I spend a lot of time speaking about data backups. I have a talk where I specifically discuss the importance of proper data backup procedures to protect from a ransomware attack. The conversation always targets the archiving of big, "important" data though, and rarely do I mention the importance of making extra copies of your little data.
But losing little data can be a big problem.
I woke up Sunday to find the messages on my Apple iPhone (iPhone 12/iOS 16.1) showing only the phone numbers of the conversation participant not the name of the saved contact. A check of the phone call log showed the same. Phone numbers only, not contact names.
I opened the Contacts app to find it blank. All of my contacts had been deleted. Why? I don't know and it didn't matter at that point. Even worse, I also found that I wasn't backing up the contacts to iCloud.
All of my contacts - names, phone numbers, email addresses - collected over the years were gone. Gone. At least for a bit.
Luckily, I made a backup of my phone about three weeks ago. Restoring the phone from that backup revived my contacts but cost me everything I had collected over the past three weeks. That hurt, but nothing like the prospect of losing all my contacts.
So my talking points will now include that it's just important to back up little data as it is the big data because losing little things hurts just as bad as losing big things.
Crime does pay (apparently)
A recent report by the Financial Crimes Enforcement Network (FINCEN) reveals that U.S. banks and financial institutions processed 1.2 billion dollars in funds dedicated as ransomware payments in 2021. To no one’s surprise, over half the payments were directed to attackers suspected to be in Russia. If we only had some agency to monitor all of these transactions and stop them from going to sanctioned cyber crime groups. Oh, OFAC you say? https://www.cnbc.com/2022/11/01/us-banks-process-roughly-1point2-billion-in-ransomware-payments-in-2021.html
So damn smart
An article from last week but I just go to read it. SpiderLabs from Trustwave breaks down a phishing attack targeting Instagram users where the bait is a “copyright infringement” notice. The email instructs the receiver to file a timely appeal but the “Appeal Form” button doesn’t link to an Instagram resource. The attack is so well done you almost have to give a hat tip. https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/insta-phish-a-gram/
Another reason not to pay, maybe.
Last month, a federal jury found former Uber Chief Security Officer Joe Sullivan guilty of several crimes committed while trying to conceal details about a data breach suffered by the company. The PII of 50 million Uber customers was exposed and the hackers demanded $100,000 to destroy the data and not release it on the dark web. Sullivan never disclosed the breach and declared the payment as part of a “bug bounty” program.
Coveware applied the lessons learned from the incident to the response of a ransomware incident and what liabilities business executive face when paying, or not paying, the ransom. The rest of the article is an excellent rundown on the current ransomware landscape. https://www.coveware.com/blog/2022/10/26/q3-2022-quarterly-report
And the proper way to handle it
Dropbox fell victim to a phishing attack that exposed some of their code stored in Github repo’s. They became aware of the attack on October 14, 2022 and immediate remediated the issue. On November 1, 2022, they published a full disclosure to their blog. This is how you properly handle an exposure. https://dropbox.tech/security/a-recent-phishing-campaign-targeting-dropbox
Rat in the call-center
A former bank call-center employee pled guilty in federal court of conspiring to steal over $520,000 from the customers of his employer. The man and his co-conspirators had complete access to the customers account information and personal identifying information. They would take photographs and screen shots of the information and later use it to commit fraud and identity theft, including walking into branches of the bank and making cash withdrawals. https://www.justice.gov/usao-nj/pr/burlington-county-man-admits-bank-fraud
And another RAT
The former chief lending officer of a Pennsylvania Bank has been sentenced to one year in jail for running a straw loan scheme over a ten year period that netted him almost $300K. To his credit, he already made restitution in five of the eight bad loans, but only one year in jail? Really? Oh, my bad, it’s actually one year and one day. So it’s Ok. https://www.pennlive.com/news/2022/11/ex-chief-lending-officer-of-pa-bank-heading-to-jail-in-straw-loan-scheme.html
The Rest…
Instagram Personality Known as “Jay Mazini” Pleads Guilty to Wire Fraud, Wire Fraud Conspiracy and Money Laundering. https://www.justice.gov/usao-edny/pr/instagram-personality-known-jay-mazini-pleads-guilty-wire-fraud-wire-fraud-conspiracy
Man steals $300K from his employer. https://www.pennlive.com/news/2022/11/pa-man-accused-of-stealing-over-300k-from-law-firm.html
Cool Job
Director, Game Integrity Intelligence and Investigations - NFL https://hdmm.fa.us6.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX/job/220587
Cool Tool(s)
Identify a vehicle with a picture (make, model, generation). https://carnet.ai/
Find any court case (United States) https://www.judyrecords.com/
Irrelevant
Everything to know about Mastodon
https://blog.djnavarro.net/posts/2022-11-03_what-i-know-about-mastodon/
Thanks for opening this weeks email and reading Issue 103 of Tw/oB. Now go backup your phone. In fact, back it up to two places.
Matt
Betteridge’s Law - Any headline that ends in a question mark can be answered by the word ‘No’.