fbpx
Connect with us

Cybersecurity

After Facebook, half a billion LinkedIn accounts leaked online

Inside Telecom Staff

Published

 on

LinkedIn accounts leaked online

A few days following the massive Facebook data leak, LinkedIn becomes the second social networking platform hit with a data leak encompassing millions of accounts, CyberNews reported on Thursday.

The leak’s huge scope was discovered by CyberNews when an individual selling the data on a hacker forum claims it was scraped from 500 million LinkedIn profiles.

According to the cybersecurity platform’s investigation, a purported sample of two million of the profiles for sale contained LinkedIn members’ full name, email addresses, phone numbers, genders, and more were visible.

“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies,” reads LinkedIn’s statement.

Nevertheless, the Microsoft-owned social network stressed that “this was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”

This translates that the data collected and up for sale only includes information made available on a person’s public LinkedIn page.

However, LinkedIn failed to mention whether it was going to notify users whose data was among those scrapped; a move like that of Facebook, who doesn’t plan on informing their users if they were among the massive 533 million data leak that happened earlier this week.

In parallel, the Microsoft-owned company is facing a probe into the leak by the Italian privacy watchdog, which keeps a closer focus on the issue of data protection than U.S. authorities.

According to a statement published late Thursday by the Italian regulator, an investigation into the leak has already begun following “the dissemination of user data, including IDs, full names, email addresses, telephone numbers.”

The regulator said Italy has one of the highest number of subscribers to LinkedIn in Europe and called on affected users to “pay particular attention to any anomalies” related to their phone number and their account.

“When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable,” the social networking site highlighted in their statement.

The Italian investigation comes following Ireland’s privacy watchdog announcing their own investigation into the massive Facebook leak.

The European Union’s General Data Protection Regulation (GDPR) was signed into law May 2018, allowing national regulators to investigate and issue fines to tech companies who violate the rules under that law with a sum as much as four percent of its annual sales.

Advertisement

We’re a diverse group of industry professionals from all corners of the world. Our desire is to provide a high-quality telecoms publication that caters to an international market, offering the latest and most relevant telecoms information to businesses, entrepreneurs and enthusiasts.

Cybersecurity

EXPLAINER: Why the Colonial Pipeline hack matters

Associated Press

Published

 on

EXPLAINER Why the Colonial Pipeline hack matters

A cyberattack on a critical U.S. pipeline is sending ripple effects across the economy, highlighting cybersecurity vulnerabilities in the nation’s aging energy infrastructure. The Colonial Pipeline, which delivers about 45% of the fuel used along the Eastern Seaboard, shut down Friday after a ransomware attack by gang of criminal hackers that calls itself DarkSide. Depending on how long the shutdown lasts, the incident could impact millions of consumers.

WHAT HAPPENED TO THE COLONIAL PIPELINE?

Colonial Pipeline, the owner, halted all pipeline operations over the weekend, forcing what the company called a precautionary shutdown. U.S. officials said Monday that the “ransomware” malware used in the attack didn’t spread to the critical systems that control the pipeline’s operation. But the mere fact that it could have done so alarmed outside security experts.

WILL THERE BE GASOLINE SHORTAGES?

It depends on how long the shutdown lasts. Colonial said it’s likely to restore service on the majority of its pipeline by Friday.

There’s no imminent shortfall, and thus no need to panic buy gasoline, said Richard Joswick, head of global oil analytics at S&P Global Platts. If the pipeline is restored by Friday, there won’t be much of an issue. “If it does drag on for two weeks, it’s a problem,” Joswick added. “You’d wind up with price spikes and probably some service stations getting low on supply. And panic buying just makes it worse.”

SO WHAT’S HAPPENING WITH GASOLINE PRICES?

The average gasoline price jumped six cents to $2.96 over the past week, and it’s expected to continue climbing because of the pipeline closure, according to AAA. Mississippi, Tennessee and the East Coast from Georgia to Delaware are the most likely to experience limited fuel availability and higher prices, and if the national average rises by three more cents, these would be the highest prices since November 2014, according to AAA.

WHAT’S RANSOMWARE AGAIN?

Ransomware scrambles data that can only be decoded with a software key after the victim pays off the criminal perpetrators. An epidemic of ransomware attacks has gotten so bad that Biden administration officials recently deemed them a national security threat. Hospitals, schools, police departments and state and local governments are regularly hit. Ransomware attacks are difficult to stop in part because they’re usually launched by criminal syndicates that enjoy safe harbor abroad, mostly in former Soviet states.

WHO IS BEHIND THE ATTACK AND WHAT MOTIVATES THEM?

The hackers are Russian speakers from DarkSide, one of dozens of ransomware gangs that specialize in double extortion, in which the criminals steal an organization’s data before encrypting it. They then threaten to dump that data online if the victim doesn’t pay up, creating a second disincentive to trying to recover without paying.

Ransomware gangs say they are motivated only by profit. Colonial has not said how much ransom s.

WHY WASN’T COLONIAL ABLE TO PREVENT OR CONTAIN THE ATTACK?

Neither Colonial nor federal officials have explained how the attackers breached the company’s network and went undetected. Cybersecurity experts believe that Colonial may not have employed state-of-the-art defenses, in which software agents actively monitor networks for anomalies and are programmed to detect known threats such as DarkSide’s infiltration tools.

WHAT DOES COLONIAL NEED TO RESTORE ITS NETWORK AND HOW LONG WILL THAT TAKE?

That depends on how extensively Colonial was infected, whether it paid the ransom and, if it did, when it got the software decryption key. The decryption process could take several days at least, experts say. Colonial has not responded to questions on these issues, although it said only its IT network was affected.

DO PIPELINES FACE A GREATER RISK OF RANSOMWARE ATTACKS?

They’re not necessarily at greater risk, but they do pose unique challenges. The Colonial Pipeline structure is a vast piece of critical infrastructure that provides fuel supply to states along the East Coast. Such a large network is bound to have different control systems along its path where it connects with distributors or customers.

“Every single time you connect something, you run the risk that you’re going to infect something,” said Kevin Book, managing director at Clearview Energy Partners. That variability can also make it harder for hackers to know where to find vulnerabilities, he said.

Over time, as pipelines expand, companies can end up with a mix of technology — some parts built within the company and others brought in from outside, said Peter McNally, global sector lead at Third Bridge. Many large energy companies have been under pressure from investors to limit reinvestment in such assets, which can be decades old, he added. That can be a problem when dealing with modern criminals.

The Federal Energy Regulatory Commission has established and enforced mandatory cybersecurity standards for the bulk electric system, but there are no comparable standards for the nearly 3 million miles of natural gas, oil and hazardous liquid pipelines that traverse the United States. “Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors,” said Richard Glick, chairman of the Federal Energy Regulatory Commission, and Democratic Commissioner Allison Clements, in a joint statement. They called for the U.S. to establish mandatory pipeline security standards.

WHAT CAN BE DONE TO HALT RANSOMWARE ATTACKS?

Previous attempts to put ransomware operators out of business by attacking their online infrastructure have amounted to internet whack-a-mole. The U.S. Cyber Command, Microsoft and cross-Atlantic police efforts with European partners have only been able to put a temporary dent in the problem.

Last month, a public-private task force including Microsoft, Amazon the FBI and the Secret Service gave the White House an 81-page urgent action plan that said considerable progress could be possible in a year if a concerted effort is mounted with U.S. allies, who are also under withering attack.

Some experts advocate banning ransom payments. The FBI discourages payment, but the task force said a ban would be a mistake as long as many potential targets remain “woefully unprepared,” apt to go bankrupt if they can’t pay. Neuberger said Monday that sometimes companies have no real choice but to pay a ransom.

The task force said ransomware actors need to be named and shamed and the governments that harbor them punished. It calls for mandatory disclosure of ransom payments and the creation of a federal “response fund” to provide financial assistance to victims in hopes that, in many cases, it will prevent them from paying ransoms.


NEW YORK (AP) — By FRANK BAJAK AND CATHY BUSSEWITZ Associated Press

Bajak reported from Boston. AP Writer Matthew Daly contributed from Washington.

Continue Reading

Cybersecurity

FBI names pipeline cyberattackers as company promises return

Associated Press

Published

 on

pipeline cyberattackers

Hit by a cyberattack, the operator of a major U.S. fuel pipeline said Monday it hopes to have services mostly restored by the end of the week as the FBI and administration officials identified the culprits as a gang of criminal hackers.

U.S. officials sought to soothe concerns about price spikes or damage to the economy by stressing that the fuel supply had so far not experienced widespread disruptions, and the company said it was working toward “substantially restoring operational service” by the weekend.

The White House said in a statement late Monday that it was monitoring supply shortages in parts of the Southeast and that President Joe Biden had directed federal agencies to bring their resources to bear.

Colonial Pipeline, which delivers about 45% of the fuel consumed on the East Coast, halted operations last week after revealing a ransomware attack that it said had affected some of its systems.

Nonetheless, the attack underscored the vulnerabilities of the nation’s energy sector and other critical industries whose infrastructure is largely privately owned. Ransomware attacks are typically carried out by criminal hackers who scramble data, paralyzing victim networks, and demand large payments to decrypt it.

The Colonial attack was a potent reminder of the real-world implications of the burgeoning threat. Even as the Biden administration works to confront organized hacking campaigns sponsored by foreign governments, it must still contend with difficult-to-prevent attacks from cybercriminals.

“We need to invest to safeguard our critical infrastructure,” Biden said Monday. Energy Secretary Jennifer Granholm said the attack “tells you how utterly vulnerable we are” to cyberattacks on U.S. infrastructure.

The attack came as the administration, still grappling with its response to massive breaches by Russia of federal agencies and private corporations, works on an executive order aimed at bolstering cybersecurity defenses. The Justice Department, meanwhile, has formed a ransomware task force designed for situations just like Colonial Pipeline, and the Energy Department on April 20 announced a 100-day initiative focused on protecting energy infrastructure from cyber threats. Similar actions are planned for other critical industries, such as water and natural gas.

Despite that, the challenge facing the government and the private sector remains immense.

In this case, the FBI publicly assigned blame Monday by saying the criminal syndicate whose ransomware was used in the attack is named DarkSide. The group’s members are Russian speakers, and the syndicate’s malware is coded not to attack networks using Russian-language keyboards.

Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology, said at a briefing that the group has been on the FBI’s radar for months. She said its business model is to demand ransom payments from victims and then split the proceeds with the ransomware developers, relying on what she said was a “new and very troubling variant.”

She declined to say if Colonial Pipeline had paid any ransom, and the company has not given any indication of that one way or the other. Though the FBI has historically discouraged victims from making payments for fear of promoting additional attacks, she acknowledged “the very difficult” situation that victims face and said the administration needs to look “thoughtfully at this area” of how best to deter ransomware.

“Given the rise in ransomware, that is one area we’re definitely looking at now to say, ‘What should be the government’s approach to ransomware actors and to ransoms overall?'”

Speaking later in the day at a conference on national security, Neuberger said the administration was committed to leveraging the government’s massive buying power to ensure that software makers make their products less vulnerable to hackers.

“Security can’t be an afterthought,” Neuberger said. “We don’t buy a car and only then decide if we want to pay for seatbelts and airbags.”

The U.S. sanctioned the Kremlin last month for a hack of federal government agencies, known as the SolarWinds breach, that officials have linked to a Russian intelligence unit and characterized as an intelligence-gathering operation.

In this case, though, the hackers are not known to be working at the behest of any foreign government. The group posted a statement on its dark web site describing itself as apolitical. “Our goal is to make money, and not creating problems for society,” DarkSide said.

Asked Monday whether Russia was involved, Biden said, “”I’m going to be meeting with President (Vladimir) Putin, and so far there is no evidence based on, from our intelligence people, that Russia is involved, although there is evidence that the actors, ransomware, is in Russia.

“They have some responsibility to deal with this,” he added.

U.S. officials have sought to head off anxieties about the prospect of a lingering economic impact and disruption to the fuel supply, especially given Colonial Pipeline’s key role in transporting gasoline, jet fuel, diesel and other petroleum products between Texas and the East Coast.

Colonial is in the process of restarting portions of its network. It said Monday that it was evaluating the product inventory in storage tanks at its facilities. Administration officials stressed that Colonial proactively took some of its systems offline to prevent the ransomware from migrating from business computer systems to those that control and operate the pipeline.

In response to the attack, the administration loosened regulations for the transport of petroleum products on highways as part of an “all-hands-on-deck” effort to avoid disruptions in the fuel supply.

“The time of the outage is now approaching critical levels and if it continues to remain down we do expect an increase in East Coast gasoline and diesel prices,” said Debnil Chowdhury, IHS Markit Executive Director. The last time there was an outage of this magnitude was in 2016, he said, when gas prices rose 15 to 20 cents per gallon. The Northeast had significantly more local refining capacity at that time.

The pipeline utilizes both common and custom technology systems, which could complicate efforts to bring the entire network back online, according to analysts at Third Bridge.

Granholm, the Energy Secretary, said “Cyber attacks on our critical infrastructure — especially energy infrastructure — is not going away.”

“This is a serious example of what we’re seeing across the board in many places and it tells you that we need to invest in our systems, our transmission grid for electricity. We need to invest in cyber defense in these energy systems,” she told Bloomberg TV.

The attack has not affected the supply of gasoline, she said, “but if it goes on too long, of course that will change.”

Gasoline futures ticked higher Monday. Futures for crude and fuel, prices that traders pay for contracts for delivery in the future, typically begin to rise anyway each year as the driving season approaches. The price you pay at the pump tends to follow.

The average U.S. price of regular-grade gasoline has jumped 6 cents over the past two weeks, to $3.02 per gallon, which is $1.05 higher than a year ago. The year-ago numbers are skewed somewhat because the nation was going into lockdown due to the pandemic.

The attack on the Colonial Pipeline could exacerbate the upward pressure on prices if it is unresolved for a period of time.


WASHINGTON (AP) — By ERIC TUCKER, CATHY BUSSEWITZ and ALAN SUDERMAN Associated Press

Associated Press writers Frank Bajak in Boston and Matthew Daly in Washington contributed to this report.

Continue Reading

Cybersecurity

Ransomware gangs get more aggressive against law enforcement

Associated Press

Published

 on

Police Chief Will Cunningham came to work four years ago to find that his six-officer department was the victim of a crime.

Hackers had taken advantage of a weak password to break in and encrypt the files of the department in Roxana, a small town in Illinois near St. Louis, and were demanding $6,000 of bitcoin.

“I was shocked, I was surprised, frustrated,” Cunningham said.

Police departments big and small have been plagued for years by foreign hackers breaking into networks and causing varying level of mischief, from disabling email systems to more serious problems with 911 centers temporarily knocked offline. In some cases important case files have gone missing.

But things have taken a dark turn recently. Criminal hackers are increasingly using brazen methods to increase pressure on law enforcement agencies to pay ransoms, including leaking or threatening to leak highly sensitive and potentially life-threatening information.

The threat of ransomware has risen to a level that’s impossible to ignore, with hardly a day going by without news of a hospital, private business or government agency being victimized. On Saturday, the operator of a major pipeline system that transports fuel across the East Coast said it had been victimized by a ransomware attack and had halted all pipeline operations to deal with the threat.

The increasingly defiant attacks on law enforcement agencies underscore how little ransomware gangs fear repercussions.

In Washington, D.C., a Russian-speaking ransomware syndicate called Babuk hacked into the network of the city’s police department and threatened to leak the identities of confidential informants unless an unspecified ransom was paid.

A day after the initial threat was posted in late April, the gang tried to spur payment by leaking personal information of some police officers taken from background checks, including details of officers’ past drug use, finances and — in at least one incident — of past sexual abuse.

Similar threats were made recently against a small police force in Maine. The police department in Dade City, a small town in Florida, currently has many of its files posted on the dark web by the ransomware gang Avaddon after the city decided not to pay the $450,000 worth of bitcoin that was demanded. Leaked files show pictures of a dead body from a crime scene.

Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they’ve not seen such aggressive new tactics used before against police departments.

“It should be a wake-up call to government that it finally needs to take strong and decisive action,” said Brett Callow, a threat analyst at the security firm Emsisoft.

Making the ransomware attacks potentially more damaging, police are now able to collect and store more personal information than ever before through advances in surveillance equipment and technologies such as artificial intelligence and facial recognition software.

April Doss, the executive director of the Institute for Technology Law & Policy at Georgetown University Law School, said laws and regulations about how police collect, retain and secure that data are largely unsettled.

“Where that leaves us is with police departments getting to use a great deal of their own discretion in terms of what technologies they adopt and how they use them,” said Doss, who previously worked at the National Security Agency and recently wrote a book on cyberprivacy.

Homeland Security Secretary Alejandro Mayorkas has called ransomware a “threat to national security” and said the issue is a top priority of the White House. Congress is exploring giving state and local governments grant money to boost their response to ransomware.

Because ransomware is so lucrative for its perpetrators, who operate out of Western law enforcement’s reach in Russia and other safe havens, experts say the most important tools for battling it are elementary cybersecurity measures.

Statistics of how many police departments have been hit by ransomware attacks are hard to come by, as is information on whether departments ever pay a ransom. There’s no official count and not every incident is made public.

Callow, the threat analyst, said he’s counted at least 11 law enforcement agencies affected by ransomware since the beginning of 2020. Officers have been locked out of their computer systems and forced to resort to paper records. Prosecutors in Stuart, Florida, told local media last year they had to drop a case against suspected drug dealers after a local police department’s files were encrypted by a ransomware gang.

In the nation’s capital, the final outcome is uncertain. The Babuk gang’s threats to release more information have so far not come to pass and the files that were posted have been taken down.

The city’s lower income areas are struggling with increased violence. Longtime community activist Philip Pannell said police already have a hard time getting witnesses to come forward, and having hackers threaten to release information about confidential informants would make it even harder. If the names of confidential informants are released, Pannell said it would put them in real danger.

“Why would someone want to do something like that? They just want to foment chaos.” he said.

Gregg Pemberton, chairman of the D.C. Police Union, said officers are extremely concerned about such private information being in the hands of foreign hackers.

“The fact that data of such a sensitive nature was able to be accessed by hackers says a lot about the quality of service elected officials provide this city. What is ironic is that in an era where police officers are targeted by their leaders for alleged misfeasance, it’s really their leaders that are truly unable to perform to standards,” he said.

The department said in a statement it’s still trying to determine the size and scope of the breach and has urged officers to obtain a free copy of their credit reports. The FBI is assisting with the investigation.

Law enforcement agencies require thorough and intrusive background checks that gather a wealth of information about a person’s history and character. It’s perfect blackmail material for hackers, whether they are criminal gangs or foreign governments. Six years ago Chinese hackers stole millions of background check files of federal government employees from the Office of Personnel Management.

Randy Pargman, who worked for the FBI for 15 years, said police departments need to do some “soul searching” about how they currently protect sensitive data such as background check files. He said many departments don’t have the budget or staffing for sophisticated cybersecurity measures, but could still transfer sensitive files to external hard drives kept offline and used only when needed.

“Every police department needs to think about their threat model and that they will probably be a target at some point,” said Pargman, vice president of threat hunting and counterintelligence at the private firm Binary Defense.

Back in Roxana, the police chief said he didn’t have to pay the hackers because the files were backed up and the department bought new computer equipment for roughly the same amount as the ransom demand. Cunningham reported the hackers to the FBI, but as far as he’s heard they were never caught. The whole experience, Cunningham said, was a real eye-opener.

“It’s amazing how much opportunity is out there for these computer crimes,” he said.

Continue Reading

Trending