In this week’s roundup, we will discuss how you can lose all your information by clicking on a fake voter form, how ransomware attacks are increasingly common, how the United States puts a leash on Russian hackers, and how your encrypted apps are turning into non-encrypted ones.
Are the Allegations from Trump Actually Right?
As we are closing in on US Presidential Elections 2020, you might see a lot of false online information about voting forms, registration, and the election cycle. You might have heard in many Trump speeches and city campaigns that mail-in votes are bogus.
Trump might be partially right because cyberattackers have found a way to attach fake voter forms to grab your personal information, and you won’t even know it.
You might feel the urge to click on an email and check the Voter Registration Form before physically going to vote for the next President of the United States. This is where a hacker can make his play and can send you a fake email to get your email, password, or bank account number. You must watch out for these fake emails because it can really take a toll on your private online activities.
So, Donald Trump was half-right in our opinion. And you must be wary about clicking on unknown emails and prevent a phishing attack.
The real problem is, some people are also sharing their bank account passwords as well. I mean who does that, really? Who shares bank passwords for filling Voter registration forms? Wake up, people!
But it happens to most people who have no real clue about the voting process. Cautious is the word here. Don’t be an easy target for anyone.
You may not realize, but when trying to learn more about the candidates and better inform your judgments that there are some groups or even countries (Russia or China) that are eager to interfere in the 2020 Presidential Elections. Foreign actors might also collect your private data via phishing emails and links, which is more dangerous than you can imagine. In short: if you want to learn more about your desired candidates’ platforms, use Google, and choose reputable results. Don’t click on links in your email.
The Director of National Intelligence said both Iran and Russia have obtained US voter registration information in an effort to interfere in the election, including Iran posing as the far-right group Proud Boys to send intimidating emails to voters. https://t.co/BI0KjuJnxc
— CNN (@CNN) October 22, 2020
Make no mistake, these cyberattackers are still successful in collecting your data no matter how smart you are. Their secret sauce is creating a professional and legit-looking email that includes a phishing email link sent on a Wednesday (a perfect day when you might ignore safety protocols because you are busy). And more importantly, these emails have a bit of urgency so you can make a mistake and click on the false link.
Word of advice: Make your vote count. Double check every sentence and online form before casting your vote. As a tax paying citizen, you must choose the right person for the country and make sure you are not a part of any foul play.
Ransomware Attacks are Another Major Threat in 2020
According to IBM, there was an unusual spike in ransomware attacks in June 2020. Most IT companies, online servers, government organizations, and hospitals are trying to combat these ransomware attacks. The real downside is you just can’t.
This time the attackers choose to target the election database of George County, Mississippi. Which is, of course, obvious at this point. I mean we understand that government-run IT systems are not typically equipped with better security protocols and are thus pretty vulnerable. And people aren’t smart either, with all of us as humans being susceptible to social engineering; any of us is at risk of clicking on a phishing link or using a weak password, allowing hackers to penetrate the systems. These are sloppy ways to handle important information but it does happen in most government organizations.
In short, the first line of attack is phishing when it comes to ransomware attacks. We’re all flawed humans. We might just be tired one day and click something that will be dangerous to the entire network. The most secure networks may still be weak because we’re, well, people. Goodbye security! Hello, personally identifiable information!
This is the reason why cyberattackers choose to target organizations that are using low-end security systems like hospitals, technology companies (most of them aren’t secure), and election systems. It gets worse when these aren’t just phishing attacks but serious ransomware attacks, which means the attackers will take over your system, keep your files encrypted, and then will ask for a large ransom in exchange for the encryption key.
We said it before and we’ll say it again: 9 out of 10 times it is the people working at the organization that allows a ransomware attack to happen.
The ransomware attack on Georgia County can be a sign of foreign countries interfering in the 2020 US Elections, which was allegedly suggested in previous elections. But we are not telling you to connect the dots here. We are advising you to do the right thing. Learn how to get around these strong online threats and be cyber aware.
The bottom line is that you must make yourself aware of these security breaches and educate on how to stay safe, especially if you are managing important data. Ransomware attacks are just like your cats, they keep coming back for more food. So, you need to learn how ransomware works, execute robust security strategies, and shield your important systems.
And avoid this advice in general…..
Donald Trump on computer hacking: “Nobody gets hacked. To get hacked you need somebody with 197 IQ and he needs about 15 percent of your password.”
🤷🏼♂️ pic.twitter.com/eIWbPwnpUe
— Ira Goldman 🦆🦆🦆 (@KDbyProxy) October 19, 2020
Do you know how many organizations or government systems are already under control by ransomware attackers? We have no damn clue as well, and this is what is terrifying.
USA vs. Russia Just Like Old Times
Russian hackers have been attacking American systems and companies for a long time but the US never prosecuted them. Until now. Apparently, the United States wants to strong arm Russia, telling them in a not-so-subtle way to stop planning such attacks.
Treasury sanctions Russian government research institution connected to the Triton Malware https://t.co/7izHfGJaYN
— Treasury Department (@USTreasury) October 23, 2020
Triton is the Culprit Here
Triton malware is the latest malware attack that infected US systems. The worst part is that the trigger of this malware attack traces back to a Russian professor at TsNIIKhm. Previously, the FBI caught a Chinese hacker, a researcher who destroyed a USB hard drive because it contained important information. Now, the US is following strict protocols to deal with these types of state-level issues.
Coming back to the Triton malware. When the Russian researchers attacked the SIS workstation using the Triton software, a plant was quickly taken down and went into offline mode. Even though the Triton software was specifically designed to even break the last line of defense mechanism, there was no damage done.
The cyberattackers managed to get access to an SIS engineering workstation, where they deployed the malware. This automatically shut down the SIS controllers and alerted the owners to start an investigation. Of course, this was a major incident that led the United States to believe that it was a nation-backed attack and not by a group of amateur hackers.
The thing is: countries will continue to play these shell games to weaken the systems or gain more power over each other. Honestly, there are many reasons to spread malware in government-run systems. It is a never-ending story.
Are You a Citizen of a Five Eyes Alliance Country?
If yes, then this news might be a shocker to you. The Five Eyes Alliance, which is mostly English-speaking countries like Canada, Australia, the United Kingdom, New Zealand, and the United States, are asking the technology companies to give them access to end-to-end encryption apps.
To give you a clear picture: You might have privacy from hackers and Internet Service Providers but not from the government. This means your private data is exposed. The government won’t take action or prosecute you unless you share sensitive information or plot against the regime, but they will know everything about you. Clearly, Facebook, Google, Amazon, and Instagram wasn’t enough to expose us, so now these governments need to see our private messages.
This is obviously due to the growing cyber threats against the Five Eyes countries and they are looking to keep an eye out for any further attacks. You might say this is non-consensual monitoring of the citizens, but these countries have been doing it for a long time. In fact, the countries exchange data of their citizens with each other during a threat.
We hate to be the one to say this: I told you so!
What you may not know is that these alliance countries have been doing this for quite a few years, but are now taking it a step further in the wrong direction as far as we’re concerned.
All in all, two things will happen if the Five Eyes Alliance has a real encryption backdoor:
- Users will move to third-party applications
- Countries will create more online transparency
Both of these actions are different, but in both, the only one who will win is the alliance. We thus call it a Win-Lose scenario. You might be thinking… Why not turn off the stupid internet when the government knows everything about me? That is a plausible question but it’s not going to work that way until the government can control cyberthreats or at least indicate them.
We’re PureVPN, and that P stands for, among other things, Privacy. We believe that your online life must be private, no questions asked. For now, we know what will help with keeping you safe online, and we suggest that you continue arming yourself every day about developments in the security space that will put you at risk. We’ve got our own recommendations; what say you?
Hopefully, at the minimum, you’re armed with a VPN to ensure that these alliances are not able to penetrate through your browsing activities, so that you get the peace and quiet of surfing with no eyes looking over your shoulder. That’s the way we’d want it.
Sameed Ajax
November 24, 2022
1 year ago
