Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
Real-Time Service Alerts
In a shocking new report (via BleepingComputer), a team of researchers at Imperial College London have found fundamental flaws in the technology behind Apple’s CSAM (Child Sexual Abuse Material) detection system. Apple intends to launch CSAM across all iPhones and iPads running iOS 15, but the report states that it is simple for images to both evade detection and “raise strong privacy concerns” for users.
CSAM operates by comparing image hashes (IDs) of pictures shared privately between iOS users to databases provided by child safety organizations. If matches are found then authorities and, where appropriate, parents are automatically notified. In theory, this makes the system rigorous and private. The problem is Imperial researchers found the whole system (and all systems of its type) can be bypassed simply by applying a hashtag filter to any image.
The filter sends an alternative hashtag to the detection systems and this fooled them 99.9% of the time. Moreover, the filter is virtually invisible so images appear unchanged to the human eye. The researchers also found that the only countermeasure Apple could take would be to increase the hash size (from 64 to 256), but such a move significantly increases false positives while also encoding more user data into images which introduces serious privacy concerns.
“Our results shed strong doubt on the robustness to adversarial black-box attacks of perceptual hashing-based client-side scanning as currently proposed,” explain the researchers. “The detection thresholds necessary to make the attack harder are likely to be very large, probably requiring more than one billion images to be wrongly flagged daily, raising strong privacy concerns.”
CSAM has already been widely condemned. In August, Edward Snowden said it “will permanently redefine what belongs to you, and what belongs to them”, pointing out that governments could force Apple to search for any images they desire.
“I can’t think of any other company that has so proudly, and so publicly, distributed spyware to its own devices… There is no fundamental technological limit to how far the precedent Apple is establishing can be pushed, meaning the only restraint is Apple’s all-too-flexible company policy, something governments understand all too well.”
Having initially tried to defend CSAM as poorly communicated, Apple has subsequently delayed its mass release on iPhones and iPads until 2022. Following these latest revelations, however, questions must be asked about the viability of the system as a whole.
I have reached out to Apple for comment on these findings and will update this post when/if I receive a reply.
___
Follow Gordon on Facebook
Dark Web ID’s Top Threats This Week
Diamond Comic Distributors
https://bleedingcool.com/comics/diamond-comic-distributors-targeted-by-ransomware-attack/
Exploit: Ransomware
Diamond Comic Distributors: Periodical Distributor
Risk to Business: 1.417= Severe
It’s a bird, it’s a plane, it’s a ransomware attack at Diamond Comic Distributors. The Baltimore-based company, the exclusive distributor of Image Comics and a publishing outlet for dozens of small-press comics publishers, suffered a ransomware attack last Friday that took down the company’s website and customer service platforms all weekend into Monday. Diamond said in a statement that it did not anticipate that any customer financial data had been impacted by this event. Investigation and recovery is underway with some functions already restored.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware can cost companies a fortune from operational disruption alone even if no data is snatched, not to mention incident response costs.
IntegraMSP to the Rescue: Learn more about how ransomware is evolving, what we predict that you’ll see next and how to protect your clients in Ransomware Exposed. GET THIS EBOOK>>
Electronic Warfare Associates (EWA)
Exploit: Phishing
Electronic Warfare Associates (EWA): Defense Contractor
Risk to Business: 1.822=Severe
A phishing attack that snared an employee is the suspected cause of a breach at defense contractor Electronic Warfare Associates (EWA). The company is a major provider of specialized software for the US defense establishment including the Pentagon, the Department of Defense (DoD), the Department of Justice (DoJ) and the Department of Homeland Security (DHS). EWA’s investigation determined that an attacker broke into an EWA email account in August 2021 after a phishing operation. The intrusion was uncovered when the attacker attempted a wire transfer. Employee PII was exposed and concern remains that sensitive defense information may also have been exposed.
Individual Risk: 1.703=Severe
EWA has admitted that the attackers snatched files with certain personal information including name and Social Security Number and/or drivers’ license number for an undisclosed number of EWA employees, but no further information was given.
Customers Impacted: Unknown
How It Could Affect Your Business Phishing is an equal opportunity offender and no less likely to be successful against the presumably cybersecurity savvy employees of a tech company as any other business.
IntegraMSP to the Rescue: Help your clients build a powerful defense against today’s top cybersecurity threat, phishing, with the knowledge and threat intelligence you’ll gain in our eBook The Phish Files. DOWNLOAD IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors relted to the assessed breach.