Security News This Week: Even the CIA and NSA Use Ad Blockers to Stay Safe Online

Everything was old new again this week when ransomware came roaring back in the headlines and hit, among other things, a crucial Iowa grain collaboration. And WIRED teamed up with DeSnake, the former number two on the dark web marketplace AlphaBay, to hear about his resurgence and relaunch of AlphaBay four years after law enforcement removed it. “The AlphaBay name was put in a bad light after the raids. I’m here to fix it,” DeSnake said.

The Groundhog Day vibes continued with the annual release of Apple’s latest mobile operating system, iOS 15. The new operating system comes with a wide range of privacy features, including more detailed information about what your apps are doing, a mechanism to block email trackers and a kind of VPN Tor Frankenstein monster called iCloud Private Relay that protects your browsing activity. Use WIRED’s handy guide to get started and start changing some settings.

And if you want a DIY project that is not tied to a technology company’s fenced garden, we have tips on how to create your own network-based storage (NAS) that connects directly to your router and gives you a place to share files between your devices or easily back up.

And there is more! Every week, we round out all the safety news that WIRED did not cover in depth. Click on the headlines to read the full stories, and be sure out there.

A letter to Congress shared with the motherboard shows that the U.S. National Security Agency, the Central Intelligence Agency and other members of the Intelligence Community use ad blockers on their networks as a security protection. “The IC has implemented network-based ad blocking technologies and uses multi-layer information, including domain name system information, to block unwanted and malicious advertising content,” IC’s chief information officer wrote in the letter.

You can use an ad blocker to make your browsing experience more enjoyable, but the tools also have potential defense benefits. Attackers who try to run malicious ads on unscrupulous ad networks or harass legitimate-looking ads can steal data or sneak malware into your device if you click, or sometimes by exploiting web vulnerabilities. The fact that ICs view ads as an unnecessary risk and even a threat speaks to many years of problems with the industry. The NSA and the Cybersecurity and Infrastructure Security Agency have in recent years published guidelines on the use of ad blockers as a security protection, but the IC was not itself obliged to adopt the measure. Its members deployed ad blockers voluntarily.

The security department of the Russian telecom giant Rostelecom removed part of a notorious botnet this week thanks to a bug introduced by the developers of the malicious platform. The bug allowed Rostelecom to “sink” part of the system. A botnet is a zombie army of devices that have been infected with malware to centrally control coordinated operations. The platforms are often used for DDoS attacks, where actors direct a fire hose of unwanted traffic at a target’s web systems in an attempt to overload them.

The Meris botnet is currently the largest botnet available to cybercriminals and is thought to consist of around 250,000 systems working together. It has been used against targets in Russia, the United States and the United Kingdom, among others. Rostelecom’s partial removal is significant because Meris attacks are strong and challenging for targets to combat. Earlier this month, a Meris attack on Russian tech giant Yandex broke the record for the largest ever volumetric DDoS attack. Yandex managed to defend itself against the attack.

European law enforcement in Italy and Spain have arrested 106 people suspected of carrying out a massive fraud campaign for many years, with profits totaling more than $ 11.7 million in the last year alone. And police said this week that the people involved have ties to an Italian mafia group. The suspects allegedly ran phishing schemes, carried out business email compromise scams, launched SIM swapping attacks and generally committed credit card fraud against hundreds of victims. The activity was also allegedly linked to drug trafficking and other property-related crimes. To actually retrieve funds from these digital scams, the suspects have allegedly laundered stolen money through a system of money mules and shell companies. In addition to the arrests, law enforcement froze 118 bank accounts and seized computers, SIM cards, 224 credit cards and an entire cannabis plantation in connection with the bust.


Several great WIRED stories

William

Leave a Reply

Your email address will not be published.