This Week In Security - 06/15/2020
CitizenLab Exposes Hackers-for-Hire Group
An Indian hackers-for-hire group targeted everyone from climate change activists to “gambling tycoons in the Bahamas”, according to the digital rights research group, CitizenLab.
The group, dubbed Dark Basin, “targeted thousands of individuals and hundreds of institutions”, including “advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries”.
CitizenLab researchers linked Dark Basin to the India-based tech company, BellTroX whose director, “Sumit Gupta, was indicted in California in 2015 for his role in a similar hack-for-hire scheme”.
Many of the hacks focussed on environmental advocacy groups involved in the #ExxonKnew campaign, leading some to suspect that Exxon may have funded the attacks.
The multinational resources company has denied any “knowledge or involvement in the hacking activities outlined” while alleging “that the Citizen Lab receives financial support from ‘anti-fossil fuel groups”.
Gupta also denied hacking, saying he was merely helping his clients “with the technical support”, despite CitizenLab researchers identifying “several BellTroX employees” after “their online conduct overlapped with the hacking of activity of Dark Basin”.
According to CitizenLab, this kind of “commercialized hacking threatens civil society”, giving those wielding the power the ability to target those that lack “sophisticated cybersecurity resources”.
UK Government Announces £10m Cybersecurity Boost
In response to increasing cyber threats and attacks, the UK government has launched a £10-million Digital Security by Design fund.
The first nine projects to benefit from the fund were announced last week. They include research teams from several UK universities, including Birmingham, Glasgow, and Southampton.
Science minister, Amanda Solloway, said, “Today’s funding will allow some of the country’s most innovative businesses and academics to work together on digital solutions to tackle these threats”.
While the University of Southampton’s team will focus on speeding up and reducing “errors and security vulnerabilities in software design”, researchers in Glasgow “will use the money to leverage its state-of-the-art microprocessors, with the aim to ensure vital systems that could be used in cars, medical robots or nuclear power plants remain digitally secure”.
With this year’s Cyber Security Breaches Survey revealing that nearly half of all UK-based businesses and 26% of charities have experienced “cybersecurity breaches or attacks” over the past 12 months, the need for innovative cybersecurity solutions is obvious.
It is hoped the project will “build cutting-edge, secure technologies” that will “weaken the threat of cyber attackers”, according to Oliver Dowden, the Secretary of State for Digital, Culture, Media, and Sport.
Researchers Reveal Online Voting Vulnerabilities
While Trump rails against mail-in voting security, academics expose the real risks of online voting.
Researchers from the University of Michigan and the Massachusetts Institute of Technology (MIT), Michael Specter, and J. Alex Halderman discovered flaws in the Omniballot system’s electronic ballot return, blank ballot delivery, and its online ballot marking processes.
The researchers said the flaws meant “attackers could change election outcomes without detection”. Furthermore, even there was no attack, “officials would have no way to prove that the results were accurate”.
Of the three risks identified, the one affecting the online ballot return process is the most severe as it offers “no way for voters to verify that their votes have been delivered unaltered”.
According to the paper’s authors, Omniballot’s “simplistic approach to Internet voting” makes it “vulnerable to vote manipulation by malware on the voter’s device and by insiders or other attackers”.
Although the researchers believe some of the risks could be mitigated, the issues with the online ballot return represent “a severe danger to election integrity and voter privacy”.
As there is currently “no available technology [that] can adequately mitigate these risks”, the researchers concluded by urging “jurisdictions not to deploy OmniBallot’s online voting features”.
Russian DJ Arrested for Alleged $1m Cyber Fraud
DJ Denis Kaznacheev was arrested in Berlin last week after the US government accused him of “money laundering and dark web activities”.
US law enforcement agencies allege that Kaznacheev was a “member of the Russian cyber mafia” and used the Darknet to launder “more than $1 million with his accomplices between 2010 and 2020”.
The Russian news agency, TASS, was told that, when interrogated, Denis Kaznacheev denied knowing any of the other supposed accomplices, saying he had “nothing to do with the crimes he is accused of”.
The DJ and music producer, who performs under the stage name Guttersnipe, is currently being held in Berlin’s Moabit prison and has declared his innocence on Facebook. Supporters petitioning for his release believe “his identity was stolen and used for criminal activities”.
According to them, the US extradition request is unfounded as “there’s no proof that is guilty of any of the charges”.
The US Department of Justice “declined to comment” on Kaznacheev’s arrest, despite it occurring under “the order issued by a court of one of Maryland’s 24 districts on December 9, 2019”.
Kaznacheev’s supporters are raising money to cover his legal costs and sending in letters “to keep his spirits up”.