#AxisOfEasy 175: Secrecy Around Top Canadian Cyber-Security Intelligence Officer Caught Spying For China


Weekly Axis Of Easy #175


Last Week’s Quote was  “The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn, and relearn.” Was Alvin Toffler, the winner was Mark Zed – We FIXED he issue where readers were unable to leave their answer to the quote contest.

This Week’s Quote:The persistent trick of modern politics – that appears to fool us repeatedly – is to disguise economic and political interests as cultural movements. ” By….???


THE RULES: No searching up the answer, must be posted to the blog. The place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.

 



In this issue:
 
  • Secrecy around top Canadian cyber-security intelligence officer caught spying for China
  • S&P to launch crypto-currency indexes in 2021 as Niall Ferguson endorses Bitcoin (OOtc article) 
  • Google fires researcher for criticizing company AI policy
  • Virtual credit card skimmers hidden in social media sharing icons
  • Ransomware this week: Vancouver transit, E-Land, Israeli company extorted
  • DeepMind solves a 50-year old molecular folding problem (and update on easyDNS Fold@Home team)
  • Hackers targeting COVID-19 vaccine supply chain
  • Flaw in iOS allowed attackers control your iPhone via WiFi
  • Google play store app data leakage
  • Salon #33: Ethereum 2.0 could be the scaffolding of the Network State

Secrecy around top Canadian cyber-security intelligence officer caught spying for China

Last September we ran a short, rather cryptic item in AxisOfEasy #113 that the top civilian cyber-security expert working for the RCMP had been arrested and taken into custody for illegally sharing government secrets.

That was all we knew at the time, and not much had been heard since, until last week when Dianne Francis wrote a detailed piece for the Financial Post. In it we learn that the official in question is Cameron Ortis, who grew up in BC, speaks Mandarin and rose to become the “director general of the RCMP’s National Intelligence Coordination Centre (NICC), held high-level security clearance and was the highest-ranking civilian on the force.”

Ortis has remained in custody since his arrest in September 2019, and all court records pertaining to the case are sealed. While those of us here in Canada seem to be under a media blackout, foreign reports describe it as China having infiltrated this country’s highest intelligence agencies, and not for the first time.

The infiltration is being described as so severe that it compromises Canada’s position within the so-called “5-eyes” global intelligence and surveillance cartel.

Read: https://americanmilitarynews.com/2020/05/china-seems-to-have-infiltrated-canadas-highest-intelligence-agency-and-its-not-the-first-time/

Diane Francis is a dual US / Canadian citizen and the author of numerous books including “Who Owns Canada Now” and “Merger of the Century”, the latter of which advocates for a full political union between the two countries.

S&P to launch crypto-currency indexes in 2021 as Niall Ferguson endorses Bitcoin

The crypto-currency space is coming back to life rather dramatically as the Bitcoin price bumps against its all-time highs at around $20K USD. This time it looks like big institutional money managers are warming up to the idea that this stuff is here to stay and it may be worth considering having some exposure to it.

Ascent of Money author and historian Niall Ferguson, whose book by that title chronicles the evolution of money and currencies over the past thousand years wrote an op-ed for Bloomberg outlining why he thinks Bitcoin will be the big winner of the monetary evolution catalyzed by the COVID-19 pandemic:

“We are living through a monetary revolution so multifaceted that few of us comprehend its full extent. The technological transformation of the internet is driving this revolution. The pandemic of 2020 has accelerated it. To illustrate the extent of our confusion, consider the divergent performance of three forms of money this year: the U.S. dollar, gold and Bitcoin”

He likened Bitcoin to “digital gold” given that it possesses the same inelasticity that make precious metals, well, precious. And he’s not alone, as he cites in his piece, Paul Tudor Jones, Stanley Druckenmiller have begun to allocate funds to it and even Ray Dalio has expressed more open-mindedness to it.

It should be no surprise then, that the S&P group plans to launch crypto-currency indexes over the course of 2021. A spokesperson for the financial data behemoth told Reuters that they feel the crypto-currency space has reached the point of maturity where institutional level pricing and benchmark data is now needed. The company has also been busily hiring blockchain engineers lately.

Read: https://www.coindesk.com/sp-dow-jones-indices-to-launch-crypto-indexes-in-2021

Where Ferguson does consider Bitcoin to be “surpassing” gold in all this, I don’t think that’s necessarily the case and actually wrote up a piece about “Gold vs Bitcoin” over on Out of the Cave. The TL,DR is that I think it’s self defeating to think of these in terms of either/or. It’s more useful to regard precious metals and crypto-currencies as different tools to approach the same problem (the End Game of the current global monetary regime).

Read: 
https://outofthecave.io/articles/gold-vs-bitcoin-is-stupid/


Google fires researcher for criticizing company,  AI bias

Timnit Gebru was the co-head of Google’s Ethical AI team and a frequent critic of the tech industry in general. She was fired by the company apparently after she circulated an internal email accusing the company of squelching her research and coming up short in matters of diversity. She is also black, and part of her stance around AI is that she objects to its use within law enforcement because it discriminates against darker skinned people.

AI is a cornerstone of Google’s strategy and her opinion on these matters could be viewed as dissonant with the corporate view. Google for their part claims her research “lacked rigor” and tried to frame Gebru’s departure as a resignation. But as far as I can tell, this is at least the second instance of Google, whose Code of Conduct literally says “if you see something that you think isn’t right – speak up!”, firing somebody who spoke up. (The other was James Damore).

Read: https://www.wsj.com/articles/prominent-critic-of-bias-in-ai-says-google-fired-her-after-research-dispute-impolitic-email-11607037474 (paywall)

We’ve written before in AxisOfEasy 167 about some scientists concerns that AI used in “predictive policing” tends to be biased and tends to either get darker skinned faces wrong when (mis)identifying them or otherwise discriminates against darker skinned people.


Virtual credit card skimmers hidden in social media sharing icons

The Magecart credit card skimmer malware just seems to never go away. This is the malicious code that hackers inject into vulnerable Magento servers which snarfs credit card info from online order forms. Now hackers are concealing the code in plain site: creating fake social media sharing icons for the likes of Twitter, Facebook and LinkedIn.

The new variant was discovered by the Sansec Threat Research Team who say it’s not the first time this has been concealed within images, but it is the first time it’s been done within valid images via steganography: a cryptographic technique of concealing information within an image that would be undetectable to the human eye. Apparently it makes it currently undetectable by malware scanners.

Read: https://www.bleepingcomputer.com/news/security/credit-card-stealing-malware-hides-in-social-media-sharing-icons/

Read: https://sansec.io/research/svg-malware


Ransomware this week: Vancouver transit, E-Land, Israeli company extorted

Stop the presses, there’s been a ransomware attack on the internet! These just keep coming fast and furious that I’m seeing multiple attacks each week and it no longer makes sense to write about each one as an isolated item.

Ransomware attacks this week include:

Vancouver’s transit system, hit by the Egregor strain:
Read: https://www.bleepingcomputer.com/news/security/metro-vancouvers-transit-system-hit-by-egregor-ransomware/

Israeli insurance company Shirbit has been breached and customer data stolen by a threat actor calling itself BlackShadow. The hackers are demanding a ransom in order to not leak the details. Security researchers are warning that they’ll probably leak the data anyway.
Read: https://www.bleepingcomputer.com/news/security/blackshadow-hackers-extort-israeli-insurance-company-for-1-million/

E-land, an online retail chain, looks to have been hit by CLOP ransomware to the tune of 2 million credit card numbers over a period of a year.
Read: https://www.bleepingcomputer.com/news/security/ransomware-gang-says-they-stole-2-million-credit-cards-from-e-land/


DeepMind solves a 50-year old molecular folding problem (and update on easyDNS Fold@Home team)

The DeepMind AI suite, which has previously won games of chess and Go against grandmasters and champions, has now solved a molecular folding issue which has baffled researchers for 50 years. DeepMind’s AlphaFold AI has made a breakthrough in figuring out how proteins achieve their three dimensional structure. I didn’t know what that means exactly, but this 2 minute explainer video within the article actually went a long way toward helping get a better handle on it.

This has ramifications beyond health, and may enable humanity to do things in the future like break down plastics using proteins.

Read: https://www.sciencealert.com/ai-solves-50-year-old-biology-grand-challenge-decades-before-experts-predicted (h/t to Dave Clark)

On that note, the easyDNS Fold@Home team has been rocking it.  That’s where readers like you have pooled excess CPU (and GPU) hash power together to pitch in on the global project to do protein folding calculations for various diseases, and of course this year the focus was on COVID-19.

We are in 271st place out of over 250,000 teams! Our overall score is 3,129,842,670, across 57,459 work units. Our top scorers (over 1M credits) are:

 
An image


Thanks so much to you, and to everybody participating.

The team page is here and the Fold@Home main page is https://foldingathome.org/home/ Head there, download the client for your setup, and join team 248548. Let’s get into the Top 100!


Hackers targeting COVID-19 vaccine supply chain

And for every group of people pooling their resources to co-operate on something productive, there’s always gotta be some assholes expending their energy on burning everything down. Reports started coming in last week of a mysterious phishing campaign directed against various organizations and companies that will comprise the so-called “cold chain” of COVID-19 vaccine distribution. It’s called that because many of the anticipated vaccines require sub-zero storage temperatures (-80C), and so, an entire supply chain has to be built to facilitate this.

“The attacks consisted of spear-phishing emails seeking to collect credentials for a target’s internal email and applications.
Targets of the attacks included a wide variety of companies, sectors, and government organizations. This included the European Commission’s Directorate-General for Taxation and Customs Union, an organization that monitors the movement of products across borders — including medical supplies.”


Targets of the attacks included a wide variety of companies, sectors, and government organizations. This included the European Commission’s Directorate-General for Taxation and Customs Union, an organization that monitors the movement of products across borders — including medical supplies.

IBM’s X-Force security analysts are positing that this looks like the work of a nation state threat actor and Interpol issued an alert on the matter last week.

Read: https://www.interpol.int/News-and-Events/News/2020/INTERPOL-warns-of-organized-crime-threat-to-COVID-19-vaccines


Flaw in iOS allowed attackers control your iPhone via WiFi

Ian Beer, a Google Project Zero researcher found an iOS exploit that can completely take over your iPhone remotely. While isolating at home under the first COVID lockdown he discovered a flaw that,

“allowed an attacker within Wi-Fi range to view all an iPhone’s photos and emails, and copy all private messages from Messages, WhatsApp, Signal and so on in real time. ”

The flaw exploited a bug in Apple’s AWDL wireless protocol and was fixed as of iOS 13.5

Read: https://macdailynews.com/2020/12/02/ios-exploit-enables-remote-access-to-photos-messages-more-without-user-knowledge/


Google play store app data leakage

Researchers from Palo Alto Labs’ Unit 42 cybersecurity unit have found a data leak issue that affects some apps within the Google Play store, including Baidu’s Search Box and Baidu Maps that have been downloaded over 6 million times.

“The leaked data made users trackable, potentially over their lifetime.”

The type of data that typically gets leaked in these types of circumstances include:


  • Phone model.
  • Screen resolution.
  • Phone MAC address.
  • Carrier (Telecom Provider)
  • Network (Wi-Fi, 2G, 3G, 4G, 5G).
  • Android ID.
  • IMSI (International Mobile Subscriber Identity)
  • IMEI (International Mobile Equipment Identity)


Read: 
https://unit42.paloaltonetworks.com/android-apps-data-leakage/


Salon #33: Ethereum 2.0 could be the scaffolding of the Network State


This week on the AxisOfEasy salon, Charles was back into the swing of things and we talked about Ethereum 2 and how it could be the scaffolding for a benevolent version of what we call The Network State:

Watch/ listen https://axisofeasy.com/podcast/salon-33-ethereum-2-0-could-be-the-scaffolding-for-the-network-states/

 

One thought on “#AxisOfEasy 175: Secrecy Around Top Canadian Cyber-Security Intelligence Officer Caught Spying For China

  1. Just a heads-up that you transposed two digits in your Folding@Home team number – should be 248458, not 248548.

Leave a Reply

Your email address will not be published. Required fields are marked *