FFT news digest Jun 3 2022

The mighty, fallen.

Spyware manufacturer, the NSO Group, considered restarting sales to "risky clients" in the face of a funding crisis caused by a protracted failure to generate revenues. According to The Financial Times, last November the company was so short of funds that it risked being unable to pay staff. The solution advanced by its chief executive was to "approve sales to customers flagged as elevated risk." Horrified, the consultancy brought in to manage the fund that owns NSO and refused to accept the suggestion. At one time, NSO earned $250 million a year from sales of its flagship Pegasus spyware. Those sales ground to a halt after a concerted reporting effort revealed the extent to which Pegasus had been used to surveil journalists, activists, diplomats and politicians.

The impact of media coverage on the NSO Group is encouraging, but it's only one company in a burgeoning industry that operates without any effective controls. NSO's problems only began when a stream of media reports pressured the US to blacklist the company and block its purchase of American technology to it. Other spyware manufacturers continue to operate, however, and the FT reports that NSO itself is planning to create a new entity designed to side-step the US sanctions. We scan clients' phones for spyware like Pegasus and the number of infected devices is very small. This is not a mass-scale threat but for those covering specific topics or based in high-risk countries it is essential to be aware of the threat that Pegasus and its competitors represent. The Netherlands is the latest country to have been caught using Pegasus. The Volksrant paper said the country's secret service used the software against targets including a most-wanted criminal.

Threats

Scams: The 'scam industry' is becoming increasingly structured and now accounts for 57% of all financially-motivated cybercrime. Group-IB says the number of criminal groups reached a record high of 390 last year with as many as 100 members in a single gang. In practice this means scams are becoming increasingly professional - and effective. That's borne out by research from the US which found that phone scams there cost $39.5 billion in the year to March.

C-Suite: Senior executives and their families are increasingly being targeted via their personal devices and home networks, according to BlackCloak. The security company protects exactly that demographic so it's hardly disinterested, but its findings do ring true. Help Net Security

WhatsApp: Crooks have found another way to hijack WhatsApp accounts. This one involves persuading the victim to set up call forwarding on their phone. Any such requests are a dead giveaway; just ignore! Bleeping Computer

Quickbooks: Customers are being targeted in an ongoing series of phishing attacks using fake account suspension warnings. Intuit

COVID-19: Fraudsters stole £50,000 from a UK food bank in a two-part attack that used a fake Test and Trace message followed by a call that impersonated a bank. BBC

Universities: Russian criminals are selling network credentials and virtual private network access for a "multitude" of US universities and colleges. FBI

Excel: An emailed spreadsheet will inject three pieces of malicious software if it's opened on a Windows machine. FortiGuard

China's Pacific strategy

Possibly the most significant story of the week is China's offer to help 10 South Pacific nations improve their communications and security infrastructure. A draft agreement revealed by Reuters pledges cooperation on data networks, cyber security and smart customs systems, as well as a police training programme. Pacific nations have not been enthusiastic about the plans, saying they could undermine their sovereignty. Earlier this year, China signed a security pact with the Solomon Islands that will allow Chinese police to protect Chinese-funded projects in that country. The US reacted by warning it would have "significant concerns and respond accordingly" to any steps toward establishing a permanent Chinese military presence in the strategically-important nation.

Eye spy

An extraordinary website called PimEyes offers the type of capability more normally associated with national intelligence agencies. The price is just $29.99 a month. The New York Times tested PimEyes on some of its journalists. Starting with a photo of the subject, the site unearthed dozens of images, some of which the journalists had never seen before. The results came not from social media but from "news articles, wedding photography pages, review sites, blogs and pornography sites." Most of the images were correct matches but, for the women journalists, the incorrect results often came from pornography websites. PimEyes users are supposed to search only for their own faces or for those of people who have given their consent, but there are no effective controls. A privacy advocate told the Times, “It’s stalkerware by design no matter what they say.”

In brief

Meta ToS: New Terms of Service from Facebook's owner reassure users that the social network won't collect user data in "new ways." 9to5Mac explains the reassurance is largely meaningless. And, in any case, an internal Facebook document has already revealed that the company's own engineers don't know how to manage user data to ensure they're properly protected.

Online Safety Bill: The UK's Culture Secretary may have taken to TikTok with a spectacularly bizarre (and content-free) rap but critics of the government's proposed Online Safety Bill are not distracted. From Big Brother Watch to The Economist, there are warnings about unintended consequences and the risk that the bill could "change the face of the internet".

Canada: Privacy groups are protecting against proposals to allow border agents to search electronic devices and examine texts, emails and photos. Reclaim The Net

iPhones: Another reason to keep iPhones up to date. A shyster company is offering software that circumvents the Activation Lock feature to stop anyone profiting from stolen phones. Motherboard

Humanitarian: The CyberPeace Institute and Partisia Blockchain Foundation have announced a collaboration designed to provide cybersecurity protection to humanitarian organisations. Help Net Security

Shameless: Canadian coffee chain, Tim Hortons, used its app to track users and record when they visited rivals. The country's privacy regulator is unimpressed.

Hail Mary: An 87-year-old woman in England was given a voice assistant. Her son is a Guardian journalist. He explains how his mother, who is a devout Catholic, asked it to recite the Hail Mary, only to find she had signed up for a premium subscription to 'Catholic Prayers' for £1.99 a month.

This is a condensed version of the email our clients receive. You can subscribe to receive the full digest.

Full Frame Technology

What we do 
Who we are 
Need to know
Privacy Notice
Website terms

Address

152-160 City Road
London, EC1V 2NX

Contacts
Email: info@fullframetech.com
Phone: +44 (0) 20 3290 2205
Support: +44 (0) 20 3290 2207

Company registration no. 10243217

© Copyright 2022 Full Frame Technology - All Rights Reserved