is currently tracking about 100 different types of ransomware. Many strains are related to criminal hackers in Russia. Wray stated that the current threats and challenges posed by ransomware are similar in scale to the terrorist attacks on September 11, 2001. Prevention,” Ray said. “Not only among government agencies, but also among the private sector and even ordinary Americans. “

The White House also Alert This week, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Networks and Emerging Technologies, addressed the company. This unusual letter outlines the information, best practices, and resources used to defend against ransomware attacks and respond when they occur.

In January, WhatsApp updated its terms of use and privacy policy, mainly to cover new aspects of its business products.But these changes caused a strong response, because they inadvertently highlighted the application’s Multi-year policy of Share certain user data, such as phone numbers, with the parent company FacebookWhatsApp apparently believes that toothpaste is beyond the scope of data sharing, but the company did postpone the deadline for users to accept the policy from February to May.If you don’t accept after that, the app is Will enter a period of decline until it is eventually unusable.

However, last week, WhatsApp quietly Changed that planNow, if you do not accept the policy, you can continue to use WhatsApp as usual, and you will only receive periodic reminders to accept the policy. These reminders will appear particularly frequently when you interact with features affected by the new policy, such as when you chat with a business account. WhatsApp said in a statement: “In light of recent discussions with authorities and privacy experts, we want to make it clear that we currently have no plans to restrict WhatsApp’s ability to work for people who have not yet received the update.” Forbes.

A decision of the Supreme Court on Thursday limits the types of activities that can be prosecuted under the Computer Fraud and Abuse Act, a 1986 law that prohibits unauthorized access to computers and networks. Security researchers have long criticized its law enforcement The scope is too broad. case, Van Buren v. United States, Involving a policeman who was convicted under the Act after using his credentials to search the license plate database in exchange for money. The government argued that the official “beyond the scope of authorization” and violated the law. The Supreme Court disagreed with a 6-3 decision and overturned the conviction. The majority opinion written by Judge Amy Coney Barrett believes that the CFAA “covers those who obtain information from specific areas of the computer (such as files, folders, or databases) whose computers cannot Access these areas. It does not include people who have improper motives like Van Buren to obtain information that they can obtain through other means.” Therefore, if you use hacking techniques to access data, CFAA applies. If you use legitimate system access, CFAA does not apply, but other laws may apply.

A new study by the Internet Society found that Australia’s The Telecommunications and Other Legislative Amendments (Assistance and Visits) Act 2018 Along with the “potential to cause significant damage to the economy,” this is a warning to other governments seeking similar powers. TOLA expanded the ability of the Australian government to require technology companies to establish mechanisms to bypass their built-in data protection in the software. In addition to the potential security risks caused by these so-called backdoors, the Internet Society has also found that such laws have weakened trust and confidence in technology companies and their products. In a survey of 79 companies (including 54 headquartered in Australia), 36% of companies affected by TOLA stated that their risk environment was negatively affected, and about 20% stated that the law “has a negative impact on their business. influences”.

More exciting connection stories

Source link

About the author