This is your easyDNS #AxisOfEasy Briefing for the week of November 4th, 2024 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey Tweets, and Len the Lengend click here.

In this issue: 

• Canada’s Bill S-210 Sparks Concerns Over Digital ID Age Verification
• EFF Lawsuit Reveals $100 Million Government Surveillance of Immigrants’ Social Media
• Canada Faces Years of Cyber Breaches by Foreign Hackers
• New Interlock Ransomware Targets FreeBSD Servers
• Hacker Arrested in Canada Over Massive Snowflake Data Breaches Targeting Major Corporations
• Canadian Government to Ban TikTok (the Company not the App)

Elsewhere Online:

• Cybercriminals Disrupt Washington Court Operations
• International Crackdown Dismantles Vast Cybercrime Ring
• VEILDrive Threat Actors Misuse Microsoft Tools to Evade Detection and Distribute Malware
• DHL and Serco Tracking Services Hit by Microlise Cyberattack
• Ransomware Disrupts Patient Care at Georgia Hospital

Canada’s Bill S-210 Sparks Concerns Over Digital ID Age Verification

Canada’s Bill S-210, aiming to enforce age verification for explicit online content, has cleared the Senate and now awaits approval in the House of Commons. Introduced initially in 2011 as the Protecting Young Persons from Exposure to Pornography Act, the bill has faced limited scrutiny from critics in committee hearings.

The bill targets “sexually explicit material” but lacks a clear definition, raising concerns. Critics worry this could lead to unnecessary takedowns and potentially infringe on privacy. Privacy advocates argue the bill’s broad language makes digital age verification inevitable for many platforms. Fines for non-compliance could reach up to CAD 500,000, prompting platforms to implement strict age checks.

Senator Julie Miville-Dechêne, who introduced the bill, reportedly collaborated with the age verification industry. Critics warn that this partnership may have biased the bill’s design. According to the bill, age-verification technology is “increasingly sophisticated,” a claim critics find questionable. Experts argue the proposed technology could compromise user privacy, making Bill S-210’s enforcement “technologically unfeasible” in the long term.

Read: https://reclaimthenet.org/privacy-on-the-line-canadas-bill-s-210-pushes-digital-id-age-verification-as-a-catch-all-solution

EFF Lawsuit Reveals $100 Million Government Surveillance of Immigrants’ Social Media

The Electronic Frontier Foundation (EFF) recently disclosed government records showing that the Department of Homeland Security (DHS) continues to monitor immigrants’ social media, despite a rebrand. Renamed the Visa Lifecycle Vetting Initiative, the program retains its initial goal of identifying potential “threats” among visa applicants.

The program, once called Extreme Vetting, raises serious privacy issues. According to the EFF, “DHS’s program chills free speech,” allowing officials to target individuals based on their online views. The documents show DHS contracts with SRA International, now part of General Dynamics, for over $100 million to collect and analyze immigrants’ public social media and other online activities.

The surveillance specifically seeks “derogatory information” on immigrants, which critics argue could include any government criticism. EFF is challenging this program in court, pushing for DHS to abandon practices that may unjustly label immigrants based on speech.
EFF also opposes a related State Department policy requiring visa applicants to register social media accounts, arguing it further infringes on free expression.

Read: https://www.eff.org/deeplinks/2024/11/eff-lawsuit-discloses-documents-detailing-governments-social-media-surveillance


Canada Faces Years of Cyber Breaches by Foreign Hackers

Chinese hackers have breached Canadian government networks for over five years, according to an Oct. 30 report by Canada’s Centre for Cyber Security. The report links these attacks to Beijing, identifying China as Canada’s top cyber threat.

China’s cyber efforts focus on data theft and influence operations. Caroline Xavier, head of the Canadian Communications Security Establishment, highlighted the scale of the threat. “We need a comprehensive approach to counter these sophisticated, persistent actors,” she said. Efforts include enhancing federal, provincial, and territorial cooperation to protect critical resources.

The report also warns of targeted harassment of ethnic groups like Uyghurs and Falun Gong, reinforcing concerns about China’s online repression.

Canada also faces threats from Russia, Iran, and India. Russia, for instance, recently accessed Microsoft’s cloud service used by Canadian officials, raising concerns about data security. Iran and India’s cyber operations further complicate the landscape, each using espionage and influence campaigns.

The Centre for Cyber Security cautions that Canada has entered a “new era” of persistent cyber threats, urging stronger defenses amid increased dependence on digital networks.

Read: https://www.zerohedge.com/political/chinese-hackers-compromised-multiple-canadian-government-networks-years-stole-info

New Interlock Ransomware Targets FreeBSD Servers

The Interlock ransomware, launched in September 2024, is a new cyber threat attacking FreeBSD servers across critical infrastructure. The ransomware has already hit six organizations globally, including Wayne County, Michigan, in early October. It steals sensitive data and threatens to leak it unless a ransom is paid.

Cybersecurity expert Simo first reported the attack, revealing that Interlock uses a backdoor and a FreeBSD-based encryptor, an uncommon choice. According to Trend Micro, Interlock likely targets FreeBSD because it powers critical systems, enabling attackers to disrupt vital services. “Interlock targets FreeBSD as it’s widely utilized in servers and critical infrastructure,” said Trend Micro.
Interlock employs a double-extortion strategy, encrypting data and threatening public exposure if the ransom, which can reach millions, is unpaid. The operation’s Tor-based negotiation site allows victims to communicate directly with attackers.

BleepingComputer tested the ransomware, noting that the FreeBSD encryptor failed, but the Windows version worked effectively, modifying files with an “.interlock” extension and clearing event logs.

Read: https://www.bleepingcomputer.com/news/security/meet-interlock-the-new-ransomware-targeting-freebsd-servers/

Hacker Arrested in Canada Over Massive Snowflake Data Breaches Targeting Major Corporations

Alexander Moucka, also known as Waifu and Judische, was arrested in Canada on October 30, 2024, on a provisional warrant requested by the U.S. Justice Department. Moucka is accused of orchestrating major data breaches targeting Snowflake, a cloud services provider whose clients include AT&T, Ticketmaster, Advanced Auto Parts, and around 165 other corporations. Moucka, alongside co-conspirator John Binns—arrested in Turkey earlier this year—allegedly exploited Snowflake’s absence of mandatory multi-factor authentication, accessing vast amounts of sensitive corporate and personally identifiable information by using employee passwords harvested via malware. Ian McLeod, Canadian Department of Justice spokesperson, confirmed Moucka’s arrest and subsequent court appearance on October 30, with proceedings adjourned to November 5.

A Google spokesperson identified Moucka as the hacker responsible for the Snowflake breaches, with senior Mandiant analyst Austin Larsen calling him “one of the most consequential threat actors of 2024.” Moucka previously told 404 Media he had “destroyed a lot of evidence” and “poisoned” what he couldn’t destroy, aiming to reduce charges to a conspiracy he could “bond out and beat.” This high-profile arrest signals a warning to cybercriminals worldwide about the gravity and consequences of large-scale data breaches, while the U.S. awaits potential extradition for Moucka to face charges.

Read: https://techcrunch.com/2024/11/05/canadian-authorities-say-they-arrested-hacker-linked-to-snowflake-data-breaches/

Canadian Government to Ban TikTok (the Company not the App)

In a baffling move, the Canadian government has announced that while TikTok will still be available in Canada, the company itself will be banned from operating here. Apparently, this decision is part of a national security review, but no one bothered to explain why banning the company—while keeping the app—is a sound strategy. Sure, if TikTok poses a unique privacy and security risk, banning the app makes sense, but banning the company seems like a weird way to avoid accountability. After all, the risks remain, but now we have zero leverage to hold the company responsible. It’s like firing the chef, but leaving the potentially contaminated food on the table.

And just to add a cherry on top, this ban undermines the government’s own digital policies, like the Online Streaming Act and the Online Harms Act. TikTok had been actively engaging with these regulations—until now, that is. With the company no longer operating in Canada, it seems unlikely they’ll continue to cooperate or support Canadian cultural initiatives. Meanwhile, the government’s delayed privacy legislation—which could actually solve the underlying issue—is still stuck in the House of Commons. So, rather than addressing privacy concerns head-on, the government has chosen to make a symbolic gesture that doesn’t solve anything, and may even make things worse by further weakening Canada’s ability to regulate tech giants like TikTok.

Read: https://www.michaelgeist.ca/2024/11/canadian-government-to-ban-tiktok-the-company-not-the-app/

Elsewhere Online:

Cybercriminals Disrupt Washington Court Operations
Read: https://www.securityweek.com/cyberattack-blamed-for-statewide-washington-courts-outage/

International Crackdown Dismantles Vast Cybercrime Ring
Read: https://www.darkreading.com/cyberattacks-data-breaches/international-police-effort-obliterates-cybercrime-network

VEILDrive Threat Actors Misuse Microsoft Tools to Evade Detection and Distribute Malware
Read: https://thehackernews.com/2024/11/veildrive-attack-exploits-microsoft.html

DHL and Serco Tracking Services Hit by Microlise Cyberattack
Read: https://www.infosecurity-magazine.com/news/cyberattack-microlise-disrupts-dhl/

Ransomware Disrupts Patient Care at Georgia Hospital
Read: https://www.securityweek.com/ransomware-attack-disrupts-georgia-hospitals-access-to-health-records/