Breaking: Ongoing Ransomware Cyber Attack

There is an ongoing cyber attack, specifically a ransomware attack, ongoing across Europe, the US, and Asia.

The BBC reports:

A massive ransomware campaign appears to have infected a number of organisations around the world.

Computers in thousands of locations have apparently been locked by a program that demands $300 (£230) in Bitcoin.

There have been reports of infections in as many as 74 countries, including the UK, US, China, Russia, Spain, Italy and Taiwan.

Many security researchers are linking the incidents together.

The UK’s National Health Service (NHS) was also hit by a ransomware outbreak on the same day and screenshots of the WannaCry program were shared by NHS staff.

One cyber-security researcher tweeted that he had detected many thousands of cases of the ransomware – known as WannaCry and variants of that name – around the world.

“This is huge,” said Jakub Kroustek at Avast.

Another, at cyber-security firm Kaspersky, said that the ransomware had been spotted cropping up in 74 countries and that the number was still growing.

Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the US National Security Agency (NSA).

A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.

 



Google Docs Phishing

If you get an email containing a link to a Google Doc, don’t click. Check with the person who sent it before opening. There’s a phishing scam going around that seems to be widespread.

Otherwise, open thread!








Late Night Open Thread: Big Mouth, Tiny Thumbs

Trump’s 10 most-engaged Twitter followers over the past 30 days include five confirmed robots and three accounts that appear to be bots, according to audience data collected by Social Rank. Trump’s most prolific respondent, @Trump2016_Fan, has posted more than 18,000 times in the past year, mostly all-caps messages of support for the 45th president. The account appears to be automated and did not respond to a request for an interview.

But there are plenty of humans in the 20,000 or so replies generated by a typical Trump tweet. These are piled like building blocks beneath each tweet, a tower of typos, insults, and encouragement that stretches on and on. Scrolling through the replies to a single Trump message is enough to test the fortitude of any reader; getting to the last reply is the sort of task it’s hard to imagine any human doing voluntarily. Yet the replies bundled nearest to @realDonaldTrump—in a sorting determined by Twitter’s mysterious algorithm—are likely to be seen by hundreds of thousands of users. If Trump is the most powerful and visible user of Twitter, the replies appearing closest to his messages must occupy some of the most influential real estate on the internet.

… According to beta content-analysis software used by Social Rank, 19 percent of Trump’s followers are women. Among Trump’s 20 most-engaged followers, only two had traditionally female names—and both of those accounts appear to be automated…



Reality Conforms to My Expectations: Today’s Wikileaks Release

Earlier today a couple of you asked me what I thought of the Wikileaks release. I wrote the following in two related comments. I’m highlighting the relative parts and I’ve edited the non-essential portions out from the original comments.

First:

Wikileaks is a distro arm, and has been for a while, of the Russian government. Given that some of what was dropped – and please remember I am, like everyone else with a clearance, not allowed to actually look at anything Wikileaks posts because I don’t need to know it whether its spilled onto the unclassified Internet or not, so I’m working off of other people’s reporting – claims that the CIA has the ability to make its cyber activities look like Russian Intelligence’s cyber activities. And that this is the stuff being pushed heavily by the known Russian governmental propaganda outlets, their fellow travelers, and sites/individuals that seek to shield the President from all criticism… It is important to remember that there is a remarkable amount of overlap, in terms of time and language, between what is reported and tweeted and distroed by other social media by RT and Sputknik towards the US on this stuff, what is then reported and tweeted/retweeted and distroed by other social media by FOX News personalities (Hannity, the Fox and Friends lack of brains trust), right wing radio talkers (Levin, Hewitt, etc), Breitbart, WND, etc, and then, ultimately the President and a number of folks in and around his inner circle. This pattern has been going on and remarked on for months and is quite bizarre.

And:

I think what you’re going to see, and I want to clarify from above, that the claim will be that the CIA did the hacking into the DNC and RNC on Obama’s request, but made it look like Russia and made it looked like Russia was helping the President’s campaign. That’s the only reason you start talking about the CIA having the ability to make its hacking tools and malware look like Russia’s. This will be in order to discredit the charges of Russian hacking and a Russian campaign of active measures in support of the President’s campaign.

Hopefully that makes more sense.

Lo and behold:

 

I don’t think any of this comes as any great surprise to anyone, but its always nice when reality conforms to one’s expectations of it.



Security and Privacy Tech Tips Part One

In light of this new world we find ourselves in, I figured I’d plan a few tech posts to share some knowledge and best practices relating to privacy and security. I hope this encourages some good conversation, questions, and other tips from readers. More or less, this mostly a good idea/bad idea discussion.

To be clear, this is a mix of technical, conceptual, and philosophical information and represents my views only. When it comes to governments, my concern as a civil libertarian is to preserve all of my legal and civil rights in all situations as possible, and this means preventing anyone except duly authorized parties from accessing my private information.

You may disagree with my stance regarding compliance with government searches of electronic devices (for any physical or electronic search or access to my information, I say “warrant or exigent circumstances, with me or my lawyer present, no you do not have my permission and I will not give away my precious rights”), but I did want to make clear my absolute position on this up-front.

Realms

When it comes to privacy and security of my information, there are three realms that concern me:

  1. Personal – things that you do, use, or carry
  2. Online – considerations and implications of things we do online
  3. Home – things to think about relating to your home/apartment

In these three realms, you should always consider your privacy and information security.

I don’t include Work because that is not an area where you have privacy, no matter what you think. Your employer has the right to observe and track you, and many do, so you cannot really protect what you don’t have!

Threats

Similar to the Realms, there are Threats.  In truth, there are countless Threats, but for the most part, they break down into the following groupings:

  1. Corporations
    Companies want to make money and violating your privacy, selling your information, or otherwise making money off of you beyond sales is a great addition to a company’s bottom line.
  2. Thieves
    People want to steal private information to use for fraud or to sell to others. Ethics and morals are not really in play; they will take everything they can get.
  3. Government (domestic or foreign)
    Depending on your country and status, governments, both domestic and foreign, may want to violate your privacy to understand you, your social connections, and causes (especially protest-related ones). Other goals include gaining insight into a colleague, family member, friend, or neighbor: you may just be a step towards a larger goal.
  4. Manipulators
    People in our lives – family, friends, neighbors, coworkers, and more – are not all angels. There are people who like to spy and nose around people’s private affairs in order to have information that’s useful for manipulation, ego reinforcement, blackmail, or as ammunition in a future argument or fight.
  5. Brokers
    Some parties try to collect as much information as possible purely because accurate information in bulk is valuable. Such brokers are often hackers who steal pre-summarized information from a source such as a company’s website’s unsecured back-end. They can also be app and online widget developers who provide a cheap or free thing in exchange for access to your data. Because their goal is bulk data, there is less emphasis on searching for anything of value beyond that information. In many cases, loyalty cards, free apps, software, tools, services, and websites aren’t free- they’re selling you. Not literally, of course, but they are analyzing and selling your behavior and information.
  6. Social Engineering and Influencing
    There are parties who use private information to affect behavior. For instance, a bad guy may steal some private information in order to successfully impersonate an employee to bluff their way into getting a password reset or door unlocked. Or to blackmail someone into securing a password or piece of personal information they need for a different purpose. Private information can even be used to encourage or discourage behavior – such as identifying folks who can be easily convinced to not vote for a candidate due to a certain term in, or subject of, past emails, chats, or messages. In this case, you don’t need to identify folks who you can convince 100% of the time, just folks who are more likely to be influenceable – if you target one such person, who cares, but if you target 100,000 folks like that, a 10% success rate means 10,000 folks not voting for a candidate. And those kinds of numbers can change elections.

 

As there is a lot to cover and things are in flux, this will be a multi-part series.

Read more



Peaceful Assembly and Personal Security – Re-upped

I know a number of you all are planning to join one of the marches that will begin taking place between now through, and then after, the inauguration. So I wanted to re-up the post for anyone that missed it the first time.

(Originally posted on 18 December 2016)

Congress shall make no law… abridging…the right of the people peaceably to assemble, and to petition the Government for a redress of grievances. — Amendment 1, Bill of Rights, US Constitution

One of our readers/commenters emailed me about a week ago and asked if I would put up a post about personal security for those going to peaceably assemble to petition the Government for a redress of grievances. I put a list together and ran it past a select group of our Balloon Juice legal eagles (those I’ve corresponded with before/have corresponded with me, so if you didn’t get asked, don’t be insulted I didn’t want to just impose on you with a cold request) – thank you all for getting back to me. Here’s my list of what I think anyone going to peacefully assemble should do to enhance their personal security.

  1. Go with a buddy, that way you have at least one person looking out for you/watching your back and vice versa.
  2. Carry cash and make sure to carry a valid picture ID!
  3. Bring a pocket flashlight.
  4. Get and wear a go pro that is automatically updating to the cloud.
  5. Bring a pocket charger for your cell phone and go pro regardless of whether it is supposed to be a long day.
  6. Make sure your personal electronic devices all have sufficient password protection and encryption on them. And have them set to upload to the cloud at a regular interval.
  7. Turn off fingerprint access to unlock your phone and delete your finger prints from the memory. Some jurisdictions allow law enforcement to compel you to unlock your phone if it has finger print based access. Or get a disposable phone just for this occasion.
  8. Turn off your phone and other personal electronic devices option to connect to known wifi as it can be used as a way to fail your encryption.
  9. Bring a bandana or neck gaiter and water so you can make a make shift gas mask in case things get out of hand and tear gas or pepper spray is deployed.
  10. Bring a bottle of saline eye rinse in case you need to rinse your eyes out if tear gas or pepper spray is deployed.
  11. Bring plenty of water and some snacks to make sure you’re properly hydrated and you’ve got enough fuel in your system to get through the day.
  12. Dress in layers so you are prepared for the weather and make sure you have good shoes/boots and a change of socks in case they should get wet. A set of silk base layer undersocks is a good idea regardless of the weather. They’ll help keep your feet warm or cool as needed and they’ll provide some protection in case your shoes/boots and socks get wet. And something to keep the back of your neck and your ears warm if you’re going to be someplace cold.
  13. Bring/wear a hat to keep the sun off your head or to keep it warm depending on the weather.
  14. Bring/wear eye protection. Specifically sunglasses that are impact rated. (You should be able to pick up military surplus ones pretty cheap).
  15. Sunscreen, skin moisturizer, and lip balm. Even if its cold you’ll need these.
  16. If you need to take regular/routine prescription medication: bring it in its original container, with the prescription details on the label. If its a gel based application and comes in a packet, make sure you’ve got a hard copy of the prescription with you.
  17. Be aware of your surroundings at all times. You don’t have to be paranoid, but have a sufficient level of situational awareness. If something looks and/or feels hinky or the hair on the back of your neck stands up, head on home or go get a drink or go back to your hotel. Know who and what is around you, keep your valuables in front pockets or in secure/securable purses/bags, and keep those where they can’t be easily snatched or accessed.
  18. Have a contact plan for both linking up and communicating in case one gets separated from anyone you’re with.
  19. Have a contact plan to stay in touch with someone who isn’t at the march, but knows that you’re there and a regular set of contact times.
  20. Have a lawyer you can contact if necessary and that your outside contact could contact if you don’t check in. Make sure you have all of your contact’s phone numbers memorized in case your phone is damaged or taken by law enforcement should the worst happen and you’re arrested.
  21. Bring a sharpie to take down badge numbers if necessary. And if necessary write them on your hand.

Should the worst happen and you get caught up in a peaceable assembly that suddenly turns not so peaceable:

  1. Do not resist law enforcement. Just do what they say, let your arms go limp, and do what you can to avoid a reflex response to resist – that can get you charged with assault on a law enforcement officer.
  2. Be respectful and polite when dealing with the authorities – law enforcement, the National Park Service, whoever.
  3. If you are arrested, ask for a lawyer and then shut up. Do not say anything else or answer any other questions until your lawyer arrives. In fact let the lawyer do the talking.

One last item: some of you probably carry a pocket knife or multitool everywhere. Or everywhere that you’re normally allowed. I would recommend not carrying anything on your possession that could be construed as a concealed weapon or even an openly carried one. Even if you’re in a state/jurisdiction that allows for concealed or open carry of knives and/or other weapons – don’t. Being part of a march or peaceful assembly that turns ugly is not a good time to attempt firearms (or knife) normalization.

Stay Frosty!



Early Morning Open Thread: Wikileaks Proposes Weaponizing Doxxing

Dox: search for and publish private or identifying information about (a particular individual) on the Internet, typically with malicious intent.

Putin/Trump’s new BFFs may have overreached themselves. As of Friday afternoon, per Brian Fung the Washington Post:

WikiLeaks wants to start building a list of verified Twitter users that would include highly sensitive and personal information about their families, their finances and their housing situations.

“We are thinking of making an online database with all ‘verified’ twitter accounts & their family/job/financial/housing relationships,” WikiLeaks tweeted Friday.

[Ed. Note: They have since taken that tweet down.]

The disclosure organization, run by Julian Assange, says the information would be used for an artificial-intelligence program. But Twitter users immediately fired back, saying WikiLeaks would use the list to take political vengeance against those who criticize it.

Twitter “verifies” certain users, such as world leaders, nonprofit organizations and news outlets, with a blue check mark beside their names so that other users of the service can be confident about the posters’ identities. WikiLeaks, which has a verified Twitter account, did not say whether it would subject itself to the scrutiny it was proposing. (It was also unclear whether, under its plan, WikiLeaks would seek to uncover information about the financial lives of Russian President Vladimir Putin or President-elect Donald Trump, both of whom are verified on Twitter.)

Asked by journalist Kevin Collier why it needed to build a database of dossiers, WikiLeaks replied that the database would be used as a “metric to understand influence networks based on proximity graphs.”

But the proposal faced a sharp and swift backlash as technologists, journalists and security researchers slammed the idea as a “sinister” and dangerous abuse of power and privacy…

Timothy Berners-Lee, the inventor of the World Wide Web, compared the WikiLeaks proposal to a piece of British legislation that has been criticized as a massive boon to the surveillance industry.

“Don’t.even.think.about.it,” he tweeted.

Even the “hacktivist” organization Anonymous lined up against WikiLeaks.

“This is a sickening display of intimidation tactics,” it said, tagging the official Twitter accounts for the social network, its support team and chief executive Jack Dorsey.
Read more