The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Friday Five: 11/1 Edition

by Chris Brook on Friday November 1, 2019

Contact Us
Free Demo
Chat

The hackers behind Uber's 2016 breach finally plead guilty, WhatsApp pushes back against NSO Group, and an army admin steals millions from veterans - catch up on the week's news with the Friday Five.

1. Congress Still Doesn't Have an Answer for Ransomware by Matt Laslo

It's increasingly rare a week goes by without a story about ransomware wreaking havoc on systems, usually belonging to local government or public schools - this week was no exception as Las Cruces Public Schools experienced an attack which shut down its computers, servers. As we learned in WIRED this week, it's unclear whether we'll see any movement from Congress on the issue anytime soon. Some state senators, like two in Connecticut the magazine contacted in July, still aren't aware of the problem. Others have taken efforts to better highlight the threat. The piece mentions a bill recently passed by the Senate to get the Department of Homeland Security to respond to attacks, in addition to a plea to the Government Accountability Officer to review the government's programs designed to aid ransomware victim jurisdictions

Read more

2. The Ransomware Superhero of Normal, Illinois by Renee Dudley

Speaking of ransomware, this is a fascinating, fun read courtesy ProPublica, the Chicago Sun-Times, and The Pantagraph - a little known daily paper based in Illinois that's been around 1837 – on Michael Gillespie, a programmer you've likely never heard of who's made some tremendous strides combating ransomware. The 27 year old has already cracked more than 100 strains of ransomware and published tools that hundreds of thousands of victims have downloaded to avoid paying ransoms. It's a long read – almost 5,000 words - but worth it to get the full scope of Gillespie's story, including how he beat cancer, started to network with other ransomware hunters, and forged a relationship with the FBI to further assist ransomware victims.

Read more

3. Fraudster Admits Role In Theft of Millions From Thousands of Army Members by Sergiu Gatlan

There are some forms of data theft - like taking photos of sensitive documents on a computer screen - that are nearly impossible to detect. Unfortunately, since there's usually very little safeguards in place, these schemes are usually successful - until they're not, that is. One of those, disclosed by the U.S. Department of Justice this week, involves a civil medical records admin at the Army who was able to steal data on thousands of military members and in turn, bilk Department of Defense and Veterans Affairs benefits sites out of millions of dollars. The admin, a resident of Las Vegas residing at a base in South Korea, acknowledged this week that he stole the data between 2014 and 2015 while logged into the Armed Forces Health Longitudinal Technology Application. He provided that data to three co-conspirators who used it to steal money from military members bank accounts and benefits payments. According to the DOJ, evidence of the scheme surfaced earlier this year, something which led to the indictment.

Read more

4. Why WhatsApp is pushing back on NSO Group hacking by Will Cathcart

Perhaps the story of the week, especially on #securitytwitter, was WhatsApp and Facebook's blockbuster lawsuit against the Israeli private security company NSO Group for a cyberattack it claims installed spyware on users' phones and targeted at least 100 human rights defenders. "This should serve as a wake-up call for technology companies, governments and all internet users," WhatsApp head Will Cathcart wrote in an op-ed in The Washington Post, linked below, on Tuesday. Citizen Lab, part of the University of Toronto's Munk School of Global Affairs and Policy, helped WhatsApp identify that the victims were human rights defenders and outlined its research on Tuesday too. NSO Group has long been associated with spyware, like the infamous Pegasus, but this is the first time a company has publicly and legally taken the firm to task for it. NSO has sold the spyware to governments and third parties since at least 2016 and claims it serves them "responsibly" but this week’s lawsuit could be a crucial moment for technology and companies whose services are mishandled to target users.

WhatsApp first disclosed and fixed the flaw back in May.

Read more

5. 2 Plead Guilty in 2016 Uber and Lynda.com Hacks by Mike Isaac

Uber's elaborate coverup of a 2016 breach is back in the news this week as the two hackers behind the incident finally plead guilty in a San Jose court. Uber kept the breach, which compromised the data of 57 million drivers and customers, a secret by paying the hackers, Brandon Charles Glover, 26, of Florida, and Vasile Mereacre, 23, of Toronto, $100,000 in hush money. The hackers also managed to get access to a database belonging to Lynda.com, an online learning platform owned by LinkedIn. If you're looking for a good recap on the case and how it affected Uber it's probably best to read this story, linked above, via the person who literally wrote the book on Uber, the New York Times’ Mike Isaac. If you've already read Mike's book, you'll remember that Joe Sullivan, Uber's chief security, was finally ousted for his role in covering up the breach in late 2017.

Read more

Tags: hacking, Ransomware, Spyware, Fraud

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.