This week, the The Justice Department has indicted a 22-year-old on charges of tampering with the water installation where he worked. It is a stark reminder that, while the power grid receives most of the attention, it is not the only part of the critical infrastructure vulnerable to potentially devastating attacks.
We’ve also looked at YouTube’s continuing problems with moderating child-oriented content; a WIRED investigation found dozens of scary thumbnails in videos from Minecraft and child-centered activities that were at the top or near the top of the platform’s “Topic” pages. It is not as dire a situation as the so-called Elsagate controversy of a few years ago, in which the YouTube Kids app was flooded with grotesque videos featuring popular children’s characters performing indescribable acts. But it still shows that YouTube still has a lot of moderation work ahead of it.
Tired of receiving unwanted files from strangers, either through AirDrop or any other version that Android is calling today? You can make them stop! And it probably should. Just follow our guide to check and uncheck the various settings needed to end excessive sharing.
And there’s more! Each week, we gather all the news that WIRED did not cover in depth. Click on the headlines to read the full stories. And stay safe out there.
An organization known as “Chicken Drumstick” reportedly raised $ 76 million in revenue from its subscription video game cheating service before the law broke them this week. The group charged $ 10 a month for game cheats like Overwatch and Call of Duty Mobile. In addition to confiscating $ 46 million in assets – which included a large number of luxury cars – the police say they destroyed 17 cheaters and arrested 10 people in the fall. Chinese technology titan Tencent, which has stakes in several major gaming companies, collaborated with authorities on the operation.
A whistleblower told independent security newspaper Brian Krebs that a recent breach by the network equipment company Ubiquiti was much worse than initially reported. The source said the hackers “got full read / write access to Ubiquiti databases on Amazon Web Services”, as well as root administrator access to Ubiquiti’s AWS accounts. These are basically the keys to the kingdom. Ubiquiti said in response that it has no indication that user data has been accessed or stolen, although Krebs’ source says the company does not keep records that would give them that information in the first place. Anyway, it’s a mess!
In January, Google reported that hackers from North Korea’s Lazarus Group spent a considerable amount of energy trying to trick security researchers, and even had some success in doing so. This week, the search giant’s Threat Analysis Group followed up, saying the North Korean campaign continued at a brisk pace, this time armed with a fake website and fake social media profiles. In an inspired trolling, one of the Twitter puppets was called Sebastian Lazarescue.
It is safe to say that many, many people are feeling the exhaustion of the pandemic today. But consider the men and women of the US Infrastructure and Cybersecurity Security Agency. After its widely respected leader Chris Krebs was fired by a presidential tweet last fall, CISA had to fight the consequences of SolarWinds and Hafnium, the biggest hacking campaigns that have hit the United States in recent history. Politico reports that the agency’s 2,000 workers are dangerously thin – which could leave the country ill-equipped to deal with the next attack.
Last weekend, the United States Strategic Command – they oversee nuclear weapons – tweeted a short string of expletives, leading some to understandably question whether they had been hacked. The good news is that they were not. The less good news is that, instead, the son who was logged in to the account had a moment on the keyboard. The right combination of adorable and alarming!
More great stories from WIRED