Infosec Round-Up: July 12th 2020

Instagram Star Arrested for Cyber Crime & UK's 5G Future

Hello, I am Alex James, and this is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

UK to Review Huawei’s 5G Future

As GCHQ’s NCSC delivers new report, the UK is this week expected to review the role that Chinese technology company Huawei will play in its 5G networks.

In a matter which some thought to be settled in January, a National Cyber Security Centre review is expected to alter policy, moving forward, as to the level of involvement of Huawei in the UK’s telecommunications networks.

Having previously been granted ‘non-core’ involvement in 5G, Huawei is what some may define as a “high-risk state vendor”, and following new US sanctions, the NCSC is reported to have stated themselves unable to assure the security of Huawei products.

With reports that BT and Vodafone have been given until 2030 to extract Huawei technology from existing 5G infrastructure, how much UK policy is being guided by US political pressure is a matter of some speculation.

Digital Secretary Oliver Dowden said of the report that though no final decision has been made, the UK wished “to diversify away from these so-called high-risk vendors, of which Huawei is the principal one”. Adding, “we want to be in a position where we don't have high-risk vendors in our networks at all.”

Facing some directed criticism, Huawei’s Head of International Media, UK, Paul Harrison tweeted: "UK policy is being dictated by [the] Trump administration... shouldn't the US respect a United Kingdom in the post-Brexit era being in a position to choose its own telecommunication strategy?" 

As well as this, China’s ambassador to the UK, Lui Xiaoming warned, should the tech company be banned, trust between the UK and China would likely be damaged; stating “you cannot have a golden era if you treat China as an enemy.”

All happening with the backdrop of sweeping new security laws being imposed upon formed British-owned Hong Kong by Beijing, any change of UK policy is expected to be announced by the end of July.

Instagram Star Hushpuppi Arrested for Cyber Crime

Popular social media personality Ramon Olorunwa Abbas, also knowns as Hushpuppi has been accused of plotting to launder millions of dollars in ill-gotten cyber-crime gains.

The 37-year-old Instagrammer was tracked down by the FBI, extradited from his luxury residence in the United Arab Emirates (UAE) to America and is now facing charges for a number of online scams.

With around 2.3 million online followers, Hushipuppi, also known as The Billionaire Gucci Master!! (as he called himself on Snapchat), was tracked down when law enforcement examined connections made between multiple online accounts, including Abbas’ personal Gmail address.

Accused of scamming a US bank out of £922,857, targeting an unnamed English Premier League football team and defrauding other financial institutions, Abbas flaunted his opulent lifestyle across social media channels.

Many of the crimes reportedly involve business email compromise (BEC); a form of information security attack which involves the unauthorised access to business email accounts being exploited to intercept and redirect payments and funds.

The Assistant Director in charge of the FBI's Los Angeles office, Paul Delacourt stated: “In 2019 alone, the FBI recorded $1.7 billion in losses by companies and individuals victimized through business email compromise scams, the type of scheme Mr. Abbas is charged with conducting from abroad.”

Adding, "while this arrest has effectively taken a major alleged BEC player offline, BEC scams represent the most financially costly type of scheme reported to the FBI."

The affidavit filed also alleges that Abbas conspired to launder hundreds of millions of dollars; charges which, if the defendant is found guilty of, carries a statutory maximum sentence of 20 years in federal prison.

If you are interested in finding out more about Hut Six’s information security awareness training, follow the links below to learn more about our solutions.