This
one was relatively simple. The next ones won’t be.
A
coronavirus-tracking app locked users' phones and demanded $100
You
can always count on hackers to exploit a terrible situation to try to
make a buck.
A
new Android app that promises to deliver up-to-date figures on the
coronavirus pandemic includes a strain of malicious software that
locks
up a user’s phone and demands an extortion fee.
The ransomware app, called CovidLock, threatens to erase everything
on an infected phone if victims don’t pay $100 in bitcoin within 48
hours, according
to the security firm DomainTools..
(Related)
Password
found to rescue victims of malicious COVID-19 tracker app
Members
of the IT and cybersecurity communities have successfully obtained a
password key for victims of CovidLock
Android ransomware,
which comes disguised as an app that supposedly helps track cases of
the coronavirus, but actually locks users’ phones and demands a
ransom in order to restore access.
The
unlock token has been verified as 4865083501.
A
“proof of concept” exercise. Imagine many, many targets as an
opening salvo in a cyber war…
Why
the Norsk Hydro attack is a 'blueprint' for disruptive hacking
operations
It’s
been a year since malicious code tore through the computer network of
Norwegian aluminum giant Norsk Hydro, forcing the company to shift
some of its operations to manual mode and inflicting tens of millions
of dollars in damage.
The
ransomware
attack brought
a global manufacturing powerhouse to its knees, and with it more
questions than answers about the hackers’ motivations. Attackers
targeted a company with good security practices, yet used
code that would have made it difficult to collect their extortion
fee. Norsk Hydro never paid,
a spokesman said.
Now,
an investigation published
Monday
argues that the
LockerGoga ransomware variant could have been designed to disrupt
rather than to extort — to lock up the enterprise and throw away
the key.
Regardless
of who was behind the Norsk Hydro attack, it provides a “worryingly
effective blueprint” for state-backed hackers to hide behind
malware associated with criminals to achieve their goals, says Joe
Slowik, adversary hunter at industrial cybersecurity company Dragos.
Security
because “we gotta do something?”
TSA
Admits Liquid Ban Is Security Theater
Passengers will now be allowed to travel with containers of liquid hand sanitizer up to 12 ounces. However, the agency cautioned that the shift could mean slightly longer waits at checkpoint because the containers may have to be screened separately when going through security.
Won't
airplanes blow up as a result? Of course not.
Would
they have blown up last week were the restrictions lifted back then?
Of course not.
It's
always been security theater.
Interesting
context:
The TSA can declare this rule change because the limit was always arbitrary, just one of the countless rituals of security theater to which air passengers are subjected every day. Flights are no more dangerous today, with the hand sanitizer, than yesterday, and if the TSA allowed you to bring 12 ounces of shampoo on a flight tomorrow, flights would be no more dangerous then. The limit was bullshit. The ease with which the TSA can toss it aside makes that clear.
All over America, the coronavirus is revealing, or at least reminding us, just how much of contemporary American life is bullshit, with power structures built on punishment and fear as opposed to our best interest. Whenever the government or a corporation benevolently withdraws some punitive threat because of the coronavirus, it's a signal that there was never any good reason for that threat to exist in the first place.
How
Asia does it.
Asia
Business Law Journal has
published a regional comparison of data privacy laws that includes
India, the Philippines, Taiwan, and Thailand. You can read it here.
First
summary I’ve seen. Clearly the rules are not set in stone.
Coronavirus
and Data Protection: Europe’s Data Protection Authorities’ Views
Data
protection authorities from around the world are stepping in to
provide their input and guidance on the matter of data processing
activities and the fight against the coronavirus. Hogan Lovells’
global Privacy and Cybersecurity team has compiled the guidance from
various European authorities, which is available here.
The
different emphasis among the data protection authorities’ views –
which can be categorized as restrictive, neutral or permissible –
suggests that the right approach must lie in finding a balanced
middle ground which does not ignore the application of essential
privacy principles. This is also in line with the statement
published by the European Data Protection Board (EDPB) on March 16
highlighting that data protection rules (such as GDPR) do not hinder
measures taken in the fight against the coronavirus pandemic.
(Related)
Not suspended, just waved.
From the U.S. Department of Health & Human
Services:
The Novel Coronavirus Disease (COVID-19) outbreak imposes additional challenges on health care providers. Often questions arise about the ability of entities covered by the HIPAA regulations to share information, including with friends and family, public health officials, and emergency personnel. As summarized in more detail below, the HIPAA Privacy Rule allows patient information to be shared to assist in nationwide public health emergencies, and to assist patients in receiving the care they need. In addition, while the HIPAA Privacy Rule is not suspended during a public health or other emergency, the Secretary of HHS may waive certain provisions of the Privacy Rule under the Project Bioshield Act of 2004 (PL 108-276) and section 1135(b)(7) of the Social Security Act.
Read
the full notice below.
Compare
and contrast.
‘A
Once-in-a-Century Pathogen’: The 1918 Pandemic & This One
A
little over one hundred years ago, a novel virus emerged from an
unknown animal reservoir and seeded itself silently in settlements
around the world. Then, in the closing months of World War I, as if
from nowhere, the infection exploded in multiple countries and
continents at more or less the same time. From Boston to Cape Town,
and London to Mumbai, the “Spanish flu,” so-called because the
first widely reported outbreak occurred in Madrid in May 1918, swept
like wildfire through cities and communities both large and small.
By
the time the virus had burned itself out, in the spring of 1919, a
third of the world’s population had been infected and at
least 50 million people were dead.
Worthwhile
just as a list of useful tools.
New
to remote work? These tools will make your transition to working from
home easier
As
the coronavirus outbreak continues (even appearing in newsrooms),
organizations are asking employees to work from home when they can.
For
some, this may mean discovering gaps in your toolstacks. With that
in mind, we’ve compiled a list of tools that might help you address
different needs your team may have in staying connected and effective
at work.
Late
moving into AI?
The
Great TP Shortage
I think I have
an explanation for the toilet paper shortage. Since TP has no role
in preventing or minimizing the Corona virus, it must be due to other
sources of supply being cut off. I estimate that 60 to 80 percent of
the population was stealing toilet paper from their employers. Since
they can’t get to their work supply, they have to actually buy it
in stores! (Oh, the horror)
No comments:
Post a Comment