Weekly Axis Of Easy #245
Last Week’s Quote was “How much time he saves who does not look to see what his neighbor says or does or thinks.” Three interesting guesses, but Geoffrey is the one who got it right.
This Week’s Quote: “Clever tyrants are never punished.” …by???
THE RULES: No searching up the answer, must be posted to the blog– the place to post the answer is at the bottom of the post, in the comments section.
The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.
In this issue:
- The British government calls for stronger mobile app protections
- Ukraine is using facial recognition as a weapon of war
- Citizens should be told government tracks their movements, says Canada’s ethics committee
- Spanish spy chief admits hacking phones legally
- South Korea’s joining NATO Cyber Defense Center has not been well received by China
Elsewhere online
- We can learn a lot about threats from Star Wars
- Chinese hacker ‘Mustang Panda’ uncovered new espionage attacks
- Cyberattacker stole Heroku Customer Account Credentials using stolen OAuth Tokens
- North Korea’s Lazarus Group linked to VHD ransomware
- The EU is suing Apple over restrictions on NFC payments on iOS devices
The British government calls for stronger mobile app protections
A report from the UK government has laid bare the risks of malicious mobile apps as lawmakers call for stricter protections for consumers. The information published by the UK National Cyber Security Centre (NCSC) found that 87% of UK citizens now own a smartphone, creating a widespread attack surface for cybercriminals.
According to the NCSC, people’s personal information and money are at risk due to fake apps containing malware developed by cybercriminals or poorly designed apps that hackers can exploit. Moreover, the report also claims that some developers are not following best practices when creating apps.
Responding to these findings, the UK government has asked the tech sector to view enhanced security and privacy requirements for companies running app stores and developers making apps. As part of new proposals, app stores would be required to commit to a new code of practice laying out security and privacy requirements, which the UK describes as “the first measure of its kind anywhere.“
The proposed policy would require app stores to have a vulnerability reporting process and share more security and privacy information with consumers. The NCSC’s technical director, Ian Levy, supports the proposed code of practice for app stores, noting that the report shows “there are more app stores can do, given the fact that cybercriminals are currently exploiting weaknesses in app stores on all types of connected devices.“
Read: https://portswigger.net/daily-swig/uk-government-calls-for-tougher-protections-against-malicious-mobile-apps
Ukraine is using facial recognition as a weapon of war
Clearview AI, an American company that sells facial recognition technology, offered its tools free of charge to the Ukrainian government, using them to identify dead and living Russian soldiers and then contact their mothers. Over the years, Clearview AI has scraped 100 billion facial images from the internet, selling the data to law enforcement agencies and governments. In Ukraine, this data is being used as a weapon of war.
It would be easy to shrug off this incident as we voluntarily surrendered our privacy when we began sharing photos online. Still, Ukraine uses facial recognition technology for psychological warfare, not identification. Imagine that Russia or the United States used facial recognition technology to identify dead civilians and contact their mothers. Liberal democracies would condemn these actions and pass laws protecting their citizens’ biometric data.
Congress should act now to protect Americans’ biometric data by taking inspiration from the European Union (EU) General Data Protection Regulation (GDPR) or Illinois’ Biometric Information Privacy Act (BIPA) instead of waiting for these imaginary scenarios to happen.
It is also essential to notice that Clearview AI is not the only company using similar tools to capture our faces. Similar devices are being built by many companies and governments, such as PimEyes, FindClone, and TrueFace. However, currently, there is nothing preventing adversaries from capturing the faces and other biometric data of free societies. Soldiers, security officers, law enforcement officers, and civilians might be put at risk by failing to act.
Read: https://nationalinterest.org/blog/techland-when-great-power-competition-meets-digital-world/your-face-now-weapon-war-202039
Citizens should be told government tracks their movements, says Canada’s ethics committee
A House of Commons committee says if the government collects data on Canadians’ movements it should notify them and let them opt out of such collection. It also says the government should change privacy laws so that de-identified information and aggregate data are considered personal information.
The ethics committee made these recommendations after its investigation started in January following public outcry over the federal health agency’s secret mobile phone data collection during the COVID-19 pandemic. During pandemic lockdowns, the Public Health Agency of Canada tracked 33 million mobile devices using cell tower data and issued a tender in December to continue tracking location data until May 31, 2023.
The privacy commissioner said the government failed to reassure people that the government’s collection of personal data would respect their privacy. He said Canada’s privacy laws need to be modernized and that Canadians have no confidence in the country’s laws.
The ethics committee recommended several measures to protect personal information, including public education and transparency measures, and empowered the privacy commissioner to investigate breaches and enforce the law.
Read: https://www.ctvnews.ca/politics/ethics-committee-says-government-must-tell-canadians-it-s-tracking-their-movements-1.5888407
Spanish spy chief admits hacking phones legally
According to reports, Spain’s top intelligence official admitted that they hacked into the cellphones of “some” of the dozens of politicians reported to have been targeted by spyware but said they were overtly authorized to do so. Gibi Rufián, a member of a Catalan independence party, spoke to reporters after a private meeting with Spain’s National Intelligence Center. Rufián said the CNI acknowledged the spying activities but that they were conducted against far fewer people than those cited by Citizen Lab.
According to The Associated Press, Spain’s Defense Ministry, which oversees the CNI, declined to comment on the meeting because its content is classified. However, media outlets in Spain reported the director had presented the committee members with court authorizations to hack some separatists’ cellphones.
Along with the Catalan hacking incident, Spain’s intelligence agency is under the spotlight due to another Pegasus hacking case. Spanish officials announced earlier this week that Sánchez, the prime minister, and Margarita Robles, the defense minister, had both been infected with Pegasus spyware last year. Several CNI officials detected the hacking of Sánchez’s and Robles’ phones due to deep scanning after the breaches into the Catalans’ phones were revealed.
Spanish citizens have been left wondering how widespread the spying is and who is behind it following the sudden spate of hacking scandals. Separatists in Catalonia claim that Spain intentionally diverted attention away from their cases by revealing the hacking of top officials.
Read: https://www.securityweek.com/catalan-spain-spy-chief-admits-legally-hacking-some-phones
South Korea’s joining NATO Cyber Defense Center has not been well received by China
South Korea, Canada, and Luxembourg have joined NATO’s Cooperative Cyber Defence Centre of Excellence. The first Asian country to join Tallinn’s cyber defense unit is South Korea. Despite not being a member of NATO, the two have cooperated in various areas, including cyber defense.
After announcing that South Korea had joined the CCDCOE, Hu Xijin, former editor-in-chief at China’s Global Times, warned South Korea against turning hostile toward its neighbors.
“If South Korea turns hostile against its neighbors, the end of this path could be a Ukraine,” said Xijin, whose account is flagged by Twitter as “China state-affiliated media.”
Reports indicate that Chinese-sponsored threat groups have targeted South Korea in recent years. Still, there are also reports of Chinese entities, including government agencies, being attacked by South Korean-sponsored hackers.
Read: https://www.securityweek.com/china-not-happy-south-korea-joining-nato-cyber-defense-center
Elsewhere online:
We can learn a lot about threats from Star Wars
Read: https://www.darkreading.com/vulnerabilities-threats/what-stars-wars-teaches-us-about-threats
Chinese hacker ‘Mustang Panda’ uncovered new espionage attacks
Read: https://thehackernews.com/2022/05/experts-uncover-new-espionage-attacks.html
Cyberattacker stole Heroku Customer Account Credentials using stolen OAuth Tokens
Read: https://www.darkreading.com/endpoint/heroku-cyberattacker-stolen-oauth-token-customer-account-credentials
North Korea’s Lazarus Group linked to VHD ransomware
Read: https://threatpost.com/vhd-ransomware-lazarus-group/179507/
The EU is suing Apple over restrictions on NFC payments on iOS devices
Read: https://www.engadget.com/european-commission-charge-apple-pay-nfc-115020342.ht
Previously on #AxisOfEasy
If you missed the previous issues, they can be read online here:
- May 2nd, 2022: Goldbackdoor Malware Is Used Against Journalists By Nation-State Hackers
- April 25th, 2022: Shanghai Residents Find Creative Ways To Challenge Chinese Censorship
- April 25th, 2022: April 18th, 2022: Government Network Was Crawling With LockBit Ransomware For Months
- April 11th, 2022: New SpringShell Vulnerability Targets Nearly A Fifth Of Global Organizations
- April 4th, 2022: Apple And Meta Unknowingly Provided Hackers With Customer Data
Voltaire!