Tech Friday with Dave Hatter - February 19th 2021 - SPONSORED BY INTRUST IT

Ransomware gangs made big money in 2020:

  • Blockchain analysis firm Chainalysis reported that ransomware gangs made at least $350 million in ransom payments in 2020
  • Chainalysis determined the amount by tracking transactions to blockchain addresses linked to ransomware attacks
  • That's a whopping 311% increase over ransomware payments in 2019, they blamed the spike on "a number of new strains taking in large sums from victims" and "a few pre-existing strains drastically increasing earnings."
  • Chainalysis indicated that their estimate was at the lower end of actual ransoms paid because some victims do not disclose their ransom payments
  • Ransomware was 7% of all cryptocurrency-based crime and is on the rise
  • The top criminals were those behind Ryuk, Maze (now-defunct), Doppelpaymer, Netwalker, and REvil (aka Sodinokibi)
  • Other strains including Defray777 (RansomExx) and Dharma made millions as well
  • The Chainalysis team confirmed a report from Advance Intelligence stating that ransomware gangs use some of their funds to pay for other cybercrime services
  • Ransoms have increased in size and they now threaten doxxing the stolen data as an added incentive to pay

US intelligence agencies use location without warrants:

  • Many if not most smartphone apps log their users’ location and that data is sold to brokers who then resell it
  • An unclassified memo obtained by The New York Times says that the Defense Intelligence Agency (DIA) buys commercial databases containing smartphone location data and searches it without a warrant
  • DIA analysts have searched for the movements of Americans using this data in five investigations over the past 2.5 years per a memo they wrote for Senator Ron Wyden
  • A 2018 Supreme Court ruling known as the Carpenter decision said the Constitution requires the government to obtain a warrant to force phone companies to turn over location data
  • But the government can buy similar data from a private broker without a warrant
  • "D.I.A. does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially available data for intelligence purposes" DIA said in a memo
  • Senator Wyden recently criticized situations "in which the government, instead of getting an order, just goes out and purchases the private records of Americans from these sleazy and unregulated commercial data brokers who are simply above the law.”
  • Senator Wyden called the practice an unacceptable intrusion on constitutional privacy rights. "The Fourth Amendment is not for sale" said Senator Wyden
  • Last year, the Wall Street Journal reported that law enforcement agencies including the Department of Homeland Security — Immigration and Customs Enforcement, and Customs and Border Protection were using the data
  • BuzzFeed reported that a legal memo from the Department of Homeland Security claimed it is legal for law enforcement agencies to buy location data without a warrant
  • DIA processes the data and stores records which appear to be on US soil in a separate database
  • DIA analysts may only query that separate database of Americans’ data with "special" approval
  • Senator Wyden has indicated that the plans to propose legislation that safeguards for Americans’ privacy in connection with commercially available location data

The explosion of IoT devices and "Fusion" centers are turning the world into a Panopticon:

  • "The panopticon is a type of institutional building and a system of control designed by the English philosopher and social theorist Jeremy Bentham in the 18th century. The concept of the design is to allow all prisoners of an institution to be observed by a single security guard, without the inmates being able to tell whether they are being watched." - Wikipedia
  • Government agencies are using technologically advanced "fusion" centers to combine and analyze data from many sources including IoT devices
  • "One government, which he refused to name, issued a solicitation for a tool that would mesh facial recognition cameras and mobile phone networks to track citizens wherever they went" - Giovanni Gaccione, Genetec
  • Christian Schnedler and engineer who work on some of these systems said “To the extent that you do not trust your government, you do not want your government to build these systems.”
  • There are no specific national rules governing fusion technology
  • Read the article: