Biden puts $ 10 million bounty on foreign hackers
Regulators in Germany are about to block one of the biggest porn sites in the world, according to a report from our colleagues at WIRED UK. The country recently imposed age verification checks on adult sites, which some have yet to implement. Blocking should be carried out by ISPs and mobile data providers, who may attempt to challenge the orders in court if so.
A more aggressive form of internet censorship took place this week in Cuba, as authorities cut off access to major social media and messaging platforms like Facebook and WhatsApp amid ongoing civil unrest. Like Iran, China, and other oppressive regimes, Cuba has centralized control over the internet, which means it can block specific sites or wholesale access at will. It is an increasingly common technique, made possible by the continued balkanization of the Internet.
As businesses around the world grapple with an ongoing ransomware disaster, we looked at how hackers have increasingly turned to IT management software to launch large-scale attacks. Zero-days also remain popular, including for Russian Cozy Bear, who used one to target iPhones in a recently discovered campaign. And good old-fashioned cat fishing also remains in fashion, especially for Iran, which Facebook (again) caught trying to fool targets in high-value industries with fakes. accounts. The good news is that Biden has put together a all-star cybersecurity team. The tricky part is figuring out how they can all work together.
Hackers also had a productive week, demonstrating how they could trick a third-party webcam into bypassing Windows Hello’s facial recognition. Microsoft fixed the problem. And WhatsApp has solved a long-standing frustration for its users, finally enabling cross-device use without having to route everything through your phone.
Remember to set aside some time this weekend to make sure your web searches are private and secure.
And there’s more. Each week, we put together all the security news that WIRED hasn’t covered in depth. Click on the titles to read the full stories and stay safe.
There is no simple solution to the global scourge of ransomware. But the Biden administration has at least taken proactive steps, including a new reward offering up to $ 10 million in exchange for information about hackers targeting U.S. infrastructure. The Justice Department will set up a dark web tip reporting system and has indicated it is open to paying informants with cryptocurrency.
Last week, REvil succeeded in locking down more than 1,000 companies in a ransomware campaign of historic proportions. This week, the group’s operations went offline. There are a few possibilities here. The Justice Department may have seized REvil’s servers, or Russia may have finally done some enforcement. (OK, probably not.) The most likely scenario, however, may be that REvil simply packed it up in the face of close scrutiny. Don’t expect them to disappear forever, however; these groups often just change their names and reappear once the pressure has eased. In the meantime, however, victims find themselves without a way to pay the ransom and recover their systems.
We talked earlier about the balkanization of the Internet, and the Great Chinese Firewall is the most vivid example. This week, researchers shed new light on the extent of the company’s blockage. Not only does it deny access to about 311,000 domains out of the 534 million tested, but about 41,000 of them appear to have been blocked by accident. About 1,800 of the censored sites are among the 100,000 most visited sites on the web.
The Citizen Lab at the University of Toronto this week released a report, in conjunction with a Microsoft investigation, indicating that spyware from a company known as Candiru was used to target at least 100 activists, journalists, dissidents and politicians in 10 countries. It’s a disturbing confirmation that obscure corporate surveillance software is increasingly used by authoritarian regimes to suppress dissent.
More great WIRED stories