Julian Assange was back in the news this week, but so was a group called Distributed Denial of Secrets that has in many ways taken up the WikiLeaks mantle. Over the past year and a half, DDoSecrets has released troves of sensitive leaked data from anonymous contributors. And this week it published a dump called BlueLeaks—269 gigabytes of police files, largely from centralized "fusion centers," that included law enforcement emails, audio recordings, and memos.
At Apple's Worldwide Developers Conference on Monday, Apple announced that it will take more aggressive steps in Safari and iOS 14 overall to stop digital ad tracking and protect user privacy. Meanwhile, Google said on Wednesday that after much criticism it will now default to deleting your data, like "Web and App Activity" and location information, after 18 months instead of storing it indefinitely. The default will show up only on new Google accounts, though, or accounts that enable retention for the first time. Most current Google users will still need to manually set 18-month or three-month auto-delete.
This week we looked at a class of attacks that use "side channels" for clever and unexpected hacking. We walked through the process of bringing your old Signal messages with you to a new phone. And just to make you feel a little better about the chaos in your email inbox, we caught up with an engineer who is always drowning in messages meant for other people, thanks to an address he created 16 years ago that turned out to be booby-trapped.
And there's more. Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.
The United States Department of Justice announced a superseding indictment against WikiLeaks founder Julian Assange on Wednesday that expands the scope of the existing 18 charges against him. The indictment alleges that Assange and other WikiLeaks members collaborated with hacking collectives like LulzSec and Anonymous on what the DOJ calls "computer intrusions to benefit WikiLeaks." Assange was originally charged by the Justice Department in April 2019 with hacking crimes. Then, at the end of May, the DOJ unsealed a superseding indictment focused on alleged violations of the Espionage Act, a move that has been viewed as a potential assault on press freedom, whether you think Assange's work at WikiLeaks was journalism or not.
On Tuesday, senators Lindsey Graham (R–South Carolina), Tom Cotton (R–Arkansas), and Marsha Blackburn (R–Tennessee) introduced a bill that would require tech companies to build so-called lawful access tools, or backdoors, into their products to bypass encryption protections on users' data. The move is the most explicit attack on encryption from Congress in years. "Tech companies’ increasing reliance on encryption has turned their platforms into a new, lawless playground of criminal activity," Cotton said in a statement about the proposed legislation. "This bill will ensure law enforcement can access encrypted material with a warrant." Security researchers have long insisted, though, that there is no technical way to build a backdoor in encryption for law enforcement that won't fundamentally undermine the protection. It's possible that the effort is a red herring to make another bill that threatens encryption, the EARN IT Act, seem more palatable by comparison.
In a report on Thursday, researchers from Symantec said that the notorious group Evil Corp has been working to infect companies with ransomware by targeting employees who are working from home during the Covid-19 pandemic. Hackers of all stripes have been taking advantage of pandemic conditions to conduct everything from phishing attacks to unemployment fraud and espionage. But Evil Corp's activity is notable, because the group was indicted by the Justice Department in December for hacking. The Treasury Department also imposed sanctions on the group and said it has ties to the Russian FSB security agency. Deterrence efforts by the US have not stopped Evil Corp from expanding its activity, though. Research published earlier this week by the firm Fox-IT indicates that the group has been developing new ransomware and refining its attack techniques.
Australian prime minister Scott Morrison said last Friday that government agencies and companies have been dealing with a monthslong barrage of cyberattacks perpetrated by an unnamed nation-state actor. Though Morrison did not name a suspect, anonymous officials told the press that the malicious actor is likely China. Researchers also speculated about this possibility based on similar aggressive Chinese espionage and trade secret theft that has plagued countries around the world. Trade negotiations between Australia and China are also currently tense. Zhao Lijian, a spokesperson for China’s Ministry of Foreign Affairs, vehemently denied that China is behind the hacking spree targeting Australia.