A report released this month has revealed that top-secret government documents were leaked as a result of December 2020’s Solarwinds security breach. The report showed that the suspected Russian cybercriminals used access from the Solarwinds hack, along with a further weakness in Microsoft Office 365, to gain access to critical documents. These included information on the USA’s Covid-19 pandemic response plans, US counter-intelligence operations, and US policies on sanctions for Russian nationals. The Solarwinds attack was the first of many recent high-profile hacks which have caused President Biden to prioritise cybersecurity.
A US text message routing company has revealed a hack dating back to 2016. Syniverse, a telecoms business that routes text messages for major US mobile phone networks, announced that it “became aware of unauthorised access to its operational and information technology systems by an unknown individual or organisation.” After notifying authorities and running an investigation, the Syniverse team discovered that the initial hack probably took place in May 2016. Billions of text messages per year are routed through Syniverse. A company review revealed that more than 200 clients and possibly millions of mobile phone users could have been affected to some degree.
Facebook suffered significant downtime on Monday 4th October, taking around six hours to become available again. Its sister services Messenger, WhatsApp and Instagram also suffered complete outages, with billions of users around the globe unable to access the messaging platforms. Users first noticed that they could not access Facebook at around 5 pm UTC. It soon became apparent that “backbone routing settings” were the cause of the downtime, and Facebook engineers pinpointed an issue with Domain Name System (DNS) and Border Gateway Patrol (BGP) in particular. It was revealed that Facebook updates caused problems with BGP settings, and consequently, Facebook’s servers were unreachable until fixed.
A report published on 13th September has revealed how a cybersecurity researcher accidentally broke Apple Shortcuts for millions of users. In March 2021, Frans Rosén, a bug bounty hunter from Detectify, began investigating the Apple CloudKit framework for issues. Millions noticed his discovery. Among other things, Rosén triggered a flaw in the framework that caused all Apple Shortcuts sharing links to break, temporarily disabling Shortcuts for millions of users worldwide. Rosén reported the issue to Apple immediately, who got straight to work on a fix. No customer data was affected in the find, and Apple rewarded Rosén with a bounty for his troubles.
The United States has reaffirmed its intent to fight cybercrime. In fact, one general has revealed that ransomware in particular is now a concern of national security. General Paul Nakasone of the US Cyber Command revealed in an interview that specialists across the government are now looking to fight ransomware as a number one priority. Several high-profile attacks have caused concern to the US government in recent times, including the Kaseya and Colonial Pipeline attacks, and General Nakasone admitted that ransomware has grown from a criminal activity to become a threat to national security. He plans to expose the identity of hackers, as well as impose financial penalties, among other measures.
In an effort to avoid memorising all of their passwords, many users turn to centralised solutions such as password management software. However, there is one vital issue with centralised access or password managers: All of your passwords are all hidden behind a single door, either a master password, a token or a biometric. This creates a single point of failure scenario where one login opens all your systems or reveals your treasure trove of passwords to you… and to the criminal who has your master password, token or biometric.
If this happens, then the criminal has access to all of your passwords to do with as they wish – nowadays this usually ends in credentials being used or sold for use in costly ransomware attacks. While it is convenient to login only once, this critical weakness of centralised access is the reason ransomware can happen in the first place. Which means if you remove centralised access, you remove the threat of ransomware. On the contrary, decentralised access solutions removes that hugely risky single point of failure, combine layers of protection with automated password management. This means that even if one password is stolen, the rest are protected.
