Archive for July 16, 2020

Russian Hacker Group Accused Of Targeting COVID-19 Vaccine Research In Canada, U.S. and U.K

Posted in Commentary with tags , , on July 16, 2020 by itnerd

Given the times that we live in, a vaccine is the top thing the planet must do in terms of getting the planet out of the COVID-19 pandemic. So it doesn’t exactly come as a shock that research into a vaccine is a target for hackers that belong to nation states. Case in point is the news that Russian hackers have targeted COVID-19 research:

A hacker group “almost certainly” backed by Russia has tried to steal COVID-19-related vaccine research in Canada, the U.K. and the U.S., according to intelligence agencies in all three countries.

The Communications Security Establishment (CSE), responsible for Canada’s foreign signals intelligence, said APT29 — also known as Cozy Bear and the Dukes — is behind the malicious activity.

The group was accused of hacking the Democratic National Committee before the 2016 U.S. election.

The group “almost certainly operates as part of Russian intelligence services,” the CSE said in a statement released Thursday morning in co-ordination with its international counterparts — an allegation the Kremlin immediately denied.

No shock that the Kremlin denies this as I am sure that nation sates don’t want to be associated with the activities of the hacker groups that they covertly sponsor as it gives them plausible deniability. This is important because Russia has a history of stealing intellectual property. David Masson, Director of Enterprise Security, Darktrace goes into more details about that:

The Soviet Union, and now its successor Russia, has a long and established history of stealing other countries’ intellectual property in order to satisfy national interests. In this instance, we are being warned about an APT (APT 29) linked to the Russian Intelligence Services using cyber-attacks to obtain information on COVID-19 research from medical organizations around the world. Given the recent warning from the US/UK and Canada combined, we can consider that these three countries have been victims of such attacks.

Russia is also facing the effects of this global pandemic and will be seeking “help” in order to deal with it now and in the future. Trying to gain an advantage in the fight against COVID-19 could well lead to theft of research from around the world in order to avoid otherwise necessary investment in time, money and effort (which may not be available). In the modern era, cyber-attacks have proven to be a very cost-effective way of obtaining information that may well be very difficult to get ahold of by other means. Currently the crown jewels in the COVID-19 fight will be a vaccine, so information and research on this subject are extremely valuable.

Medical research organisations, especially those working in academia often operate in a climate of trust and collaboration and will be seen as easy targets by groups such as APT29 who will exploit this. We can expect further attacks and further warnings as the pandemic wears on.

Ubisoft Unveiles A New Collegiate Esports League In Partnership With Tom Clancy’s Rainbow Six Siege

Posted in Commentary with tags on July 16, 2020 by itnerd

Today, Ubisoft announced Ubisoft Collegiate Esports, their first ever proprietary collegiate esports league, premiering with Tom Clancy’s Rainbow Six® Siege, that will kick off in July 2020. The new league will launch in partnership with FACEIT, the world’s leading platform for competitive online gaming, who will operate the program as part of the new North American ecosystem. CORSAIR will serve as the premiere sponsor of the league. Additional sponsors include Origin PC, a subsidiary of CORSAIR.

The program will feature a user-friendly online platform allowing registered school clubs (no online schools) to register themselves and begin competing in a variety of local and cross-continent programs.

Clubs must consist of registered, full-time students and will be able to:

  • Host intramural matches
  • Host viewing parties and live events
  • Manage club members and their teams
  • Manage matches and results
  • Request prizing 

In addition to the online platform, schools will be eligible to nominate one team (per school) to participate in the Rainbow Six Collegiate championship – our premier league for Rainbow Six. All contending schools will face off for a chance to earn a $30K prize pool and additional hardware prizes, including a cutting-edge Origin PC and CORSAIR peripherals. The pre-season will begin in October 2020, while the full season will begin in January 2021.

Ubisoft is taking exceptional pride in being able to offer unique esports programs to players of all skill levels. The collegiate program is our chance to get involved with the college community and build a program that focuses on professionalism, fair play, and community growth.

Please visit r6collegiate.faceit.com for more details on Ubisoft Collegiate Esports.

To learn more about Tom Clancy’s Rainbow Six Siege, please visit https://rainbow6.ubisoft.com/

A Follow Up On Citizen Care Pod Corp

Posted in Commentary with tags on July 16, 2020 by itnerd

Following up on my Citizen Care Pod Corp coverage that I did yesterday, I wanted to share some additional details. The development of these mobile testing pods is the result of teamwork between industry leaders including Dell Technologies Titanium Black Partner Insight Enterprises.

Additional information can be found here about how Dell Technologies is working with healthcare providers to deliver health IT solutions that bring positive change to patients, care providers and the community as a whole.

The Epic Twitter Hack Was Caused By Social Engineering

Posted in Commentary on July 16, 2020 by itnerd

I’ll give Twitter points for coming clean on what happened yesterday when it comes to the fact that verified Twitter accounts were taken over to promote cryptocurrency scams. But I am not sure if it will make anyone feel better. But let’s start with what actually happened. Twitter posted a series of Tweets describing how this epic hack took place:

So in short, they got pwned not because of a bug in Twitter, but because of a social engineering attack. Which once again proves that the weakest link in terms of IT security are the humans. And companies need to do training an put countermeasures in place to make sure that they don’t become the next victim of something like this. Or worse.

Besides the above, you have to ask what else did these hackers get access to. Twitter doesn’t know which is why they are still investigating. And I hope for their sake that their investigation is comprehensive as I wouldn’t want these miscreants floating around my network to cause trouble at a later date. So consider this story to be far from over. Something that Max Heinemeyer, Director of Threat Hunting, Darktrace agrees with:

This attack is unprecedented in both its targets and the serious level of widespread access. There is strong evidence to suggest that the attackers gained access into Twitter’s back-end systems, theoretically granting them access to any twitter account – even that of a US president. 

Despite this level of access, we cannot assume this is the work of a nation state: many cyber-criminals today have access to tools and techniques once reserved for state-sponsored attacks. The hack used automation, was well-organised, and targeted selected accounts for maximum impact. The money is already being moved from the initial Bitcoin wallet to make tracking harder. 

These perpetrators may be financially motivated and conducting a smash-and-grab attack, but that does not mean the damage done ends with the Bitcoin scam. While Twitter put all hands-on-deck to deal with prominent individuals’ accounts, it is unclear what other nefarious activities the attackers have done behind the scenes – e.g. stealing direct messages between high-profile individuals to use them later for extortion or other crime.

In the run up to the US presidential election we can expect to see assaults of this kind become the ‘new normal’. The story is far from over.

Belkin WEMO Users Complain About An Outage Which Has Been Going On For At Least Two Days…. But There Is A Fix

Posted in Commentary on July 16, 2020 by itnerd

If Belkin didn’t have enough issues when it comes to blowback related to the termination of the back end services of their WEMO NetCams, they have something new to deal with that is upsetting customers. Users of Belkin WeMo smart home products such as their smart plugs have been complaining about an outage that started a couple of days ago which leaves them unable to control their smart home gear. The issue was brought to my attention by a reader of this blog who tried reaching out to Belkin for help, but apparently whatever help she received was anything but helpful. Since I had a couple of pieces of WEMO gear lying around, specifically a pair of smart plugs, I pulled them out to test this. The were able to connect to my home WiFi network just fine. But when I tried to control them from the WEMO app on my iPhone, I got this:

And I appear not to be the only one who has this issue. And some of these people are not happy:

These people have a point. If you look at the troubleshooting that Belkin’s @WEMOCares Twitter account is doing, it’s not effective and amounts to “have you turned it off and on?” Here’s an example from today:

Take it from me, doing either of those things won’t make a difference. And I don’t understand why this is being suggested as a course of action because what appears to actually make a difference is the creation of a WEMO account to control whatever smart home gear that you have from the company. A tweet from @WEMOCares highlights this:

Some history for you. In the last couple of weeks, Belkin pushed out a new version of their WEMO app that gave you the ability to create a WEMO account to “secure” your smart home devices. The creation of an account at the time that the app was pushed out was something that was optional. But it now appears to be a requirement as clearly Belkin did something on their back end to make it a requirement in the last few days. That’s pretty poor communication on the part of Belkin as in the above case, the customer told @WEMOCares what the solution was rather than the other way around. Which is not how the universe should work. And that lack of communication means that customers not only suffer for no reason, but it leaves them with a pretty bad impression of Belkin and their smart home gear.

So if you have this issue, I would recommend creating a WEMO account via the WEMO app to see if that fixes this issue. Chances are that it will as it resolved this issue for me when I tested this on behalf of the person who reached out to me. And it worked for the person in question when they tried it. Though having this advice come from a third party like me rather than Belkin itself really reflects poorly on Belkin. And Belkin may wish to do something about that because this is the sort of thing that won’t help them to sell smart home gear or much of anything else that they make.