Sicurezza

Security News This Week: Julian Assange Has Lost His Internet Privileges

After weeks of unrelenting chaos, the cybersecurity world took a little bit of a breather. Well, relatively, anyway. There was still one of the biggest data breaches in recent memory, compliments of UnderArmour.

The TKTKKTK.

But hey, everyone makes mistakes, including the world’s most elite hackers—just ask the Russian intelligence agent behind the Guccifer 2.0 persona, whose failure to use a VPN just once outed him as GRU. Or ask people who used Monero in the early days and put too much faith in its privacy protections, which a new study says aren’t as robust as they seemed, especially before a recent update. Or even ask Facebook, which left a privacy setting active for years that didn’t actually do anything. Or the City of Atlanta, which is still dealing with the fallout of a ransomware attack from over a week ago. What a world!

At least some people are getting it right, or trying to. Facebook detailed a few efforts to safeguard the election, although the social network still has a long way to go. And the trainees at Fort Gordon are learning how to fight the next generation of cyberwars. One thing they’ll need to be aware of? How jihadists are increasingly using steganography to send covert messages, through an unfortunately named app called MuslimCrypt.

But, wait, there’s more! As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.

Ecuadorean Embassy Cuts Off Assange’s Internet

Ecuador may have granted Julian Assange asylum in its London embassy for the last six years. But it seems to be growing tired of granting him access to the Wifi. Earlier this week the embassy officially cut off his internet connection, saying that he had violated a written agreement with the Ecuadorean government that he would cease meddling in world affairs. That move followed Assange’s repeated comments in his twitter feed in support of Spain’s Catalan independence movement, including one tweet comparing the current Spanish government to Franco’s 1940s fascist regime and the German government—which may extradite the leader of the Catalan separatist movement—to the Nazis. That may have seriously ruffled political feathers, given Ecuador’s close relations with Spain. And another tweet from Assange casting doubt on Russia’s involvement in the nerve gas attack on Russian defector Sergei Skripal may not have helped the matter. Of course, censoring Assange hasn’t proven to be so easy. Ecuador previously cut his internet access ahead of the 2016 election, too, in response to WikiLeaks’ publication of leaked emails from the Hillary Clinton campaign, and yet WikiLeaks’ document dumps and tweets continued. Based solely on some telltale typos in WikiLeaks’ recent tweets—Assange is a notorious misspeller—he may have at one point found a connection to the outside world in the days after his ban. Subsequent reports of radio jamming equipment in the embassy, however, may have complicated his censorship circumvention.

Boeing Fights a WannaCry Infection—Maybe?

Nearly a year has passed since the WannaCry ransomware worm ripped through the internet, encrypting hundreds of thousands of victim computers using a stolen NSA hacking technique. So when reports surfaced this week that Boeing was hit with that now-outdated malware, security researchers were left scratching their heads. Certainly Boeing was in fact struck with a serious ransomware attack based on a leaked memo that described its response as an “all hands on deck” situation. But WannaCry’s spread was almost entirely ended in May of last year when British security researcher Marcus Hutchins registered a web domain that activated a “kill switch” in the worm’s code. Just how—or whether—Boeing could still be infected by that largely neutered malware remains unknown. Some researchers have pointed out that if part of Boeing’s network was cut off from the public internet, it could have prevented a WannaCry infection from reaching the kill switch domain and prevented the malware’s shutdown. Or it’s just as possible that reports have confused a more run-of-the-mill ransomware infection with a name-brand one that made headlines nearly a year ago.