Cyber Week in Review: April 16, 2021
Data of 1.3 Million Clubhouse Users Leaked Online
Days after the personal information of 533 million Facebook users and 500 million LinkedIn users were scraped from their respective platforms and leaked online, Clubhouse has suffered a data leak of its own. According to CyberNews, the data of 1.3 million Clubhouse users was posted for free on a popular online hacking forum on Saturday. The scraped information includes user IDs, names, photo URLs, social media handles, and other publicly available data. Following the news, Clubhouse CEO Paul Davidson argued that coverage of the alleged leak was “misleading and false,” stating that “the data referred to is all public information from our app, which anyone can access via the app or our API.” Although Davidson is correct that the platform was not technically “hacked,” some have still raised concerns about Clubhouse’s lack of explicit anti-scraping measures outside of their terms of service. “The end result is still that the data is now available in a collected and searchable format when it wasn’t before,” Alex Perry of Mashable added.
Biden Taps National Security Agency Veteran as First National Cyber Director
On Monday, President Joe Biden announced that he will be nominating former Deputy Director of the National Security Agency (NSA) Chris Inglis as the nation’s first cyber director. The twenty-eight-year NSA veteran has been a long proponent of hardening the United States’ resiliency against cyberattacks, arguing in the past that the country’s current strategy has been “all offense and no defense.” He further stated in a July 2020 interview with Strategic Studies Quarterly [PDF] that “there are inconsistencies and gaps across the various departments and agencies, and our nation does not have a cohesive vision for how to work together across the federal enterprise, let alone the private sector.” Inglis’ nomination has received bipartisan praise, with Senator Angus King (I-ME), who is co-chairman of the U.S. Cyberspace Solarium Commission and Inglis’ former colleague, stating that he has been “extremely impressed by [Inglis’] judgement, his knowledge, his demeanor.” If confirmed, Inglis will likely be tasked with improving cooperation between the public and private sectors in reporting and combatting cyberattacks—such as the SolarWinds breach—among other initiatives.
Operation to Block Hacker Access to Microsoft Exchange Servers Approved by Justice Department
The U.S. Department of Justice (DOJ) announced on Tuesday that it has executed an order to “copy and remove” hundreds of malicious back doors into vulnerable computers exposed by a Microsoft Exchange Server vulnerability. The vulnerability, which has been exploited by hackers since January, has been used to access email servers and install web shells that facilitate long-term access to targeted networks. According to the DOJ, each web shell has a “unique file name and path,” rendering it difficult for individual servers to “detect and eliminate” these infections. Although some victims have been able to successfully remove these shells from thousands of devices, the DOJ operation aims to assist those that remain unable to mitigate the threat. “Today’s court-authorized removal of the malicious web shells demonstrates the Department’s commitment to disrupt hacking activity using all of our legal tools, not just precautions,” said Assistant Attorney General John C. Demers. The operation appears to have been successful, but the department strongly advises users to remain alert because it did not patch any of the zero-day vulnerabilities in Microsoft Exchange Server software the hackers used to gain initial access or search for malware that perpetrators could have implanted on victim devices.
The United States Imposes New Sanctions on Russia For SolarWinds Breach
President Joe Biden announced on Thursday the imposition of new and extensive economic sanctions in response to Russia’s role in the SolarWinds breach that impacted numerous U.S. government agencies and private corporations. According to the White House, the sanctions specifically target thirty-two entities and individuals accused of disinformation campaigns and interfering in the 2020 U.S. presidential election, and six Russian technology companies accused of aiding the Kremlin’s “dangerous and disruptive cyber attacks.” Moreover, the Biden administration expelled ten Russian diplomats from the Russian Embassy in Washington, DC, as well as banned American banks from purchasing Russian government debt. “I chose to be proportionate,” President Biden said of the new sanctions. “The United States is not looking to kick off a cycle of escalation and conflict with Russia. We want a stable, predictable relationship.” Russia’s Foreign Ministry called the sanctions “aggressive,” and Russia has responded by expelling ten U.S. diplomats and placing a travel ban on other officials.
Romania Bars China and Huawei From Domestic 5G Development
On Thursday, the Romanian government approved a bill that effectively bars China and Huawei from participating in the country’s 5G development. The bill, which was part of an agreement with the United States, adopts a “risk-based security approach” that involves “careful and complete evaluation of 5G vendors,” including evaluating whether Huawei was subject to “control by a foreign government.” “National security is a key goal and protecting Romania’s future generations’ personal data is crucial,” Pavel Popescu of Romania’s Chamber of Deputies said after the bill was approved. The United States has long blamed Huawei for aiding in Chinese state surveillance, an accusation that the company repeatedly denies. This recent legislative moratorium reflects Romania’s established stance as a steadfast U.S. ally and a victory for the United States as it continues to try to convince other countries to exclude Huawei from domestic telecommunications infrastructure.