InfoSec Round-Up: Jan 10th

Assange Extradition, Vaccine Scams, App Bans & SolarWinds Hack

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

Assange Not to be Extradited

A UK court has ruled that founder of WikiLeaks and accused hacker Julian Assange cannot be extradited to the United States over concerns for Mr Assange’s mental health.

Assange, who has spent most of the last decade held up in London’s Ecuadorian embassy, is wanted in the US over the publication of thousands of stolen and classified documents, many of which related to US military efforts in Afghanistan and Iraq.

Facing an 18-count indictment from the US government, Assange is accused of conspiring to hack military databases and leaking classified material that endangered lives.

Following the ruling, the American justice department expressed their disappointment, though are expected to lodge an appeal, which they have 14 days to do so.

Described by the judge as a “sometimes despairing man fearful for his future”, Judge Vanessa Baraitser ruled that while US prosecutors had met the tests for Mr Assange to be extradited, the US was incapable of preventing him from attempting to take his own life.

Stating: "Faced with the conditions of near total isolation without the protective factors which limited his risk at HMP Belmarsh, I am satisfied the procedures described by the US will not prevent Mr Assange from finding a way to commit suicide and for this reason I have decided extradition would be oppressive by reason of mental harm and I order his discharge."

Microsoft Targeted Following SolarWinds Hack

Microsoft has announced the nation state behind a recent large scale cyber-espionage campaign has gained access to some of the firm’s source code.

Emanating from SolarWinds’ Orion software, a software used by many government agencies and technology firms, SolarWinds disclosed in mid-December that their product had been compromised with malicious code being inserted.

Following the disclosure, the US Cybersecurity & Infrastructure Security Agency (CISA) issued an alert, warning of potential impact to “enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations.”

With some experts at the time warning it may take over a year for organisations to determine whether attackers had penetrated their systems, SolarWinds had been warned years before about its poor cyber security.

Responding to the breach, a Microsoft spokesperson explained, “Our investigation has revealed attempted activities beyond just the presence of malicious SolarWinds code in our environment.”

Adding, “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories.”

Fake NHS Vaccine Messages

Trading standards officers have warned that UK residents should be particularly vigilant of phishing scams, following a spate of vaccine related text messages attempting to steal financial information.

The messages, which tell recipients that they are “eligible to apply for [their] vaccine”, link to a fraudulent NHS website designed to harvest users bank details, with health authorities stressing that they will ever ask for this information.

Just one of the many scams that sought to exploit the pandemic, by July it was reported that UK residents had already lost upwards to £11 million to COVID-related scams.

Katherine Hart, lead office at the Chartered Trading Standards Institute (CTSI), stated on the matter: "I have been tracking and warning the public about COVID-related scams since the beginning of the pandemic, and at every stage of response, unscrupulous individuals have modified their campaigns to defraud the public.”

Urging individuals to report such scams, she added “The vaccine brings great hope for an end to the pandemic and lockdowns, but some only wish to create even further misery by defrauding others. The NHS will never ask you for banking details, passwords, or PIN numbers and these should serve as instant red flags."

Executive Order Bans Eight Chinese Apps

US President Donald Trump has this week signed an executive order banning the use of eight Chinese made apps, including QQ Wallet, VMate WeChat Pay and CAMScanner.

Again, describing the named applications as a threat to “national security, foreign policy, and economy of the United States”, this decision comes as the latest development over concerns of Chinese data collection and tracking.

Other popular Chinese-made apps, including WeChat and TikTok, were the targets of executive orders last year, though these sanctions were subsequently blocked by various state judges. Whether the most recent bans will hold up, remains to be seen.

In a message to Congress, the President iterated the “pace and pervasiveness” of the spread of Chinese software, stating: “By accessing personal electronic devices such as smartphones, tablets, and computers Chinese connected software applications can access and capture vast swaths of information from users, including sensitive personally identifiable information and private information.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.