This page, Cybersecurity News and Events, is offered by

Cybersecurity News and Events

Keeping you up-to-date on all things cyber, information security and privacy.

Table of Contents

Internet outage hits East Coast causing issues for Verizon, Zoom, and remote learning

Reports of widespread outages and connectivity issues across the East Coast for several premier online services abounded Tuesday morning.

Users reportedly have had issues loading or navigating sites and apps critical to remote work and study, such as Gmail, Slack and Zoom. Downdetector, which tracks reports of outages, showed widespread issues with Verizon, Google, Zoom, YouTube, Slack, Amazon Web Services and others Tuesday just before noon.

Verizon’s Fios internet service has received widespread complaints of connectivity issues. The company’s customer support team said on Twitter Tuesday that a fiber had been cut in Brooklyn, which could possibly account for some of the issues. The support account on Twitter quickly became inundated with customers asking why their internet was slow and their connectivity intermittent.

Amazon Web Services’ status page showed its service, which provides computing power to large swaths of the Internet, was experiencing an issue with an “external provider”. On its status page, it said that it is “investigating connectivity issues with an internet provider, mainly affecting the East Coast of the United States, outside of the AWS Network.” Slack and Google said there were no issues with their own services.

The outage has disrupted school districts’ online teaching programs, bringing the virtual school day to a standstill.

The exact cause of the outages remains unclear.

Sources:

Big Internet outages hit the East Coast, causing issues for Verizon, Zoom, Slack, Gmail | The Washington Post

Intelligence analysts reportedly use U.S. smartphone location data without warrants

An unclassified memo obtained by the New York Times alleges that a military arm of the U.S. intelligence community buys commercially available databases containing location data from smartphones apps and searches it for American’s past movements and does so without a warrant.

Defense Intelligence Agency analysts have searched for the movements of Americans within a commercial database in five investigations over the past two and a half years, agency officials disclosed in a memo they wrote for Senator Ron Wyden, Democrat of Oregon.

Such data is typically drawn from smartphone apps such as weather, games and other apps that get user permission to access a phone’s GPS location. A robust commercial market exists for such data for advertising and other commercial purposes.

The disclosure sheds light on an emerging loophole in privacy law during the digital age: In a landmark 2018 ruling known as the Carpenter decision, the Supreme Court held that the Constitution requires the government to obtain a warrant to compel phone companies to turn over location data about their customers. But the government can instead buy similar data from a broker — and does not believe it needs a warrant to do so.

The Wall Street Journal revealed last year that U.S. government agencies were also buying access to that data from commercial brokers without a warrant, raising questions about whether those agencies were adequately safeguarding the privacy and civil liberties of Americans. In particular, it found, two agencies in the Department of Homeland Security — Immigration and Customs Enforcement, and Customs and Border Protection — have used the data in patrolling the border and investigating immigrants who were later arrested.

Sources:

Intelligence Analysts Use U.S. Smartphone Location Data Without Warrants, Memo Says | The New York Times

Military Intelligence Agency Says It Monitored U.S. Cellphone Movements Without Warrant | The Wall Street Journal

President orders sweeping assessment of SolarWinds hack

Senator Mark Warner, Democrat of Virginia, who will become the chairman of the Senate Intelligence Committee, said President Biden was ordering a broad new intelligence assessment on Russia, and, in particular, a better understanding of the SolarWinds hacking.

Evidence amassed thus far suggests the perpetrators used their covert access chiefly to conduct espionage – an act all nations, the United States included, engage in. This would therefore limit the administration’s options for retaliation.

“SolarWinds is one of the most sophisticated and deep hacks we’ve faced, and the president needs the best information he can get to not only lead the remediation of the penetration, but to understand how to prevent it in the future, and what actions might deter Russia going forward,” Mr. Warner said.

President Biden’s order for the investigation of the SolarWinds hack – named for the Texas software company whose widely used IT monitoring and management tools were one way the hackers gained access – comes as intelligence officials have concluded that more than a thousand Russian software engineers were most likely involved in it, according to people involved in the investigation. This suggests the intrusion was a far larger, and stealthier, operation than first known. The intruders were active for a full nine months before cybersecurity firm FireEye and Microsoft Corporation alerted the government.

Sources:

Biden Orders Sweeping Assessment of Russian Hacking, Even While Renewing Nuclear Treaty | The New York Times

Can exercise equipment be a security risk?

White House personnel and cyber experts are weighing in on the potential security risks of President Biden’s Peloton exercise bike.

The Peloton, an indoor stationary exercise bike, integrates with a proprietary social media network allowing users to livestream their workouts or take on-demand classes with online instructors. The equipment’s online and social media features, which utilize built-in cameras and microphones to allow users to see and hear one another if they choose, are the potential areas of concern.

Consensus amongst security experts seems to point toward the President keeping the Peloton as part of his workout routine – though the bike itself may bear little resemblance to the off-the-assembly-line version after the Secret Service and the National Security Agency are finished with it. (There have been news reports that Michelle Obama has a modified Peloton, but her spokeswoman would not confirm them.)

Mr. Biden would not be the first occupant of the White House whose technological preferences clashed with the cybersecurity needs of being president. President Trump continued to prefer private calls to friends on his personal iPhone, while President Obama insisted on continued use of his BlackBerry. Security experts eventually found ways to accommodate both men’s preferences.

“Presidential security is always about balancing presidential needs and desires and the relative security risk of any single thing,” said Garrett Graff, the director of the cybersecurity initiative at the Aspen Institute, a research organization. “The threat is real, but it is presumably a manageable risk given enough thought and preparation.”

Sources:

Biden Peloton Raises Security Risks | The New York Times

CISA releases new community cybersecurity resources

The Cybersecurity and Infrastructure Security Agency (CISA) has released two new personal/community cybersecurity and cyber-hygiene resources.

The Personal Security Considerations Fact Sheet encourages critical infrastructure owners and their personnel to remain vigilant and report suspicious behavior that individuals may exhibit in order to thwart an attack. It also contains several easily implementable security measures that can mitigate threats to personal safety.

The Houses of Worship Security Self-Assessment Tool provides the faith-based community with an easy to use assessment tool that produces a formatted report with resources which can be used to identify and address your facility’s security concerns.

Visit CISA’s page on Hometown Security for additional tools and resources to support community security and resilience.

Malwarebytes becomes fourth major security firm targeted by SolarWinds hackers

The creator of a popular anti-virus software, Malwarebytes, said on Tuesday that some of its emails were breached by the same hackers who used the software company SolarWinds to hack into a series of U.S. government agencies. This makes Malwarebytes the fourth major security firm, after Microsoft, FireEye, and CrowdStrike, to be targeted by this same group.

Malwarebytes said the intrusion is unrelated to the SolarWinds supply chain incident since the company doesn't use any of SolarWinds software in its internal network but rather that hackers breached its internal systems by exploiting a dormant email protection product within its Office 365 and Microsoft Azure environments. The company confirmed the hackers were able to gain access to a “limited subset of internal company emails” but found no evidence of unauthorized access or compromise of its production environments.

Mandiant, a cybersecurity research firm, recently released a report alleging the perpetrators behind the SolarWinds supply chain attack leveraged four separate techniques to bypass identity and access management protections and laterally move from victims’ on-premise networks to their cloud-based Microsoft 365 accounts.

Sources:

Malwarebytes says some of its emails were breached by SolarWinds hackers | Reuters

Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 | FireEye Inc

Growing "Big Tech" fears leads to boom in adoption of encrypted messaging

Millions of new users are making the jump to encrypted messaging apps in the wake of last week’s Capitol Hill riots. Growing anxiety surrounding the world’s largest tech companies and their control over user’s personal data has led to tens of millions of downloads of Signal and Telegram, two WhatsApp-competitors. Both are chat apps that offer end-to-end encryption outside of Big Tech’s grasp. Encrypted messaging apps can offer more security, privacy and features than plain text messaging—but their encryption methods and data collection vary.

Signal, which utilizes end-to-end encryption, estimates that it has gained over forty million new users in under a week. Telegram, which offers some encrypted messaging options but is largely popular for its group-based chat rooms, has also gained new users numbering in the tens of millions.

The rise of Telegram and Signal is sure to reignite the debate over encryption, which helps protect the privacy of people’s digital communications but can stymie the authorities in criminal investigations because conversations are hidden.

FBI investigation of SolarWinds hack widens to include project-management software from JetBrains

The FBI is investigating whether the hackers behind a series of intrusions at U.S. federal agencies and companies also broke into project-management software created by the company JetBrains to breach its customers. JetBrains, a privately held Czech-based company whose chief executive, Maxim Shafirov, is a Russian national, produces software called TeamCity that is used by tens of thousands of customers to construct other software.

Reporting suggests that US officials are looking at a scenario where Russian hackers breached JetBrains and then launched attacks on its customers, one of which was SolarWinds.

The company responded Thursday with a published statement denying reports from both the New York Times and the Wall Street Journal claiming that JetBrains is under investigation for possibly being involved in the SolarWinds hack that impacted thousands of companies across the globe. Safirov confirmed from St. Petersburg, Russia, where JetBrains has offices, that SolarWinds is amongst JetBrains’ many customers.

SolarWinds revealed last month that someone with access to its system for developing network-management software had inserted back doors into two updates of its flagship Orion products. Dozens of SolarWinds customers, including at least a half-dozen U.S. agencies, were then exploited by the same hackers. U.S. intelligence agencies said Tuesday that Russia was likely behind the damaging spree, though Russian officials denied it.

“We are not aware of any investigation nor have we been contacted by any agencies,” a JetBrains spokesman said. “We are not aware of any vulnerabilities in the product or breaches that would allow for this, nor that any of our customers were affected.”

Vulnerabilities in TeamCity have been publicly reported and rated “critical” in the past, as is true with most big software.

Sources:

FBI probe of major hack includes project-management software from JetBrains: sources | Reuters

Widely Used Software Company May Be Entry Point for Huge U.S. Hacking | The New York Times (nytimes.com)

SolarWinds Hack Breached Justice Department System | WSJ

SolarWinds hires former cyber security chief Chris Krebs to help navigate post-hack fallout

SolarWinds, the embattled network software firm, has hired former US government cyber security chief Chris Krebs to assist the company in navigating the fallout of what is quickly proving to be one of the most intrusive cyber attacks in our nation’s history. Krebs will spearhead the company’s crisis response efforts alongside his new business partner Alex Stamos, a Stanford University professor and Facebook’s former security chief.

Investigations on the full scale and scope of the campaign continue, but some experts have reported that it may stretch back years and remain ongoing. US intelligence officials confirmed this week that they had identified “fewer than 10” federal agencies that had been compromised, including the Commerce, Energy, and Justice departments. The electronic filing system used by the federal courts was also compromised, the US judiciary said on Thursday.

Speaking to the Financial Times, Krebs said there was “zero question” amongst the intelligence community that the SVR, Russia’s foreign intelligence service, was responsible for the attack.

Krebs, who has extensive experience in risk management and national and infrastructure security, oversaw the Cybersecurity & Infrastructure Security Agency until his ousting in November for challenging claims that the US presidential election had been widely compromised by fraud and foreign interference.

Sources:

Hacking victim SolarWinds hires ex-Homeland Security official Krebs as consultant | Reuters

Sealed U.S. Court Records Exposed in SolarWinds Breach | Krebs on Security

DHS confirms state-sponsored cyberattack on public sector IT-service providers

SolarWinds, a major provider of network management systems (NMS), is said to be the victim of a highly sophisticated, state-sponsored cyberattack. The attackers, believed to be operating under the auspices of the Russian Federation’s Foreign Intelligence Service, were able to successfully deploy a malware-infected update to the company’s Orion Network Performance Monitor.

SolarWinds ubiquity in the field of NMS may turn out to be problematic - the company has more than 300,000 customers worldwide, including more than 400 of the US Fortune 500 companies and is utilized across five branches of the US military and the Departments of Defense, State and Justice, as well as the Office of the President. Intrusions have already been detected at the US Treasury Department as well the US Department of Commerce's National Telecommunications and Information Administration (NTIA). Though not officially confirmed, major US publications have cited sources claiming that multiple other government agencies have been impacted in the attack.

Late Sunday night, following confirmation of the successful attack on the Commerce Department, the cybersecurity arm of the Department of Homeland Security issued an Emergency Directive calling on "all federal civilian agencies to review their networks for indicators of compromise and disconnect or power down SolarWinds Orion products immediately."

Sources speaking with the Washington Post linked the intrusion to APT29, a codename used by the cyber-security industry to describe hackers associated with the Russian Foreign Intelligence Service (SVR).

Sources:

Active Exploitation of SolarWinds Software | CISA

ALERT: Commonwealth Employees Targeted by Phishing Campaign

Colleagues,

As many of you are aware, the Commonwealth has recently been the target of an aggressive phishing and smishing campaign. The malicious actors are using free e-mail services, such as g-mail, to create fake e-mail accounts designed to impersonate Commonwealth Leadership and are using social engineering tactics to elicit a sense of urgency. In addition to e-mail, the scammers have started using text messages as another way to phish our community. This technique, often referred to as smishing or SMS phishing, is a text-message based variation of traditional phishing scams, and a growing cyber threat. This particular campaign does not contain any links or malicious documents, but rather requests that the user purchase a gift card on behalf of the executive.

The EOTSS Messaging and Security Teams are aware of the situation and are working to block incoming messages. However, we ask that you remain vigilant. If you receive an e-mail or a text message requesting you to purchase a gift card, to pay by gift card, or to wire money – for any reason – that’s a sure sign of scam. Any correspondence, whether e-mail or SMS-based, imploring (or even threatening) the need for an immediate response, should be treated with healthy skepticism.

Remember to pay attention to key warning signs:

  • False sense of urgency
  • External e-mail address as either the sender or the reply-to address
  • Misspellings and Typos
  • Consider the purpose; is this someone you’d typically correspond with?
  • Be wary of suspicious attachments and links
Sample Gift Card Phishing Email
Text Phishing Sample

As always, suspicious messages or phishing e-mails can be reported to the EOTSS End User Service Desk or your local Agency IT Support via the contact information below.

Online

EOTSS End User Service Desk
Log in to ServiceNow 

MassGov@service-now.com
 

Phone

EOTSS End User Service Desk (844) 435-7629
24x7x365 support for Commonwealth end users

CommonHelp IT Service Desk (866) 888-2808
for agency/Secretariat IT help desks and support personnel


We appreciate your continued cooperation. Please do not hesitate to reach out with any questions or concerns.

 

Sincerely,

John Merto
Commonwealth Chief Information Security Officer
Executive Office of Technology Services and Security

Ransomware Activity Targeting the Healthcare and Public Health Sector (CISA Alert AA20-302A)

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. 

CISA, FBI, and HHS have released AA20-302A Ransomware Activity Targeting the Healthcare and Public Health Sector that details both the threat and practices that healthcare organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats. The advisory references the joint CISA MS-ISAC Ransomware Guide that provides a ransomware response checklist that can serve as a ransomware-specific addendum to organization cyber incident response plans. 

It is suspected that the attacks are being launched by Eastern European hackers that targeted U.S. hospitals, media reported Wednesday. Experts said the likely group behind the attacks was known as Wizard Spider or UNC 1878. They warned that such attacks can disrupt hospital operations and lead to loss of life. Federal authorities said the recent attacks include incidents in Oregon, California, and New York.  

CISA, FBI, and HHS are sharing this information in order to provide a warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats. CISA encourages users and administrators to review CISA’s Ransomware webpage for additional information. 

Additional Resources

October is National Cybersecurity Awareness Month

October is National Cybersecurity Month (NCSAM), a time for us to focus on how cybersecurity affects all Americans and to remind us of our shared responsibility. NCSAM is a collaborative effort between the U.S. Department of Homeland Security (DHS) and its public and private partners, including the National Cyber Security Alliance, to raise awareness about the importance of cybersecurity and individual cyber hygiene. 

Now in it's 17th year, Cybersecurity Awareness Month has grown exponentially, reaching consumers across the nation.

For more information on Commonwealth sponsored events throughout the month, please visit the MassCyberCenter webpage.

Additional Resources

Tyler Technologies Ransomware

Tyler Technologies, the nation’s largest provider of software and technology services for the public sector, has reportedly been the victim of a ransomware attack. Notably, the company is responsible for the development of software used to display state and local election results. 

Though initially hesitant to discuss the exact nature of the disruption, Tyler Technologies released the following public statement Wednesday afternoon:  

“Based on the evidence available to-date, all indications are that the impact of this incident is limited to our internal corporate network and phone systems, and that there has been no impact on software we host for our clients. Our hosted environment is separate and segregated from our internal corporate environment.” 

The company, based out of Plano, Texas, employs some 5,300 employees and brought in a reported annual revenue of more than $1 billion for fiscal year 2019. It sells a broad range of services to state and local governments, including appraisal and tax software, integrated software for courts and justice agencies, enterprise financial software systems, public safety software, records/document management software solutions and transportation software solutions for schools. 

By Tuesday, Tyler Technologies’ normal landing page was replaced with notice saying the site was offline. At the time of the original change, the message contained no further details regarding the breach. Tyler’s Chief Information Officer Matt Bieri provided a statement to popular security blog KrebsOnSecurity only after markets that day closed, stating 

“Upon discovery and out of an abundance of caution, we shut down points of access to external systems and immediately began investigating and remediating the problem. We have since engaged outside IT security and forensics experts to conduct a detailed review and help us securely restore affected equipment. We are implementing enhanced monitoring systems, and we have notified law enforcement.” 

Tyler Technologies has thus far declined to state how the intrusion might be affecting its customers. Several IT staffers affiliated with state and local governments throughout the nation have reported interruptions of various natures, with one anonymously stating that the outage has disrupted the ability of people to pay their water bills or court payments. 

Depending on how long it takes for Tyler Technologies to recover from this incident, it could have a broad impact on the ability of many states and localities to process payments for services or provide various government resources online. 

Additional Resources

Bipartisan Digital Identity Legislation introduced in Congress

A draft bipartisan bill designed to modernize the country’s lagging digital identity infrastructure has been introduced in Congress.

The Improving Digital Identity Act of 2020 would help to bolster secure methods of validating identities in government agencies' digital infrastructure. In its current form, the bill would utilize a three-pronged approach:

  • It would establish a task force to bring together key federal agencies with state and local government representatives to develop secure methods for government agencies to validate identity attributes to protect the privacy and security of individuals and support reliable, interoperable digital identity verification tools in the public and private sectors.
  • It would direct the National Institute of Standards and Technology (NIST) to create a new framework of standards to guide government agencies when providing digital identity verification services – placing an emphasis on privacy and security.
  • It would establish a grant program within the Department of Homeland Security to allow states to upgrade the systems they use to issue drivers’ licenses and other types of identity credentials, and to support the development of secure, interoperable state systems that enable digital identity verification in accordance with the framework developed by NIST. 

Additional Resources

Bill to improve the federal government's use of IoT devices reaches House floor

After languishing in Congressional limbo for nearly a year and a half, the IoT (Internet of Things) Cybersecurity Improvement Act (H.R. 1668) will finally reach the House floor.

The bill would task NIST (the National Institute of Standards and Technology) with the development of standards for agencies’ use of IoT devices and their handling of vulnerabilities in those devices.

The Internet of Things describes the network of physical objects—"things"—that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet.

NIST is one of the nation's oldest physical science laboratories, tasked with promoting "promote innovation and industrial competitiveness".

Additional Resources

Third annual CISA National Cybersecurity Summit begins on Wednesday

Third Annual National Cybersecurity Summit event banner

Subject matter and discussion dates for the Third Annual National Cybersecurity Summit have been announced.

The event, in its third year, brings together infrastructure stakeholders from around the world and provides a forum for meaningful conversations and collaboration on cybersecurity.

The 2020 Cybersummit will be held virtually as a series of webinars every Wednesday for four weeks beginning September 16 and ending October 7. Each series will have a different theme that focuses on CISA’s mission to “Defend Today, Secure Tomorrow,” with presentations from targeted leaders across government, academia, and industry.

This year’s themes are:

  • Sept 16: Key Cyber Insights
  • Sept 23: Leading the Digital Transformation
  • Sept 30: Diversity in Cybersecurity
  • Oct 7: Defending our Democracy

The event is facilitated by the Cybersecurity and Infrastructure Security Agency (CISA), a federal agency within the US government with its operational component under Department of Homeland Security (DHS) oversight.

Additional Resources

Spyware Labeled ‘TikTok Pro’ Exploits Fears of US Ban

Researchers have discovered a new Android spyware campaign pushing a “Pro” version of the TikTok app that is exploiting fears that the popular social media app is on the cusp of being banned in the United States. The malware can take over basic device functions as well as uses a phishing tactic to steal victims’ Facebook credentials.

Malicious actors urge users via SMS and WhatsApp messages to download the spyware version of the application, called TikTok Pro, from a specific web address, said Zscaler CISO and VP of security Shivang Desai in a report published Tuesday.

Desai warned Android users not to trust unknown links received in SMS or other messages and to only install apps from official stores like Google Play.

Additional Resources

How a Teenager Hacked One of the Largest Social Media Platforms in America

After months of digital reconnaissance, 17-year-old Florida resident Graham Ivan Clark managed to convince a Twitter employee he was co-worker. Prosecutors say this ultimately allowed him to hack the accounts of numerous high profile people including former President Barrack Obama and Tesla CEO Elon Musk.

Despite what you may have recently seen on your Twitter feed recently, dozens of notable, high-profile Americans including former President Barrack Obama, Tesla CEO Elon Musk, and Amazon CEO Jeff Bezos are not in fact, giving away tens of thousands of dollars in cryptocurrency to random Americans.

The tweets were allegedly sent by 17-year-old Florida native Graham Ivan Clark. After months of digital reconnaissance, the high school aged hacker was able to convince an employee of Twitter, one of the world's largest social media platforms, that he was a co-worker who worked in the company's IT department.

He was charged with compromising more than 100 social media accounts and scamming both the Twitter account holders, and the approximately 400 people from whom Mr. Clark allegedly received money in a scam. Two others were also charged—Mason Sheppard, of Bognor Regis, U.K., and Nima Fazeli, 22, of Orlando, Fla.—in connection with the hack. 

Additional Resources

Cyber Actor Spoofing COVID-19 Loan Relief Webpage

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recently warned that a ‘malicious cyber actor’ is targeting the Small Business Administration (SBA) webpage used to generate loans to businesses during the COVID-19 pandemic.

“The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious re-directs and credential stealing.”

CISA reminds users to remain vigilant and exercise caution when opening email attachments, even if the attachment is expected and the sender appears to be known.

Twitter Says It Was The Victim Of A 'Coordinated Social Engineering Attack'

Barack Obama, Joe Biden, Elon Musk, Apple and others appear to be part of a widespread hacking operation affecting several major companies and highly-visible individuals. Impacted users appeared to be offering to double any bitcoin set to them. 

Twitter acted quickly by locking down accounts, compromised or not. 

twitter

As Twitter investigates what appears to be the largest and most coordinated hack in Twitter's history, the company has vowed to examine what "other malicious activity" the hackers may have committed. The company admits that internal tools were compromised and likely used in the attack, which may explain how malicious actors gained access to the accounts that presumably have enhanced security protections.

"We all feel terrible this happened", said Jack Dorsey, Twitter CEO. "We're diagnosing and will share everything we can when we have a more complete understanding of exactly what happened."

Hacking attacks on hospitals for patient data increase during coronavirus pandemic

During "normal" times, hospitals are often targeted with 80% of medical practices reporting that they have been victims of cyberattacks, according to a national survey. The situation has only gotten worse during the COVID-19 pandemic. Between March and April, IBM saw a 6,000% increase in spam attacks on information technology systems, leveraging COVID-19, many of them at health care facilities, outlines Wendi Whitmore, a cybersecurity expert and vice president of IBM X-Force, a commercial security research team. She goes on to describe the situation as a continuous “cat and mouse” game between criminals and institutions. 

Electronic health records are often the target, and according to the FBI, can “be used to file fraudulent insurance claims, obtain prescription medication, and advance identity theft.” Health record theft also is more difficult to detect, taking almost twice as long to recognize as normal identity theft, the report found.

Colin Zick, a partner and co-chair of the privacy and data security practice at Foley Hoag, has some practice advice for patients. Zick requests his medical file periodically to be sure he has access to his own records if they were ever permanently lost. And he said if he saw a provider acting carelessly with his data – such as not using two-factor authentication – he would offer them some free advice.

Apple’s next iPhone update adds new privacy protections — and you won’t be able to miss them

The next version of iOS for iPhones will give new visual notifications when apps are accessing the device’s microphone, camera, clipboard, or other sensitive data. 

The moves this year are in character for Apple, which has prioritized privacy engineering on a product level and privacy more generally as a key selling point for its products.

DDoS Activity Targeting State of Minnesota Resources

A cyberattack temporarily disabled certain Minnesota systems and websites last week. The cyberattack comes amid protests over the police killing of George Floyd last week.

MNIT issued the following statement regarding these cyber-attacks:

“Keeping our communications systems secure during times of crisis is critical to protecting the Minnesotans that we serve, and we work to meet the challenging and evolving threat to those systems every day. At this time, these attacks have not successfully disrupted the state services that Minnesotans depend upon, and MNIT is working in close coordination with partners at the Department of Public Safety and with the federal government to share intelligence and stay proactive on cyber threats."

Nationwide Unemployment Scam Targets Massachusetts Claimants

Criminal enterprises in possession of stolen personal information from earlier national data breaches have been attempting to file large amounts of illegitimate unemployment claims through the Massachusetts Department of Unemployment Assistance (DUA) system. This is part of a national unemployment fraud scheme.

The Department of Unemployment Assistance (DUA) has begun implementing additional identity verification measures that will temporarily delay the payment timeframe for many unemployment claims in Massachusetts.

For more information, please visit https://www.mass.gov/info-details/report-unemployment-benefits-fraud.

Be aware of a recent increase in scam blackmail emails

Reports of Bitcoin blackmail scams have taken a big jump in the last few weeks. The emails say they hacked into your computer and recorded you visiting inappropriate websites. They threaten to tell others, unless you pay into their Bitcoin account. To complicate matters, they claim to know one of your password - and they include it in the message to prove it. 

These e-mails are fake and are a scam. You are likely receiving one because your account and password were involved in a recent data breach. You should take precautions to update the password associated with that account, and others as well. 

Students create a bot that tells you when a grocery delivery slot opens up

Having a hard time getting a time slot for grocery delivery? A computer science student at Georgetown University created a simple computer program that automatically notifies you when an Amazon Fresh or Whole Foods delivery slot opens up, letting you place your order. But, he's not the only one. Another developer had their website shut down after getting a cease-and-desist order from Instacart for claiming the site could automatically hunt for delivery slots.

Face ID doesn’t work when you’re wearing a mask—Apple’s about to address that

This week, Apple released the third beta of iOS 13.5, the next major feature release for its mobile operating system. Among other things, the release introduces new Face ID behavior when users are wearing protective masks.

U.S. senators to introduce privacy bill for COVID-19 contact tracing

A group of U.S. senators said they would introduce legislation to address consumer privacy concerns surrounding technology companies’ building contact tracing apps to fight the coronavirus outbreak.

The bill would allow technology companies to develop “platforms that could trace the virus and help flatten the curve and stop the spread – and maintaining privacy protections for U.S. citizens.”

Apple says 'no evidence' iPhone mail flaw used against customers

The default Mail app on Apple's iPhones may be vulnerable to sophisticated email hacks, according to a report Wednesday from The Wall Street Journal. 

The vulnerability, which was detected by cybersecurity firm ZecOps, reportedly lets hackers install malicious software on an iPhone by sending a specially crafted email, the Journal reported. 

Apple acknowledged the vulnerability existed in its software for email on iPhones and iPads and said the company had developed a fix that will be introduced in a forthcoming update. The company also indicated it has found “no evidence” a flaw in its email app has been used against customers, and that it believes the flaw does “not pose an immediate risk to our users”.

Google moves to open up its Healthcare API to making it easier to share health info

As of Monday, health care providers can build new systems using the new Google Healthcare API to translate and convert data stored in different types of systems, from imaging systems to medical records software. It also said it will offer a range of other services to help health care organizations during the Covid-19 pandemic. 

500,000 Hacked Zoom Accounts Given Away For Free On The Dark Web

More bad news for Zoom...

The cyber firm, Cyble, recently uncovered hackers selling Zoom credentials on the Dark Web, often even giving them away for free!

The good news? This wasn't a hack on Zoom but rather a case of users repurposing passwords. This is a great reminder to use a unique password for each account. Sites such as have i been pwned can also be helpful in seeing if your accounts have been involved in a data breach. 

Is 5G Cell Phone Technology Linked to the Cause of Coronavirus?

FEMA has started a webpage to discuss this and other COVID-19 rumors. Do your part to the stop the spread of disinformation by doing three easy things:

  1. Don’t believe the rumors.
  2. Don’t pass them along.
  3. Go to trusted sources of information to get the facts about the federal (COVID-19) response.

Apple and Google Team Up to ‘Contact Trace’ the Coronavirus

The technology giants said they would embed a feature in iPhones and Android devices to enable people to track the virus. With the tool, infected people would notify a public health app that they have the coronavirus, which would then alert phones that had recently come into proximity with that infected person’s device.

Be Alert: Phone scammers are taking advantage of the coronavirus pandemic

The FCC has received reports of scam and hoax text message campaigns and scam robocalls offering free home testing kits, promoting bogus cures, selling health insurance, and preying on virus-related fears. Coronavirus scam audio samples can be found on the FCC website. If you think you've been a victim of a coronavirus scam, contact law enforcement immediately.

A Must For Millions, Zoom Has A Dark Side — And An FBI Warning

Teams, WebEx, GoToMeeting, Zoom....If you are working from home, collaboration tools are a must. As we all adapt to a new normal, so are cyber criminals. In the midst of a world-wide pandemic, a new technique entitled "zoom-bombing" has been getting national attention (NPR). 

Instagram Draws Surge in Offers of Coronavirus Masks With Potential Risks

As more medical experts recommend wearing masks in public, it's no surprise that social media sites are struggling to keep up with ads and users claiming to sell medical masks. Social Media Researchers found at least 10,450 accounts on Instagram that have popped up in the past few months selling masks, some of which appear to be scams and most of which aren’t vetted for safety or price concerns. Always remember to validate companies before making a purchase. If it seems too good to be true, it likely is. Note: A subscription is required to read the complete WSJ article. However, the complete report is available for free

Scammers are creating Netflix lookalikes to target people staying at home, study finds

While it is not surprising that the pandemic has resulted in Netflix’s subscriber growth, the brand has been used as part of various web-based fraud schemes. The cybersecurity firm, Check Point recently reported an increase in fake steaming services spinning up. The complete article can be found on USAToday

Coronavirus surveillance poses long-term privacy threat, U.N. expert warns

From facial recognition to phone tracking, governments are turning to technology to trace Covid-19 infections and keep tabs on the population as they enforce lockdowns and quarantines. China, South Korea and Israel are among the countries rolling out such technologies and experts say the effects could long outlast the current crisis. 

Contact

Address

McCormack Building
1 Ashburton Place, 8th Floor
Boston, MA 02108
Feedback