Credit to Author: Brian Barrett| Date: Sat, 19 Oct 2019 12:00:00 +0000
A Samsung Galaxy 10 fingerprint goof, a Tor impostor, and more of the week's top security news.
The first thing you should read about cybersecurity this week, if you somehow haven't already, is this in-depth look at Olympic Destroyer, the malware that plagued the Pyeongchang Olympics. An excerpt from WIRED senior writer Andy Greenberg's upcoming book Sandworm, the feature from our November issue details how investigators figured out who was behind the attack—a trickier puzzle to solve than you might think.
Speaking of Russian hackers, Cozy Bear is back on the radar after a few years of relative stealth, with a years-long campaign infiltrating the networks of political targets. We also explained how law enforcement caught the operator of a massive child-porn site on the dark web by tracking a series of bitcoin payments.
Elsewhere, Facebook improved its bug bounty, effectively offering to pay double for bugs found on third-party sites that integrate with the social network. Apple continued to capitulate to China. But at least it added a heaping helping of privacy and security settings to macOS Catalina, which just launched last week. And while the ransomware problem is getting worse, if anything, Congress continues to lack a coherent vision on how best to help local governments and institutions protect themselves.
For decades, the Air Force's Strategic Automated Command and Control System—an internal chat protocol—has relied on 8-inch floppy disks running on an IBM Series/1 computer. To be clear, if and when the order comes down to launch nukes, it'll route through SACCS. As recently as 2014, USAF officials insisted that running on obsolete, isolated tech actually made the system more secure. But they've apparently had a change of heart, as C4isrnet reports this week. As of June, they've upgraded to a "highly-secure solid state digital storage solution." It's unclear to what extent the rest of the system has been upgraded as well, but at least they've said goodbye to 70s-era data storage.
Samsung this week acknowledged an issue with its flagship Galaxy S10 smartphone's fingerprint sensor. Specifically, it doesn't work at all if you put certain third-party screen covers on it. The Sun first reported the flaw, after an S10 owner realized that anyone's finger could unlock her device. In a statement, Samsung said that its ultrasonic sensors confused "3-dimensional patterns appearing on certain silicone screen protecting cases" with legitimate fingerprints. The company's going to push a software update to fix the problem early next week. It recommends that S10 owners re-scan their fingerprints after it goes through. And in the meantime, maybe switch to a PIN?
Reuters reported this week that the US carried out cyberattacks against Iran in response to the September attack against Saudi Arabian oil production. Details are scarce, although the strike apparently "affected physical hardware" and was intended to disrupt Iran's propaganda efforts. There's likely some posturing going on here as well; the US generally doesn't publicize its cyberattacks unless it has a strategic reason to do so. But mark it as another jab in the cyberconflict that continues to roil between the US and Iran, one that has only escalated since President Donald Trump decertified a nuclear deal with the country. (And note, too, that Trump's own campaign has been a recent target.)
Bitcoin scams truly come in every flavor. The latest: Thieves tricking people into thinking they're updating their Tor browser, when in fact it downloads malware that changes the victim's browser settings, enabling thieves to steal from their payment service accounts. It appears to be mostly Russian victims, with a total haul of around $40,000, which makes it not as widespread or devastating as other cryptocurrency scams. But it's a good reminder to think twice before you click, well, basically anything.