Despite years of efforts to eliminate the scourge of ransomware attacking schools, hospitals and critical infrastructure around the world, experts warn that the crisis is only heating up and criminal gangs are becoming increasingly aggressive in their tactics. The threat of real-world violence now looms, some experts warn, as stolen data becomes increasingly sensitive and millions in potential profits are at stake. “We know where your CEO lives,” reads a message allegedly received by one victim. Attacks targeting the medical sector are increasing in response to the $44 million payment made by Change Healthcare in March.
US lawmakers and intelligence officials are circling their wagons following the revelation of Israel’s involvement in a malign influence campaign targeting American voters – an attempt by the US ally in the Middle East to artificially boost support. to an increasingly unpopular war that was started by Hamas’s unprecedented decision. October 7 attack. The sock puppet operation, which was launched by an Israeli contractor on X, Facebook and Instagram and used OpenAI’s ChatGPT software, posed as mostly Black Americans and targeted “Black and Democratic” lawmakers. Weeklong efforts by WIRED to get answers from U.S. officials who may have been notified about the operation before a vote on enhancing military aid to Israel were ignored. Surprisingly, the National Security Council denied having heard of it.
Frank McCourt, real estate mogul and former owner of the Los Angeles Dodgers, explained why he is leading an effort to buy TikTok, which the United States is set to ban unless its current owner, ByteDance, decides to sell the platform to an American company. —a decision that will undoubtedly require the consent of the Chinese government. McCourt sees the Internet as endangered by closed platforms like Facebook and X and is embracing the growing interest in decentralized networks. Decentralized platforms like Mastodon have been popular among a subset of users for many years, allowing people to own their own social networks and moderate them according to their own rules. These private networks can freely connect with other people using the same software, but they can also cut connections with communities that adopt harmful content. (Think of these user-controlled networks as “islands” with diplomatic ties between them.) McCourt says buying and decentralizing TikTok could be the first step in lifting the Internet out of the isolated morass it finds itself in today thanks to Meta and its competitors.
But that is not all. Each week, we round up security news that we ourselves don’t cover in depth. Click on the headlines to read the full stories and stay safe.
An explosive Reuters investigation has uncovered a malign influence campaign launched by the US military at the height of the 2020 Covid-19 pandemic. The campaign used sock puppet accounts on X, Facebook and Instagram and focused on convincing citizens of the Philippines that vaccines produced by China were dangerous and (taking advantage of the religious beliefs of Muslims) were full of pig parts. Infectious disease experts expressed dismay at the Pentagon’s actions. According to Reuters, the Biden White House ordered an end to the campaign shortly after the president’s inauguration, although the Pentagon was apparently slow to implement the commander in chief’s orders. The private contractor responsible for producing Pentagon disinformation was recently awarded a US government contract worth $493 million.
ProPublica recounts how, in 2016, a prominent cybersecurity specialist raised the alarm about a cloud-based vulnerability at Microsoft, a major US government contractor. The weakness threatened to expose national security secrets, among other sensitive data. The specialist “pleaded” with the company to address the issue, but the tech giant dismissed his concerns as it worked to land a multimillion-dollar government contract in the cloud computing space. Frustrated, the specialist left the company and, months later, as expected, Russian hackers carried out SolarWinds, one of the largest cyberattacks in the history of the United States. The report questions the testimony of Microsoft President Brad Smith, who assured Congress in 2016 that there was no way hackers could have exploited his company’s software.
Three black men jailed in the US for crimes they did not commit, after being falsely identified by police facial recognition software, are speaking out against legislation pending in California that lawmakers say would protect citizens from such egregious mistakes. The men say the bill, which passed with unanimous support in the state Assembly last month and is now under scrutiny in its upper house, would have done nothing to prevent them from being falsely arrested. One of the men said, “In my case, as in others, the police did exactly what AB 1814 would require them to do,” adding, “Once the facial recognition software told them I was the suspect, it poisoned the investigation. “This technology is racially biased and unreliable and should be banned.”
While much of the scrutiny facing the data broker industry concerns its power to monitor people’s movements and attendance at sensitive locations like abortion clinics and mental health facilities, there is another issue at play: large Some of the data it trades is “inaccurate garbage,” The Record reports. A chief privacy officer at Acxiom, a major third-party data broker, acknowledged as much in an interview last month, saying that the “inferences” the company drew from him are, at best, “educated guesses.” Experts are increasingly concerned about the downstream effects, with some highlighting how insurance companies are increasingly relying on data brokers to report how much customers should pay. Another expert tells The Record that data brokers may be incentivized not to examine data too closely, noting that clients don’t worry too much if a fraction of them lead them to false assumptions.
