UNM4SK3D: CIA, Apple, and TSA

Join Cybrary

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

< Back to Blog Posts

UNM4SK3D: CIA, Apple, and TSA

Published: March 24, 2017 | By: Olivia | Views: 2134
save

cyber_security_news

#wikileaks (again).

Dark Matter may sound like a new sci-fi movie, but it’s actually the latest of the WikiLeaks Vault 7 classified documents shared with the public.These new documents, which build off of this month’s previous leak, describe specifically how the CIA monitors Apple devices. 

Developed by a special division of the CIA called Embedded Development Branch (EDB), the agency uncovers attack vectors specific to Apple MacOS and iOS devices, some of which have been used since 2008. The CIA has created a malware that is specially designed to infect Apple firmware in a way that the infection remains active even if the operating system has been re-installed. These hacking programs also come with bizarre code names, like NightSkies 1.2 and Sonic Screwdriver (which could also be a clever drink name) but are anything but comical. Perhaps most terrifying is NightSkies 1.2, which is physically installed by a CIA operative on “factory fresh iPhones,” to spy on the owner. WikiLeaks believes it’s possible the CIA has redirected iPhone shipments to install the tool.

Sonic Screwdriver, mentioned in a 2012 document, is a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting.” It allows hackers to deliver malware from a peripheral device, such as a USB stick, even when a firmware password is enabled on the device.  Other tools, including one that lives inside the computer’s software that allows the exploit to function, were also documented by Wikileaks. All of this information, including detailed manuals, are available online for anyone to access.

Android users may be rejoicing for the moment, but there’s not telling what information will be released next, or when. Thus far, the only comment from Apple was that nearly 80% of the flaws addressed in the leaks have already been fixed with security patches and added that it “will continue work to rapidly address any identified vulnerabilities.” But perhaps the most pressing question is how the rest of the web can use this information maliciously.

The Dark Matter release is “a small example” of similar material this organization plans to release in the coming days and weeks -WikiLeaks founder Julian Assange

If you missed the initial Wikileaks Vault 7 documents report, catch up by reading ‘UNM4SK3D: CIA, Headphones, and Consumer Reports.’

#ransomware

It’s a tough week for iPhone users. Aside from the possibility of having your device tampered with by the CIA, now there’s the possibility of having your device’s data erased. A new hacking group who calls themselves ‘Turkish Crime Family,’ claim to have access to over 300 million iCloud accounts. Talk about bad apples.

Demanding a ransom of $75,000 in crypto-currency or $100,000 worth of iTunes gift cards, the attackers threaten that if Apple does not pay by April 7th, it will delete the data from those devices. The problem is, Apple says it’s systems haven’t been breached. Apple’s security team attempted to verify the claim by asking for a sample list of hacked accounts, but the group only provided a YouTube video demonstrating access to one of the allegedly hacked accounts and remotely wiping all content from the device.

The story in its’ entirety seems inconsistent. One tweet says they have 200 million accounts, one email says 300 million, and another 500 million. On Twitter, the group has also voiced the ransom amount is much higher than the $75,000 shared by media but does not specify. NakedSecurity also speculates “why would you not ask for something with a less clean audit trail?” since iTunes vouchers are extremely traceable. Many are wondering if the threat is actually real. Questions yet to be answered include “Do they really have access?” “If so, how did they get access?” among others. Apple has warned the group that it does not reward cyber criminals for breaking the law and asking them to remove the video as it was ‘seeking unwanted attention.’ Whether the company gives in, or toughs things out, take the necessary precautions by changing your iCloud password and monitor the account.

 I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing -Turkish Crime Family hacker

Do Apple users face more risk? Read this report from July 2016.

#electronicsban

It may be time to renew your subscription to the Book of the Month Club. That is if you’re traveling to the US or UK from any of the Middle Eastern countries recently included in a new travel rule which bans laptops or tablets in carry-on luggage.

This new ban means that any electronic device with the exception of any cell phone or medical device must be stowed in checked baggage for the duration of your flight. UK and US authorities have commented that the ban was the result of a credible security threat, without providing specific details. While each country’s ban differs slightly, the US restrictions apply to direct flights between the US and airports in eight countries in the Middle East and Africa: Egypt, Jordan, Kuwait, Morocco, Qatar, Saudi Arabia, Turkey, and the United Arab Emirates.

“Screening facilities at US airports should be able to catch explosives hidden in electronic devices, but this ban applies to US-bound flights originating abroad,” says Kip Hawley, former TSA employee. He suggests that this measure could be temporary until the necessary procedures and equipment are put in place. Many are doubtful they’ll get an explanation as to what the threat is, and how long the ban will last, but it seems countries are operating on the side of caution. While the debate over the ban and many objections to it play out, take the right measures by getting to the airport early and planning if affected by ban guidelines.

It is hard to know until they make some sort of announcement in terms of why they are doing this — why they picked those countries and those flights. My guess is, just like with the liquid ban, that they came across a potential threat. -James Norton, Department of Homeland Security

Devices are prone to electronic static discharge (ESD). Protect your safety by reading ‘Implementing Proper Safety Procedures.’

#factbyte

An analysis by Skycure of the patch updates among the five leading wireless carriers in the United States found that 71% of mobile devices still run on security patches more than two months old.

#certspotlight

Many companies, organizations, and even medical facilities are required to meet a certain compliance with regards to vulnerability management. And while the effort and complexity of vulnerability management can be overwhelming to those entities, it is an easy task for professionals versed in the high-level process.

Vulnerability Management is a continuous information security risk process that requires management oversight and includes a 4-tier approach of: discovery, reporting, prioritization, and response. The objective for Vulnerability Management Analysts is to determine internal and external weaknesses, report and resolve them.

The Fundamental Vulnerability Micro Certification covers usage of popular scanning tools, delivery of progress reports, and implementation of increased system coverage. Use code BUGME at checkout to earn this Micro certification FREE until 2/26 at midnight EST.

olivia2

Olivia Lynch (@Cybrary_Olivia) is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.

< Back to Blog Posts
Enjoy this blog post? Want more Cybytes?
Invite a Friend
and share now
Facebook Twitter Google+ LinkedIn Email
Join Cybrary
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel