TFD – Dive into the alarming cybersecurity crisis as ransomware brings 100 Romanian hospitals to a standstill, causing widespread disruption to healthcare services.
Americans were warned this week about a potential “urgent threat” to the United States, which was later linked to a Russian effort to develop the capability to launch nuclear weapons in space. While no one has disputed the authenticity of the threat, WIRED has learned that the leak was part of a behind-the-scenes campaign to block privacy-focused reforms of a major US surveillance program known as Section 702.
Reproductive rights advocates backed changes to Section 702, which would have prohibited the sale of Americans’ private information to the FBI and US intelligence agencies. The leak was the result of a week of backroom negotiations, sparked by an email from top House Intelligence Committee lawmakers. The current state of Section 702 reform is stagnant.
The US-designated terrorist organization Hezbollah and more than two dozen other US-sanctioned people and organizations had “verified” X accounts on Elon Musk’s troubled social networking platform, X, because of the platform’s premium membership options. In the meantime, researchers at Mozilla discovered that chatbots posing as “AI girlfriends” and other purported love companions are a nightmare for privacy. Lastly, we discussed the ways that cyberattacks frequently go unnoticed and disproportionately affect communities of color and other vulnerable individuals.
That’s not all, though. Every week, we compile the security news that we didn’t have time to discuss in-depth. To read the complete stories, click the headlines. And be careful when you’re out there.
How Not to Lose $50,000 to a Scam
Anyone can fall victim to a scam. Even more uncommon is the courage to admit to the world just how thoroughly you were tricked. Freelance financial writer Charlotte Cowles describes how she was tricked into placing $50,000 in a shoebox and giving it to a stranger in a white Mercedes on the orders of someone posing as a CIA agent in a terrifying piece for The Cut.
A call from a number that Cowles’ caller ID showed as “Amazon” sparked the complex hoax. Cowles was then informed by a “polite woman” that she had been the victim of identity theft. Her call was routed by the (false) Amazon employee to a (fake) FTC representative, who then connected her to a (fake) CIA operative. The scammer, posing as a CIA agent named Michael, kept Cowles on the phone for hours, all the while scaring her into thinking she had arrest warrants for various serious crimes linked to the (fake) identity theft, and that the only way she could stop from having all her assets frozen was to withdraw the majority of her life savings and give it to the CIA, which
Almost all of the con artists persuaded Cowles to withdraw during the ordeal—tell no one, they said. nor the police, nor your husband. You might endanger your family if you do this. Even in the moment, Cowles suspected she was being scammed. But little details, like the fact that they knew the last four digits of her Social Security number, made Cowles doubt her better judgement. Besides, she had a 2-year-old son to protect.
Though there has been a mixed reaction to Cowles’ story, experts in cyber dangers say it’s naive to believe you’re too smart to fall for a skilled scammer. According to Selena Larson, a senior threat intelligence analyst at security company Proofpoint, “the reality is, criminals perpetuating fraud—whether via phone, email, or social media—are very good at social engineering.” Larson also calls Cowles “extremely courageous.”
Cowles was the victim of a scammer’s typical manipulation. According to Larson, these include “inducing fear for oneself or one’s family, stimulating or alluring someone with the prospect of wealth or love, or any number of heightened emotions to force them into making decisions they otherwise wouldn’t.” To protect yourself from scams like the one that hooked Cowles, Larson suggests being on high alert for anyone trying to isolate you from people in your life, and don’t trust someone posing as a government employee or celebrity. “Forcing a sense of urgency,” like asking for money immediately, is also a huge red flag. “If people are worried they are being targeted by fraudsters,” Larson says, “they should immediately break off contact and report the activity.”
Alternatively, embrace Cowles’s latest strategy and never pick up the phone.
Hackers from nation-states are also testing generative AI.
According to research released this week by Microsoft and OpenAI, generative AI tools like ChatGPT are extremely popular, even among hackers acting on behalf of North Korea, China, and Russia. Researchers found widespread use of generative AI tools for research, reconnaissance, “basic scripting tasks,” and ways to improve code used to carry out cyberattacks, but they also note that they have “not identified significant attacks” that use large language models like those powering OpenAI’s ChatGPT. Microsoft stated in a blog post detailing the findings that it and OpenAI “have not yet observed particularly novel or unique AI-enabled attack or abuse techniques resulting from threat actors’ usage of AI.” “However, Microsoft and our partners continue to study this landscape closely.”
US Disables Russian Fancy Bear Hackers’ Botnet
This Monday, the US Department of Justice declared that it had taken down a botnet that was under the control of APT28, a hacker collective known as Fancy Bear that works with Russia’s GRU military intelligence agency. The DOJ claims that the hackers installed the “Moobot” virus on hundreds of residential and commercial routers. The DOJ claims that this malware is associated with a group of cybercriminals. The DOJ claims that after using Moobot, Fancy Bear hackers “installed their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber espionage platform.” To seize control of the botnet, the US government also used the Moobot malware to delete “stolen and malicious data” in the routers and then tweaked the routers’ firewalls to prevent the hackers
100 Romanian hospitals are rendered offline by a ransomware attack.
Hospitals are a common target for ransomware attacks, but few have had the extensive effects of last week’s attack against Romania’s healthcare system. After hackers breached a well-known hospital administration system, about 100 hospitals had to take their systems offline. According to Romanian officials, the ransomware that attacked the Hipocrate Information System (HIS) on February 11th night encrypted the data of 25 hospitals. 75 more hospitals chose to voluntarily take their systems offline in order to prevent potential contamination. The hospitals are now obliged to use paper records due to the disruption. The attackers, who have not yet been identified, demanded a ransom of 3.5 bitcoin, or around $180,000, to decrypt the files.
Conclusion
The ransomware attack on Romanian hospitals underscores the critical need for enhanced cybersecurity measures globally. It’s a stark reminder of the potential consequences of cyber threats on essential services and infrastructure.
Connect with us for the Latest, Current, and Breaking News news updates and videos from thefoxdaily.com. The most recent news in the United States, around the world , in business, opinion, technology, politics, and sports, follow Thefoxdaily on X, Facebook, and Instagram .