Tech Friday With Dave Hatter

  • Stingrays are being used to spy in Washington, DC:
    • Stingray is a brand name for a device known an International Mobile Subscriber Identity locator, or “IMSI catcher” 
    • It allows the user to electronically search a large area for a particular cell phone's signal
    • Your mobile phone sends signals to nearby cell phone towers every 7 to 15 seconds whether you are on a call or not
    • Both federal and local authorities use these devices to intercept communications from smartphones and other devices equipped with 3G or LTE modems
    • This process can capture the signal (and data) of thousands of innocent people
    • A Stingray pretends to be a cell phone tower that tricks your phone into connecting to it
    • Once connected, the government can determine who and where you are calling, the precise location of each connected device and in some instances, the content of a conversation
    • According to the Electronic Frontier Foundation (EFF), "when police use a Stingray, it’s not just the suspects’ phone information the device sucks up, but all the innocent people around such suspect as well. Some devices have a range of “several kilometers,” meaning potentially thousands of people could have their privacy violated despite not being suspected of any crime."
    • Recently leaked documents have shown that a Stingray is more of a platform than a single device and it's abilities depend on how it's configured
    • Using one component known as Gemini, law enforcement can watch for specific subscribers, automatically connect once in range and then alert a surveillance team
    • Stingrays have been justified as anti-terror tools, but there’s not a single case of a Stingray being used to stop a terror attack
    • Court cases and leaks have opened the cloak of secrecy that the FBI and the Harris Corporation have fought to keep in place
    • These devices are often used in cases that have nothing to do with terrorism or national security. They have been deployed thousands of times across the country without a warrant
    • It has been revealed that in one particular case the FBI asked local police to lie rather than admit to using Stingrays
    • The Department of Homeland Security (DHS) reported evidence that foreign actors are using Stingrays in the DC area
    • In a letter to US Sen. Ron Wyden, DHS official Christopher Krebs said they "observed anomalous activity in the National Capital Region (NCR) that appears to be consistent with International Mobile Subscriber Identity (IMSI) catchers."
    • Krebs also said "the malicious use of IMSI catchers is a real and growing risk"
    • This is the first reported use of Stingrays for this purpose
    • Get more detailed information here: https://theintercept.com/2016/09/12/long-secret-stingray-manuals-detail-how-police-can-spy-on-phones/
  • Cyber-crooks find a new way to share malware and scams
    • A new cybercrime-as-a-service (CaaS) tool allows cybercriminals to launch large-scale malware campaigns
    • BlackTDS allows individuals with little to no technical skill to use the service to launch spam and malvertising campaigns
    • Security researchers at Proofpoint said "The low cost, ease of access, and relatively anonymity of BlackTDS reduce the barriers to entry to web-based malware distribution"
    • BlackTDS services have been advertised on the Dark Web since December 2017
    • They claim that BlackTDS offers drive-by attacks, social engineering and the capability to  distribute malware directly, or to redirect victims to infected landing pages. They also claim to prevent detection by cybersecurity researchers and sandbox tools
    • Malicious code can be delivered through fake software updates purporting to be Java, Flash, etc.
    • Well known hacking group TA505 used BlackTDS to conduct a massive spam campaign that sends victims to a website claiming to sell discount pharmaceuticals. Researchers called that "an unusual departure for the group generally focused on high-volume malware campaigns"
  • A cyberattack disrupted Baltimore emergency systems:
    • Baltimore's Mayor Catherine Pugh's office reported that emergency dispatchers faced 17 hours of disruption following a cyberattack
    • Over a weekend in March 2018, a cyberattack temporarily shutdown of Baltimore's automated dispatch system
    • The attack on the city's Computer Aided Dispatch (CAD) system began on Saturday morning at 8.30 am
    • CAD is used to automatically route calls to the closest emergency responders
    • The attack forced dispatchers to "transition to manual mode" in order to keep operating
    • "This effectively means that instead of details of incoming callers seeking emergency support being relayed to dispatchers electronically, they were relayed by call center support staff manually," said Frank Johnson, chief information officer in the Mayor's Office of Information Technology
    • The system was restored by 2 am on Sunday morning
    • Little information about the attackers, the type or attack or what was compromised has been released thus far
    • An investigation is underway with FBI assistance
    • This is not a first. Last year, emergency sirens across Dallas were activated by a hack
    • These types of are a serious threat to public safety 
Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view. Read more

title

Content Goes Here