News for the cybersecurity community during the COVID-19 emergency: Friday, April 3rd, 2020. Daily updates on how the pandemic is affecting the cybersecurity sector.
Criminal economics. Geolocation for public health.
Criminals chatter about COVID-19's economic impact on their operations.
Digital Shadows has been looking over the shoulder of the hoods who chat amongst themselves in their dark web souks, and they've summarized the mood of the underworld, at least in its Russian- and English-speaking precincts, as revealed by the chatter. Some of their conclusions are entirely foreseeable. As the emergency cuts brick-and-mortar commerce way back, people are doing much more shopping online, and the criminals see opportunity for carding and other forms of online retail fraud. They're also shifting their direct fraud to follow the market: a number of them see opportunity in demand for face masks, vaccines, and other items people want but can't get (sometimes, as in the case of the vaccines, because such things don't exist).
On the other hand, the gangs are also feeling some economic pain. Opportunities for travel and event fraud have essentially dried up, and the criminals who specialized in these are feeling the pinch. The gangs are also having difficulty completing their theft when it requires an actual physical transfer of goods or cash (as it often does). They depend on dropworkers to close those deals, and they're having trouble getting their dropworkers to actually work. For one thing, the authorities are a lot more alert to people who are out and about with no evident legitimate purpose. For another, the dropworkers themselves are often "afraid to leave the house."
May the pandemic crash the cybercriminal economy fast and hard. Sure, that's overly optimistic, but one can hope, right?
Google will provide user location data to governments.
In support of enforced social isolation, Google yesterday decided to make location data in the form of mobility reports available to governments, the Wall Street Journal reports. According to France 24, the data are being collected from one-hundred-thirty-one countries.
Zoom works to close security and privacy holes.
The teleconferencing service is patching vulnerabilities disclosed to it as the company's services see an enormous spike in demand during the COVID-19 emergency's period of enforced social isolation and remote work. The Washington Post says that Zoom's quick response has generally been well-received, even by such normally skeptical critics as the Electronic Frontier Foundation. Errata Security offers some perspective on the bugs, advising users to take sensible security steps and not exaggerate the risk.
The University of Toronto's Citizen Lab takes a look at Zoom's less-than-end-to-end encryption (which CItizen Lab characterizes as "roll-your-own"). The Lab also points to Zoom's apparent ownership of three companies in China that have a total workforce of seven-hundred. They write software for Zoom in a typical labor arbitrage arrangement, but Citizen Lab worries that the Chinese connection could expose Zoom to pressure from Beijing.
More on what's up with cybersecurity conferences.
Another familiar name in the event space is rescheduling physical conferences and standing up a series of virtual events. SecureWorld has, like everyone else, postponed its physical events and instead introduced a series of daily Remote Sessions to help keep the community in touch and exchanging ideas. There's one today, in fact, and you'll find a full list on their website.