U.S. government employees slammed for backing forbidden videocam purchases, and more.
Welcome to Cyber Security Today. It’s Friday, January 26th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
 |
 |
 |
U.S. government technology employees misled a contracting officer with what an investigation called “egregiously flawed” information so 150 Chinese-made video conference cameras could be purchased two years ago. That’s the finding of the Office of the Inspector General in a report released this week sparked by a whistleblower. The employees worked for the General Services Administration, which purchases products and office space for federal employees. The cameras, which have security vulnerabilities, didn’t comply with government rules forbidding the purchase of equipment from China. The employees didn’t tell the contracting officer that compliant cameras from other sources were available. In fact, the GSA CIO agreed with the staff recommendation, even admitting the cameras ran afoul of the spirit of a Presidential executive order forbidding the purchase of Chinese equipment. But, the CIO said, based on what he was told by his staff there were no available comparable products. That wasn’t true. The staff told investigators that employees at the department wanting the gear preferred the non-compliant cameras.
The Inspector General recommends the cameras either be disposed of or returned and that appropriate action be taken against the digital infrastructure staff behind the misleading camera information. The head of the GSA thinks the security vulnerabilities in the remaining cameras in use can be mitigated.
There were a record 3,200 data breaches last year in the U.S. That’s according to the Identity Theft Resource Centre. By comparison there were 1,800 in the year before. Of those 3,200 incidents, the vast majority came from cyber attacks. But there were also 729 system and human errors that exposed data, 242 third-party supply chain attacks, and 53 physical data thefts. Data on 352 million American residents was stolen last year. Thirty-seven million came from a data breach at wireless carrier T-Mobile, and 35 million were from telecom provider Xfinity.
The Akira ransomware gang says it will soon start posting 33GB of data it says was stolen earlier this month from the Toronto Zoo. The zoo says personal information of current, former and retired employees dating back to 1989 was copied. The data included Social Insurance numbers, birthdates, telephone numbers and home addresses. The Zoo’s IT system is separate from the city’s.
A Chinese-aligned threat group has been delivering a backdoor by hijacking update requests from legitimate Chinese software undetected for years. That’s the finding of researchers at ESET. The targets were Chinese and Japanese companies as well as individuals in China, Japan and the U.K. who use applications from Tencent, WSOffice and others. Researchers can’t explain exactly how the software companies’ update mechanisms were compromised. But the report is a reminder to software firms to patch all internet connected devices to prevent them from being compromised, train staff to recognize suspicious email attachments and to regularly monitor their application update servers for compromise.
Finally, a Russian national has been sentenced by a U.S. judge to five years and four months in prison for his role in developing and deploying the Trickbot malware. Vladimir Dunaev [DOON-EV] had been extradited to the U.S. from South Korea in 2021. He pleaded guilty to several charges last November. One of his co-conspirators was sentenced to two years and eight months.
That’s it for now. But later today my Week in Review podcast will be available. Terry Cutler of Cyology Labs will discuss recommendations by the Network Resilience Coalition, a hack at Microsoft and more.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.
