Was a Unprecedented and historic week in the United States when a crowd of supporters of President Donald Trump revolted at the Capitol in Washington, DC and stormed the Capitol building, forcing Congress to evacuate and temporarily suspending their symbolic certification of Joe Biden’s election as president . Digital archivists and others struggled to preserve the photos and footage of the uprising while social media implemented ad hoc content moderation policies. Meanwhile, national security experts are concerned about the risks that the incident poses to information security – and national security – on Capitol Hill.
In other news, transparency activists DDoSecrets, a kind of successor group to WikiLeaks, publish a treasure trove of corporate information – a move that was particularly controversial, since the data was originally stolen by ransomware attackers. And speaking of Wikileaks, the UK on Monday denied the United States Department of Justice’s request to extradite Julian Assange, citing Assange’s mental state and the risk of suicide, rather than any assessment of whether the founder of the WikiLeaks violated the Espionage Law.
WhatsApp users received a notification this week that a change in the app’s privacy policy meant that they could no longer choose not to share data with Facebook – which was confusing, since WhatsApp has been sharing that data since 2016, and it only gave a cancellation option for a 30-day passenger window that year. And Ticketmaster was caught breaking into a rival company’s systems, agreeing to pay a $ 10 million fine to settle the case with federal prosecutors.
And there’s more. Below, we’ve collected the most important SolarWinds stories so far on the Internet. Click on the headlines to read them and stay safe outside.
Since it was revealed that SolarWinds’ Orion IT management tool was exploited in an attack on the software supply chain, the cybersecurity industry has anxiously feared the news that the same Russian hackers have also hitched a ride on other popular software. This week, FBI sources told Reuters that the Czech Republic-based software company JetBrains was examined as another possible victim – and a potential vector for corrupted code. JetBrains’ TeamCity project management tool is used by tens of thousands of customers, including SolarWinds, raising the possibility that it may have served as the starting point of infection within the SolarWinds network. The fact that JetBrains was founded by three Russian engineers has raised more suspicions about the company. But the CEO of JetBrains, based in St. Petersburg, said this week that he was not contacted by the FBI or any other agency. Nor, he says, did JetBrains see any evidence that it was breached by hackers, not to mention that it was used to further breach SolarWinds’ systems.
Chris Krebs, former director of Cybersecurity and Infrastructure Security Agency, became a celebrated cause in November when President Trump fired him for declaring – correctly – that the allegations of widespread electoral hacking and fraud promoted by the president and his supporters they were false. Now, after a federal career that many have credited with helping to protect the 2020 presidential election from foreign interference, Krebs is venturing into last year’s other massive cybersecurity story: the invasion of Russian hackers at SolarWinds, a company based in Texas whose software was hijacked and used to penetrate the networks of at least half a dozen federal agencies. SolarWinds hired Krebs to help remedy and recover from the breach that placed it at the epicenter of that far-reaching hacker scandal. He will be joined by former Facebook and Yahoo security chief Alex Stamos, who also signed a contract with video conferencing company Zoom last spring to help him recover from his security problems. Krebs and Stamos will work with SolarWinds through a consulting firm they founded, the Krebs Stamos Group. Given that SolarWinds’ shares have lost more than a third of their value, or about $ 2.5 billion, since news of their breach was released, whatever fees the company is paying to that consultancy – probably too much. large – are undoubtedly a rounding error for your total violation costs.
Desmond Tan, Singapore’s state minister for his Ministry of Internal Affairs, told parliament on Monday that Singapore police could use data from the country’s Covid-19 contact tracking platform in investigations. The service was originally marketed as gathering as little information as possible and as a single-purpose tool for contact tracking only. But on Monday, the platform was updated to reflect the access potential of law enforcement. More than four million of Singapore’s 6 million citizens reportedly use the app.