Plus, there’s a RAT in the router and Dragonbridge fires off misinformation.
Despite concerns from privacy advocates, Australia is currently the only democracy in the world that uses facial recognition technology to aid Covid-19 containment procedures. Police ensure that Western Australian citizens are following the seven-day quarantine rule by sending periodic text messages that require the quarantined person to send a response in the form of a selfie within 15 minutes. The police then use GPS tracking and facial recognition tech to determine if the person is really at home. (If they are not, the police show up at the door to issue a citation.)
Avast Security Evangelist Luis Corrons believes the ends here do not justify the means. “Privacy is a right,” he commented. “Being the only democratic government in the world using facial recognition to control and restrict your citizens’ movements is a clear warning that something is wrong.” Meanwhile, the Australian Human Rights Commission has called for a moratorium on facial recognition tech until Australia has laws in place to regulate its use. For more on this story, see the BBC.
Anti-abortion centers collect personal data
Pregnancy centers, many of which appear to be abortion clinics but are actually affiliated with anti-abortion advocacy groups like Care Net and Heartbeat International, collect personal data from the millions of women with whom they interact in person, by telephone, and through online chats. Test results, sexual and reproductive histories, ultrasound photos, and information shared during consultations and counseling sessions are among the data collected. While actual medical centers in the U.S. would be bound by federal privacy laws including HIPAA, most anti-abortion centers are not licensed clinics and therefore not required to abide by these rules. This gets particularly alarming for the woman who thinks she is speaking with an actual abortion clinic when she is not. See TIME and BBC for more..
ZuoRAT attacks home office routers
Researchers believe a sophisticated malware dubbed ZuoRAT may be the product of nation-state hackers, given its range of capabilities and advanced stealth. The remote access trojan has been observed since the end of 2020, and it has infected small office/home office (SOHO) routers made by Cisco, Netgear, Asus, and DrayTek. ZuoRAT gets installed by exploiting unpatched vulnerabilities in the SOHO devices. Then it is able to enumerate all devices connected to that router and collect the DNS lookups and network traffic they send and receive. Fortunately, like most router malware, ZuoRAT can not survive a reboot, so restarting the device should remove the initial infection. For more, see Ars Technica.
Dragonbridge targets rare earth mining companies
The Dragonbridge group, known to promote the political interests of the People’s Republic of China, seems to be working to disrupt rare earth suppliers and processors outside of China by spreading misinformation about them on social media. Experts believe the campaign is fueled by the drive to keep China in the dominant market position of rare earth exports. The rare earth market provides essential components for electronics, circuit boards, and batteries. The U.S. 2022 Defense Production Act (DPA) Title III has recently been signed by Joe Biden to encourage domestic production of rare earth materials, lessening the reliance on imports from other countries. The companies targeted by Dragonbridge are large enough to threaten China’s dominant position. For more, see ZDNet.
U.S. State Department gets more proactive on cyber threats
The State Department Bureau of Intelligence and Research (INR) released a new cybersecurity strategy this week meant to create a more proactive culture when it comes to finding and fixing vulnerabilities. “This is a comprehensive approach to shifting from a reactive cybersecurity posture to a proactive one where we’re constantly hunting for potential threats in our environment rather than just waiting for alerts to fire and then we’re investigating,” commented Assistant Secretary of State Brett Holmgren. The new strategy involves migrating to the cloud, prioritizing and leveraging new technologies, and deploying real-time threat-based security functions. See Cyberscoop for more.
This week’s must-read on the Avast blog
Earlier this month, several European mayors received deepfake video calls from an impersonator of Vitali Klitschko, the mayor of Kyiv. These mayor-to-mayor video calls are a warning to us all to not accept things without some proper vetting, especially when it comes to well-known individuals.