With responses in (somewhat) full swing aground the globe, people are suddenly finding themselves online a lot more and their exposure to threats has likewise gone up. Online shopping is increasing as people weigh the risks of contact with other people, and local stores are rushing to provide a way to purchase goods digitally. This sudden increase in use is likely to cause some failures or breakdowns in the network and we expect those events to be ruthlessly exploited by malicious actors. Netflix will be reducing its stream quality in Europe because of the huge increase in usage caused by the quarantine, and we expect other streaming services to do the same before long. Cyber research group Perimeter X has reported a massive spike in scraping and account takeover attacks against entertainment services and other supply providers. Worse, as demonstrated by the Eternal Blue attacks, hospitals and other critical healthcare facilities have a terrible record with enforcing proper cybersecurity protocols. Hospitals may find themselves in the crosshairs of some truly morally bankrupt individuals as nothing would be more likely to get a payout than threatening to shut down a hospital’s network. Admittedly, whatever group or individual did that would probably find themselves hunted to the ends of the Earth and then tried for manslaughter/murder.
In other news, Digital Revolution, a Russian hacking group, claims to have exposed the FSB’s Program Fronton which would allow them to hack into Internet of Things (IoT) devices. We’ve said it before (and we’ll probably keep saying it forever): IoT devices represent a massive vulnerability and should not be trusted anywhere where sensitive information resides. Really, IoT devices shouldn’t be trusted at all. Assume that they’re insecure and actively working to siphon your data and you’ll find yourself much more secure. From the documents they’ve released, Project Fronton appears to be an IoT Botnet, which is something we’ve seen in the past using wifi enabled security cameras to provide processing power.
Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.