Resources

With the emergency approval of COVID-19 vaccines, many are (rightfully) starting to see the proverbial light at the end of the tunnel. Although GroupSense is hopeful 2021 will bring health, prosperity, and recovery from the global public health crisis, we are also cognizant of numerous cyber security threats that may derail the mass-vaccination process. Below are five of the many threats GroupSense expects to see as the world moves forward with COVID-19 vaccination efforts.

You were hit with ransomware. You panic. You search “ransomware response” or “ransomware repair” and among the top results is a link that reads “Recover Encrypted Files - Guaranteed.” Sounds like you found the solution! None of us wants to pay the ransomware operators. If there is a legitimate solution that avoids sending tens of thousands (if not millions) of dollars via cryptocurrency to threat actors overseas, it’s worth paying for.

Background

The cyber security industry is reeling from another large scale, targeted attack. What was initially reported as a breach of FireEye red team tools on December 8th has now been exposed as a much wider, potentially catastrophic breach affecting the SolarWinds Orion software. SolarWinds stated a threat actor inserted malware,  SUNBURST or Solorigate, into a service providing trojanized software updates for its Orion platform, used by public and private companies to track IT resources. To date (December 16th, 2020), as many as 18,000 organizations have been affected by SUNBURST, announced SolarWinds. On December 14, Reuters and the Washington Post reported the U.S. Department of Homeland Security (DHS), the State Department, and the National Institutes of Health (NIH) were also compromised as a result of the infected Orion distribution.

The world’s most popular messaging and social media apps are rolling out new privacy features allowing users to send content that will self-delete after a short time. On November 5, WhatsApp announced “disappearing messages” that are automatically erased after a week; on November 12, WhatsApp’s parent company Facebook introduced “vanish mode” for Messenger and Instagram, seamlessly deleting messages after users leave their chat. And on November 17, Twitter launched “Fleets,” messages with 24-hour lifespans.

Republished from October 2019

Last week I was asked by one of the 24-hour news networks to comment on camera about Jared Kushner’s use of WhatsApp for official White House business. The news network wanted my thoughts on the vulnerabilities and risks associated with this behavior. My first thought was that this was outside the core focus of what we do at GroupSense, but before I declined I gathered my thoughts on the topic. I quickly realized that this falls squarely in line with the GroupSense mission. Since the networks only want sound bites, I thought I would crystalize the concerns with greater context here. It is my intention to make this post apolitical, but in today’s climate, people are likely to trigger on the particular individual, so replace “Mr. Kushner” with “WH Staffer with critical national intelligence information”, and the risks remain.

Twitter is a fun and easy way to engage with pop culture and maybe even spark a spirited discussion. Many of us on twitter can retweet/share without thinking or researching what tweets truly say, causing them to spread quickly to a larger audience. But, the sad fact is, some tweets might end up being misinformation or disinformation, especially politically-oriented tweets.

In August 2020, Microsoft posted an article focused on email authentication utilizing their Azure Active Directory (AD) authentication and the use of Multi-Factor Authentication (MFA).

The dark web has been around for 20 years, and in “celebration” we’ve put together a timeline of the major events from these past two decades. It’s important to note that many events have formed it into the dark web we see today. This is only a taste of its history…

Using biometrics for authentication has always been a source of controversy. At face value, it seems like a fool-proof way to authenticate users (everyone has unique fingerprints, right?). But dig a level deeper, and biometric access management systems store that fingerprint (or iris, or facial map, or walking gait) as data. And, we all know what happens to data if it’s not protected properly. Which brings us to the big problem with biometrics: while passwords can be changed if there’s a data breach, fingerprints and other biometric data are permanent. One breach of a biometrics database is all it takes for someone to lose their identity for a lifetime.