Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label data vulnerabilities. Show all posts

Security Concerns Arise Over Chinese-Manufactured Surveillance Cameras Deployed at Romanian Military Locations

 

A routine procurement made by the Romanian military on January 16 for surveillance equipment manufactured in China has sparked concerns regarding national security implications.

Valued at under $1,000, an employee of the Romanian Defense Ministry purchased an eight-port switch and two surveillance cameras from Hikvision, a Chinese company with purported ties to the Chinese military. Notably, both the United States and Britain have blacklisted Hikvision due to identified data and security vulnerabilities.

Although there is currently no evidence of breaches at the Deveselu military base, an investigation by RFE/RL's Romanian Service revealed that Hikvision and Dahua, another Chinese company partly owned by the government, supply surveillance equipment to at least 28 military facilities and numerous other public institutions involved in national security across Romania.

While Romanian authorities assert that the equipment is used in closed-circuit systems without internet connectivity, experts argue that vulnerabilities in firmware could still pose risks, enabling remote access, data interception, and network attacks. Despite these concerns, Romania does not impose restrictions on the use of Hikvision or Dahua equipment, unlike some NATO allies such as the United States and Britain.

Both Hikvision and Dahua refute allegations of being security risks and claim to promptly address vulnerabilities. However, critics like Romanian parliament member Catalin Tenita argue that existing legislation could justify banning these companies' products.

The Romanian Defense Ministry maintains that its surveillance systems are secure, emphasizing strict testing and evaluation procedures. Similarly, the Deveselu Naval Facility, operated by U.S. forces, declined to comment on Romanian military purchases but emphasized their commitment to regional security.

NATO, while not formally banning third-country equipment, encourages vigilance against potential security risks. Secretary-General Jens Stoltenberg cautioned against reliance on Chinese technology in critical infrastructure, echoing concerns about Hikvision and Dahua's involvement.

Despite assurances from Romanian authorities, the history of vulnerabilities associated with Hikvision and Dahua equipment raises concerns among experts. Romanian institutions, including law enforcement and intelligence agencies, defend their procurement decisions, citing compliance with national legislation and technical specifications.

Some Romanian lawmakers, like Senator Adrian Trifan, advocate for further investigation and scrutiny into the prevalence of Hikvision and Dahua equipment in national security sites, underscoring the need for immediate clarification and review of procurement procedures.

Genetic Tester 23andMe’s Stolen Data of Jewish Users Sold Online

 


Ashkenazi Jews have been targeted in a Cyberattack, according to the reports malicious actors are advertising the sale of data sets containing names, addresses, and ethnic backgrounds of potentially millions of customers from the genetic testing firm 23andMe. They initially highlighted a batch that specifically includes information about individuals with Jewish heritage. 

On hacker forums, a snippet of the breached data was shared, particularly on a website where the perpetrators asserted that the sample encompassed 1 million data entries pertaining to Ashkenazi Jewish individuals. 

Additionally, as per Wired's report, on Wednesday, the malicious group put up data profiles for sale, pricing them between $1 and $10 per account. The sample allegedly contains entries for prominent tech figures such as Mark Zuckerberg and Elon Musk. 

However, the authenticity of these entries remains uncertain. While an inquiry into the data's authenticity is underway, the disclosed information aligns with an internal company scenario. This situation involved certain accounts being compromised, which in turn facilitated unauthorized access to additional data via 23andMe's DNA Relatives feature. 

The customer profile details were obtained by gaining entry into individual accounts, but it's important to note that the company's overall security was not compromised. The compromised data does not seem to encompass the raw genetic data that the company processes. Instead, it comprises particulars such as gender, birth year, genetic lineage findings, and geographical ancestry information. 

“We do not have any indication at this time that there has been a data security incident within our systems, rather, the preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentials,” a spokesperson from 23andMe reported to Forbes. 

DNA testing companies like 23andMe have come under scrutiny from privacy advocates and regulators due to concerns about handling sensitive genetic data. A privacy specialist from Stanford University pointed out in 2021 that a critical question revolves around where genetic data is being sent and why various companies and investors have a financial interest in it. 

23andMe, having gone public via a Richard Branson SPAC two years ago, provides consumers with both ancestral information and health advice. This includes personalized dietary recommendations and insights into potential genetic predispositions to diseases or conditions. The company consistently emphasizes that user data is only shared externally through opt-in agreements and, when shared, is meticulously anonymized for privacy protection. 

What could be the future cybersecurity risks associated with sharing sensitive genetic data: 

1. Cybersecurity Breaches: Despite robust security measures, there is an ongoing risk of cyber-attacks that could compromise the confidentiality and integrity of genetic data. 

2. Data Exploitation for Identity Theft: Stolen genetic data could potentially be used in sophisticated identity theft schemes, undermining personal security measures. 

3. Targeted Cyber Threats: Individuals with identifiable genetic markers may become targets for cyber threats, including phishing attempts or social engineering attacks. 

4. Ransomware and Extortion: Cybercriminals may use sensitive genetic data as leverage for extortion, demanding payments or other concessions in exchange for not disclosing or misusing the information. 

5. Biometric Authentication Risks: As genetic data plays a role in biometric authentication, unauthorized access to this information poses a direct threat to security measures relying on biometric factors. 

6. Healthcare Data Integration Risks: The integration of genetic data with electronic health records introduces new attack vectors, potentially leading to unauthorized access or manipulation of health-related information. 

7. Distributed Denial-of-Service (DDoS) Attacks: Genetic testing companies and associated platforms may become targets of DDoS attacks, disrupting services and compromising data availability. 

8. Third-party Vendor Vulnerabilities: If genetic data is shared with third-party vendors, their cybersecurity practices and vulnerabilities could directly impact the security of the data. 

9. Pharming Attacks: Cybercriminals might create fake websites or services claiming to offer genetic testing, leading individuals to unknowingly disclose sensitive information. 

10. Social Engineering Exploits: Cybercriminals may use information from genetic data to craft convincing social engineering attacks, aiming to deceive individuals into revealing further personal or financial details. 

It is imperative for individuals to exercise caution and seek services from reputable, well-secured platforms when dealing with genetic data. Additionally, organizations handling genetic information should prioritize robust cybersecurity measures to protect against these potential risks.

Twitter 5.4 Million Users Data is Up For Sale For $30,000

 

A Vulnerability in Twitter’s databases that allowed hackers group access to the personal data of 5.4 million Twitter users, has been patched. The report analysis said that the stolen data is up for sale at a $30,000 price. 

On Friday Twitter reported that a team of researchers has found that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. 

“This bug resulted from an update to our code in June 2021. When we learned about this, we immediately investigated and fixed it. At that time, we had no evidence to suggest someone had taken advantage of the vulnerability,” Twitter reported.

In January 2020, various cyber security news platforms published a story on Twitter’s vulnerability that allowed hackers and other malicious actors to access sensitive data including phone numbers and email addresses of millions of users, leaving it susceptible to being accessed by anyone. 

What's even more threatening is that the data details could be accessed even if a user had enabled privacy settings to hide these details publicly. 

"As a result of the vulnerability, if someone submitted an email address or phone number to Twitter's systems, Twitter's systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any," the company said in an advisory. 

When vulnerabilities in the system are not discovered by the software or hardware manufacturer remain, they remain a potentially hazardous threat. In most incidents, zero-day vulnerabilities are noticed by security experts like white-hat hackers, and security analysts inside tech companies. The essential thing to be noted about a zero-day is that there is no patch or update yet created for it, so long as it remains zero-day. 

Twitter said that the company has started notifying users affected by the attack and urging its users to turn on two-factor authentication to protect data against unauthorized logins.