NEWS WRAP-UP: Identity theft hits record levels globally; Researchers find robots susceptible to hacks; Sen. McCain calls Trump’s cybersecurity policy ‘weak’

By Byron V. Acohido

Week ending Aug. 26. Identity theft is reaching “epidemic levels,” says U.K. fraud prevention group Cifas, with people in their 30s the most targeted group. A total of 89,000 cases were recorded in the first six months of the year, a 5 percent increase over the same period last year and a new record. “We have seen identity fraud attempts increase year on year, now reaching epidemic levels, with identities being stolen at a rate of almost 500 a day,” said Cifas CEO Simon Dukes. “The vast amounts of personal data that is available either online or through data breaches is only making it easier.” ID theft accounts for more than half the fraud that Cifas records. More than four in five crimes were committed online, with many victims unaware that they had been targeted until they received a bill or realized their credit rating had fallen. Fraudsters steal identities by gathering name, address, date of birth and bank account details, often by stealing mail, hacking computers, trawling social media, tricking people into giving details, or buying data through the dark web. Cifas said the latest figures show there has been a sharp rise in fraudsters applying for loans, online retail, telecoms and insurance products. Sources: BBC News, Huffington Post U.K.

$500,000 offered for messaging mobile app exploits

Zerodium is offering $500,000 for weaponized exploits that work against mobile apps that offer confidential messaging or privacy, such as Signal, WhatsApp, iMessage, Viber, WeChat, and Telegram. The broker said it would pay the same rate for exploits against default mobile email apps. Those are among the highest prices Zerodium offers. Only remote jailbreaks for Apple’s iOS devices fetch a higher fee, with $1.5 million offered for those that require no user interaction and $1 million for those that do. Source: Ars Technica

A hack wrapped inside an Enigma mailing list

Enigma, a platform that’s preparing to raise money via a crypto token sale, had its website and a number of social accounts compromised, with the perpetrators netting nearly $500,000 in digital coin by sending out spam. Enigma didn’t lose any money; the hackers targeted the Enigma community, people who joined the company’s mailing list or Slack group to learn more about its ICO in September. Source: Tech Crunch

Researchers says robots are too easy to infiltrate

Some of the most popular industrial and consumer robots are easy to hack and could be turned into bugging devices or weapons, cybersecurity firm IOActive says. The company found major security flaws in industrial models sold by Universal Robots, a division of Teradyne. It also cited issues with robots Pepper and NAO, manufactured by Japan’s Softbank Group, and the Alpha 1 and Alpha 2 made by China-based UBTech Robotics. These vulnerabilities could allow the robots to be turned into surveillance devices or let them be hijacked and used to physically harm people or damage property. Source: Bloomberg

McCain calls out Trump for lack of promised cybersecurity plan  

Sen. John McCain, R-Ariz., criticized President Trump over his lack of a cybersecurity policy, calling the administration’s leadership on the issue “weak.” During remarks at a cybersecurity conference hosted by Arizona State University, McCain dinged Trump for not delivering on his promise of producing a plan to combat cyber attacks within 90 days of taking office. “As America’s enemies seized the initiative in cyber space, the last administration offered no serious cyber deterrence policy and strategy,” McCain said. “And while the current administration promised a cyber policy within 90 days of inauguration, we still have not seen a plan.” Source: The Hill

Ukraine issues warnings about another possible computer virus attack

Ukrainian cyber security firm ISSP may have detected a new computer virus distribution campaign, after security services said Ukraine could face cyber attacks similar to those that knocked out global systems in June. The June 27 attack, dubbed NotPetya, took down many Ukrainian government agencies and businesses, before spreading rapidly through corporate networks of multinationals with operations or suppliers in eastern Europe. The state cyber police said they also had detected new malicious software. Source: Reuters

Naval ship accident raises concerns about possibility of hacking

The Pentagon won’t yet say how the USS John S. McCain was rammed by an oil tanker near Singapore, but the Navy’s reliance on electronic guidance systems could attract a cyber attack. The incident occurred near the Strait of Malacca, a crowded 1.7-mile-wide waterway that connects the Indian Ocean and the South China Sea and accounts for roughly 25 percent of global shipping. “When you are going through the Strait of Malacca, you can’t tell me that a Navy destroyer doesn’t have a full navigation team going with full lookouts on every wing and extra people on radar,” said Jeff Stutzman, chief intelligence officer at Wapack Labs, a cyber intelligence service. Source: McClatchy News Service

Federal cyber official warns against use of Kaspersky Lab software

Rob Joyce, the Trump administration’s cybersecurity coordinator, warned the public against using software from Kaspersky Lab. U.S. officials believe the company has ties to the Kremlin, and the federal government has vowed not to use its products. FBI officials have met with private industry representatives to relay concerns about Kaspersky, a Moscow-based cybersecurity company with suspected ties to Russian intelligence. Source: CBS News

Lindsey Vonn decries release of nude photos hacked from phone

Olympic ski champion Lindsey Vonn is branding as a “despicable invasion of privacy” the stealing and leaking online of nude photos of her by someone who hacked her cell phone. The hacker also leaked at least one old private photo of Vonn’s ex-boyfriend Tiger Woods, a lawyer representing both of them said. Source: Minneapolis Star Tribune

Robert Downey Jr. warns fans about online scam using his name

Robert Downey Jr. warned fans of an online scam in which impersonators contact fans through private message via social media, convince a victim they are the actor and ask for donations to charity groups. “I will never communicate via private chat platform,” the actor said in a statement on his verified Twitter account. “And I would never ask individual fans for money for any reason.” Source: The Hollywood Reporter

This article originally appeared on


Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone