Tech Friday with Dave Hatter - July 24th 2020 - SPONSORED BY INTRUST IT


  • Twitter hack illustrates potential social media impact on the election
    • Twitter was hit with a devastating hack last Wednesday that compromised 130 high profile accounts, 45 of which had Tweets sent by attackers
    • Accounts hit in the attack include presumptive Democrat presidential nominee Joe Biden, former President Obama, Kim Kardashian, Bill Gates, and Elon Musk. Musk has nearly 37 million followers
    • The hack used these highly influential accounts to launch a cryptocurrency scam
    • For example, Senator Biden's account offered to double the amount of Bitcoin sent to a specific address
    • The Senator was "giving back to the community" through cryptocurrency the bogus tweet said.
    • Similar tweets were sent from the accounts of former President Barack Obama and other compromised accounts
    • In addition to the bogus tweets, Twitter announced that hackers also stole data from eight of the compromised accounts
    • Politicians have long used technology, including social media, to broadcast messages to the public
    • This unfortunately illustrates that the Twitter accounts of some of America's most high-profile politicians aren't secure
    • Election security has been a top concern since Russian trolls used social media posts to disrupt the 2016 US presidential election
    • The hackers were not able to gain control of President Trump's account, which has 83 million followers, and apparently has an extra layer of protection after a Twitter worker briefly deactivated it in 2017
    • This hack demonstrates that social media users should be more wary about what the see on social media
    • Joan Donovan, research director at the Shorenstein Center on Media, Politics and Public Policy at Harvard University, said Wednesday's hack should shake everyone's faith in messages that come out of Twitter
    • CEO Jack Dorsey said: "Last week was a really tough week for all of us at Twitter, and we feel terrible about the security incident that negatively affected the people we serve and their trust in us"
    • Dorsey also said the security breakdown occurred “both in our protections against social engineering of our employees and restrictions on our internal tools”
    • Out of the 36 accounts whose direct messages were accessed, only one user, possibly Dutch politician Geert Wilders, had private messages breached
    • 8 accounts had an archive of “Your Twitter Data” downloaded
    • The New York Times said the hack was led by young people who wanted to sell coveted Twitter accounts like @6, for big sums of money. These are known as OG account
    • Social media platforms could be used as a medium to ramp up international conflict or spread disinformation at a time of crisis
    • "I don't understand how anybody could believe anything coming out of Twitter at this point" Donovan said
    • Twitter said that its internal systems were compromised by the hackers who used internal tools to access the high profile accounts
    • Twitter said "We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools"
    • It appears that numerous employees were compromised and their accounts were used to access the tools that let the hackers send the tweets
    • The hack is now being investigated by the FBI and New York state regulators. Additionally, Congress has sent questions to Twitter demanding more information about the attack
    • Read the Twitter blog post here:https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html
  • Scammers are cashing in on the huge spike in online shopping
    • The COVID-19 lockdown closed stores and pushed people online for shopping and business. Scammers took note
    • "The global outbreak of coronavirus has seen all our lives turn upside down. With the lockdown being introduced, so many more people are now online shopping, including those who have never done so before. It is, therefore, unsurprising that there has been an increase in fraud being committed," said Pauline Smith, head of Action Fraud, the UK's national reporting center for fraud and cybercrime
    • FBI Deputy Assistant Director Tonya Ugoretz speaking in an online panel hosted by the Aspen Institute recently said the number of Internet crime related reports has quadrupled compared to months before the pandemic
    • "The FBI has an Internet Crime Complaint Center, the IC3, which is our main ingest point. Sadly the IC3 has been incredibly busy over the past few months," Ugoretz said
    • Ugoretz said "Whereas they might typically receive 1,000 complaints a day through their internet portal, they're now receiving something like 3,000 - 4,000 complaints a day not all of those are COVID-related, but a good number of those are.
    • "They really run the gamut. Everything from setting up fraudulent internet domains [...], we've seen people set up fraudulent COVID charities, promise delivery of masks and other equipment, and then deliver fraudulent loans, extortion, etc.. So pretty much, sadly, anything you can think of. Cyber-criminals are quite creative" Ugoretz said
    • For example, a malware based threat reported by MalwareHunterTeam is an app that purports to be a "map of infections" showing real-time coronavirus infections. In actuality, it exfiltrates sensitive information and can create a backdoor for remote access
    • And the FTC recently warned about these types scams on their website: "They’re setting up websites to sell bogus products, and using fake emails, texts, and social media posts as a ruse to take your money and get your personal information."
    • Several Coronavirus phishing scams have been launched including one in which malicious links and PDFs that claim to contain information on how to protect yourself are being sent
    • The email claims to be from a virologist and says "Go through the attached document on safety measures regarding the spreading of corona virus," and "This little measure can save you."
    • And the FDA is issuing warning letters to firms for selling fraudulent products with claims to prevent, treat, mitigate, diagnose or cure Coronavirus disease 2019 (COVID-19)
    • COVID-19-related phishing has been on the rise since January according to security firm Barracuda Networks
    • Researchers have observed a massive 667% spike in these attacks since the end of February
    • These COVID-19 phishing emails could deliver malware, steal credentials, and scam users out of money, etc.
    • The FBI and Secret Service have recently issued an alert about these types of attacks
    • Barracuda said "The attacks use common phishing tactics that are seen regularly; however, a growing number of campaigns are using the coronavirus as a lure to try to trick distracted users to capitalize on the fear and uncertainty of their intended victims"
    • Barracuda researchers have seen 3 main types of COVID-19 phishing themes: scamming, brand impersonation, and business email compromise (BEC)
    • One of the most disturbing phishing campaigns sends email that purports to be from a local hospital. It tells the recipient they have been exposed to the virus and need to be tested
    • It claims one of your colleagues, friends, or family members has tested positive for the virus. You are urged to print the attached “EmergencyContact.xlsm” file to take to a testing center
    • The Excel file has embedded macros which requires that the victim "Enable Content". Doing so enables the infectio
    • The malicious code, analyzed by BleepingComputer experts, is an information stealer. It attempts to steal cryptocurrency wallets and web browser cookies as well as capturing a list of running applications, open network shares and local IP addresses
    • According to Action Fraud, £16 million has been lost to online shopping fraudsters and scams since the UK started the lockdown
  • What you should do:
    • Be extremely skeptical and cautious of any emails, texts, or social media postings about Coronavirus
    • Rely only on reputable sources such as:
    • Shop at well known, reputable sites
    • Look for https:// in the URL of any ecommerce site
    • Use a credit card if possible and check statements regularly
    • If a deal seems too good to be true, it most likely is
    • If buying from an individual, don't send money upfront
    • Report fraud to the FBI's Internet Crime Complaint Center:https://www.ic3.gov
  • Can deleted data be retrieved from your hard drive?
    • An increasing number of devices can store data and need to be properly cleared at the end of their useful life, this is known as "sanitization" 
    • When you delete a file from a hard drive, it's not actually gone, the space that it occupied is marked as available
    • With enough effort and technical skill, it’s typically possible to recover deleted data unless it has been properly sanitized
    • The type of storage, magnetic disk vs solid state disk, as well as encryption can increase the difficulty to retrieving deleted data
    • Generally speaking, it is easier to retrieve deleted data from a SSD disk vs a magnetic disk because of the way they work
    • Additionally, the more times that the data is overwritten, the more difficult it is to recover
    • Two MIT Graduate students did a study in 2002 where they scavenging through 158 used disk drives
    • They found more than 5,000 credit card numbers, detailed personal and corporate financial records, numerous medical records, gigabytes of personal email and pornograph
    • A recent study by the University of Hertfordshire had similar findings
    • 200 used hard drives were purchased (half in the USA, half in the UK) and searched for data that could be recovered
    • 59% of used hard disks were not sanitized:
      • 26% had been formatted
      • 17% contained "deleted" data
      • 16% percent had no attempt made to wipe the data
    • Only 26% of the drives had been properly wiped and contained no recoverable data. The others were inaccessible
    • Devices that need to be sanitized include computers, tablets, smartphones, printers, IoT devices and others 
    • Erasing is not enough. Deleting files and formatting a drive will NOT actually destroy the data
    • Cryptoshredding can be used to encrypt a device and destroy the keys so that it's extremely difficult if not impossible to decrypt
    • Depending on the sensitivity of the data you need to sanitize, you may need to destroy the device
    • Some recycling companies will wipe data and give you a certificate that it’s been safely erased
    • Learn more about sanitation here: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pd
    • Learn about e-cycling digital equipment here: https://www.intrust-it.com/recycling-computers-in-cincinnati/