Cyber Intelligence Weekly (Aug 8, 2021): Our Take on Three Things You Need to Know

Welcome to our weekly post where I will be sharing some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the Future of Cybersecurity!

You can also Subscribe to receive Cyber Intelligence Weekly in your inbox each week.

Away we go!

1. Federal Cybersecurity Receives Failing Grades, Again.

A new Senate Homeland Security and Governmental Affairs Committee report provided stark details on the state of cybersecurity at eight major agencies. The senate report compiled data from the respective inspector generals from each agency. This is a follow up to a report in 2019, which was not very rosy either.

Some of the lowlights include:

• Seven of the eight federal agencies reviewed have not met basic cybersecurity standards necessary to protect America’s sensitive data.
• Seven of the eight agencies still operated unsupported legacy systems.
• The State Department left thousands of accounts active after employees left the agency.
• The Department of Transportation had nearly 15,000 IT assets on hand that had no record.
• While testing the Department of Education’s security, the Inspector General was able to exfiltrate hundreds of sensitive PII files, including hundreds of credit card numbers, without any prevention or detection.
• The Social Security Administration did not sufficiently protect PII or apply appropriate access management controls.

Below is a snippet from the report, that shows the overall report card:

2. Apple Confirms it Will Review iCloud Photos for Child Abuse Images

Apple recently confirmed that it will be adding functionality that will scan users iCloud photos for child sexual abuse material (CSAM). Apple is trying to quell fears about this feature, stating that the process will ensure privacy through several layers of encryption and that the chance of a false positive will be one in one trillion. Zach Whittaker at TechCrunch went into detail about how the process technically works, including technical papers and sources from Apple.

While there is no question behind the intent of the program, many fear that the privacy implications of this type of process are numerous. Several security and privacy experts have been citing Apple’s tendencies to make compromises on privacy matters and bend to the demands of governments and other agencies.

3. No Honor Among Cyber-Thieves?

It has been reported that an alleged disgruntled member of the Conti ransomware-as-a-service group has leaked the group’s manuals and technical guides used by the group to train their ‘affiliates’ on how to gain access into networks before exfiltrating files or launching a ransomware attack.

In addition to being a lengthy hacker-how-to manual, the report also listed IP addresses of where the group hosts/hosted their Cobalt Strike C2 servers and a whole host of other juicy details that are welcomed intel for cyber defenders facing off against these specific adversaries.

The report also mentions that the archive goes into great length about how to use certain toolsets in staging an attack from beginning to end. This is just further proof that shows us in very clear terms how resourced and organized our adversaries are.