Friday, August 17, 2018

Reports about hijacking of Instagram accounts and associated emails by Russians are surfacing; blockchain is proposed as a solution



I have received an inquiry for an interview with an Internet security expert who reports a problem with Instagram accounts being hijacked. When targets try to recover accounts with secured email, they find their email contacts have also been replaced with a Russian email address.

The account content are often replaced by Disney and Pixar character sets.

The contact point is proposing the use of blockchain to make social media accounts more secure.  But then blockchain could become a much more important apparatus than 2-step verification 

I suggested that the press agent have the company provide me with more details (like a URL) before I try to do a phone interview.
  
I will note a couple of anomalies.  I haven’t used Instagram much.  But when I set it up a few years ago I found that there was already a dummy unused account there.  This sounds dangerous.  What if someone stole your identity and used a social media service you hadn’t joined (say Snapchat) for criminal purposes?  This could be a way for a foreign enemy to wreak havoc, by targeting random Americans to be frames by prosecutors.  So the email I got points indirectly to another potential future hazard that so far is little known, although there were occasional mentions of it (in conjunction with ransomware) as far back as 2013.

Monday, August 06, 2018

Wall Street Journal reports administration scurrying now over cyber threats to power grids, which could involve home or small business users as honeypots



In early July, I happened to log on to my Dominion Power account to try to pay a bill, and got a bizarre error from the website.  The next day it worked, but maybe that’s a preview to the substance of this Wall Street Journal article by Rebecca Smith, “U.S.Steps Up Grid Defense: To fight cyberattacks on critical utilities, officials push for stronger penalties,” Online, the article is quite high profile (though with a subscription paywall) and illustrated.

The main threat seems to be that foreign hackers (Russia, China, Iran, North Korea, possibly radical Islam) get access through suppliers or small utilities, who then trade software across “air gaps” with thumb drives.  Despite the air gap from the public Internet, the security environment for major electric utilities and for grid companies (for the three major grids) is very complicated and could be breached. Small utilities and suppliers don’t have the advanced security to protect themselves from state hackers.


Another threat seems to be corporate and even home routers, which seem to be a set of “mouseholes” for malware to hide. 

The article suggests that malware (like Dragon Fly or Energetic Bear) could be hiding in utility control systems called SCADA (which, to be emphasized, aren’t directly accessible from your computer or phone). There are reports that this malware has lived on some utilities' systems since 2012. 

The article suggests that Spear-phishing, watering hole attacks on trade websites, or airgap crossing are the main methods.

The article even goes so far to as to suggest that the government is concerned about mass internal migrations should a protracted regional power failure occur (the August 2003 failure in the northeast lasted about a day).

Do ordinary users at home add to the risk?  Possibly, through home routers (which should be turned off and back on occasionally so the security updates take hold, although large cable companies probably do this anyway).  Another possibility that got mentioned shortly after 9/11 and forgotten was steganography, where instructions for terror attacks or malware are placed on innocuous amateur sites. Another possibility would be to place criminal malware like child pornography on sites to try to fame ordinary civilians, as an intimidation tactic from foreign enemies.  So far the closest that has happened has been occasional defacing of a few websites (like random restaurants) or Sony.  (There had been scattered reports (as far back of 2013) of ransomware that threatened to load c.p. on a user's computer (at one time possession would have been a strict liability offense)).  A few politically-oriented sites (in the eyes of the beholder) may have been targeted. Recently (in May and June) a major Wordpress blog (which admittedly had used an old insecure template theme) set up to advise asylum seekers was hacked, but finally secured properly and is back up. (Fortunately it had good backups  -- and backup technology would be worth another big blog post.) 

Ted Koppel (video above) wrote a book called “Lights Out” about all of this (reviewed on Books, Nov. 15, 2015).

This article doesn’t even consider EMP and solar storms, which I’ve discussed elsewhere.
  
As someone who dealt with the draft a half century ago, foreign enemies pose novel moral dilemmas for how individuals can be expected to behave.