Cryptologic Bytes Archives

Cybersecurity News: The Internet is Making Us Vulnerable; FISA Section 702 Delay; Wordpress Vulnerability & Breaches at Ancestry.com; and more

Cybersecurity News Bytes for the Week Ending 29 Dec 2017

North Korea Demands U.S. Evidence for WannaCry Attribution

The North Korean UN delegation demanded proof from the U.S. for the attribution of the WannaCry ransomware to North Korea. This demand was in reaction to a Wall Street Journal op-ed by White House Homeland Security Adviser Tom Bossert in which he attributed WannaCry to North Korea. Bossert based his statements on similar conclusions reached by the British Government and Microsoft. North Korea has denied the allegation, calling Bossert’s claims a “grave political provocation” and threatening retaliation. The Fifth Domain- 26 Dec 2017

FBI Fingerprint Software Made in Russia?

According to an explosive BuzzFeed report in late December, whistleblowers who worked for a French company, Morpho, have alleged in a lawsuit that the software Morpho sold to the FBI in 2011 for use in fingerprint analysis contains algorithms developed by the Russian company Papillon Systems under a secret licensing arrangement. Papillon also supplies software to Russian law enforcement agencies including the FSB. The fingerprint software in question is part of the FBI’s Next Generation Identification initiative and is relied on by more than 18,000 U.S. law enforcement agencies and TSA. Morpho, a subsidiary of Safran Group, won the FBI contract in 2009 against competition that included an American company. In court filings, Safran claimed no responsibility for actions of a subsidiary company, but did not deny the allegations by the whistleblowers. Congressional concerns about the contract with a French company were raised to the Director of the FBI at the time, but the award to Morpho went ahead. The FBI issued a statement to BuzzFeed saying that all commercial software is subjected to security testing before being used operationally. Morpho was subsequently sold to a U.S. private-equity firm and renamed Idemia. Idemia has provided fingerprint-recognition software to, among others, the Department of Defense and TSA for use in its traveler pre-check program. BuzzFeed- 26 Dec 2017

WordPress Vulnerable to Malicious Plugins

Security researchers at White Fir Design, a web design, security and marketing firm, have discovered the existence of potential malware on WordPress plugins that allows an attacker to insert Search Engine Optimization (SEO) spamware by providing access to a hacked website’s URL. This vulnerability was discovered in 2014 and corrected at that time by WordPress. However, according to White Fir, hundreds of websites still contain the infected plugins, allowing spammers to continue their exploits. Bleeping Computer - 26 Dec 2017

FISA Section 702 Authority Renewal Delayed

Section 702 of the US Foreign Intelligence Surveillance Act, the legal authority for much U.S. electronic surveillance, will not be renewed before it sunsets at the end of December. Congress has deferred consideration of reauthorization until it reconvenes in January. The Department of Justice has offered an opinion that the Act as it stands permits current surveillance operations to continue into April, which is thought to give the Intelligence Community sufficient legal authority to go on as it has, at least for a few months. But final Congressional action is likely in the first months of 2018. (TheCyberWire, 28 December 2017)

Ancestry.com RootsWeb Server Breached

A data breach on Ancestry.com’s RootsWeb server exposed 300,000 passwords, email addresses, and user names, but no credit card information. Ancestry.com discovered the breach on the RootsWeb infrastructure and believes it dates to November 2015. Most of the information exposed was from users taking advantage of free trial offers on Amazon and RootsWeb. Ancestry.com says there is no evidence that the data was collected or used by malicious actors, but that all affected users are being notified of the breach. ThreatPost- 27 Dec 2017

The Internet is Making Us Vulnerable

Security journalist Tim De Chant summarized 2017 as a year in which Americans became more vulnerable due to data breaches, ransomware attacks, social media manipulation, and the leaks of NSA and CIA cyber tools that were weaponized by cyber criminals. He describes well-known breaches such as Equifax and Uber as well as a little-publicized breach of Amazon’s cloud that was storing Republican Party data on 198 million Americans. Names, addresses and other sensitive voter information was exposed on-line for two weeks. The year ended with Facebook founder Sean Parker ruminating about the possibility that social media is “exploiting a vulnerability in human psychology.” Another Facebook executive commented on the prospects of social media “ripping apart the social fabric of how society works.” Nova Next- 28 Dec 2017

Return to our HOME PAGE