A shift in leadership occurred in Washington as the Biden administration began its term, proceeding smoothly and peacefully despite the earlier attempt to disrupt the democratic process just two weeks prior.

This week’s Decrypted focuses on the continuing repercussions of the SolarWinds cyberattack and identifies the individual the new president has nominated to spearhead the recovery efforts. We also present a summary of recent news highlights.

THE BIG PICTURE

Google reports SolarWinds impact as minimal, additional breaches revealed

The ongoing cyberattack targeting SolarWinds, an espionage operation attributed to Russia, has now impacted the U.S. Bureau of Labor Statistics, marking another federal agency affected this week. The attack also compromised cybersecurity firm Malwarebytes, as confirmed by the company’s CEO. Marcin Kleczynski detailed in a blog entry that attackers accessed a “restricted” set of internal company emails. This attack originated from the same perpetrators as the SolarWinds incident, but utilized a separate method of entry. This brings the total number of security companies known to have been targeted by these Russian hackers to three, following successful breaches at FireEye and a failed attempt against CrowdStrike.

However, Google communicated in a blog post this week that they are “certain no Google systems were compromised” by the SolarWinds breach. “Our utilization of the impacted software and services is very limited, and our strategy for reducing supply chain security vulnerabilities ensured that any incidental use was constrained and controlled,” Google stated.

Signal experiences surge in users following WhatsApp’s policy update

The end-to-end encrypted messaging application Signal received a significant increase in popularity this week as a result of the debate surrounding WhatsApp’s privacy policy modifications.

Facebook, the parent company of the competing encrypted messaging app, was compelled to postpone the implementation of the new policy while it sought a way to articulate the changes without risking substantial user attrition. The updated policy largely mirrors the functionality from four years prior, enabling Facebook to determine who you interact with on WhatsApp, your location, and other details regarding your WhatsApp usage – excluding the content of your end-to-end encrypted messages.

As reported in a tweet from the app developers, Signal saw as many as 40 million installations within a single week. Understandably, the app experienced temporary instability under the strain of the influx of new registrations. It appears Signal anticipated every potential method of safeguarding the app from external observation, but did not foresee that sudden, widespread recognition would cause service disruptions.

ICYMI

The government of India has requested that WhatsApp reconsider its updated privacy policy, expressing significant worries about the potential effects on the freedom and self-determination of individuals within the country. Currently, India represents WhatsApp’s largest user base.

A security flaw was discovered in Amazon’s Ring Neighbors application that resulted in the unintentional disclosure of users’ actual physical locations and home addresses. This issue caused the app to access confidential information, even when it wasn’t actively shown to the user.

Flo, a popular period tracking and fertility app, reached a legal agreement with the Federal Trade Commission following accusations of inappropriately sharing users’ personal health data with external companies.

A cyberattack targeting the European Medicines Agency, which is responsible for overseeing the distribution of a COVID-19 vaccine throughout the 27 nations of the European Union, led to the theft and publication of internal documents. The agency reported that certain documents were altered in a manner that could erode public confidence in vaccinations.

MOVERS AND SHAKERS

Another personnel change has occurred within the National Security Agency: Anne Neuberger, formerly the NSA’s director of cybersecurity, has transitioned to the White House staff to take on a key cybersecurity role at the National Security Council. She will be functioning as the deputy national security adviser for cyber and emerging technology. Neuberger previously addressed the audience at Disrupt 2020, detailing the agency’s initiatives to protect the COVID-19 vaccine distribution process and address developing threats originating from China. Within her new role at the NSC, Neuberger will be responsible for directing the response to the security incident involving SolarWinds. She also previously participated in the Russia Small Group, a dedicated task force focused on mitigating Russian interference attempts.

Rob Joyce, a former White House cybersecurity advisor, will succeed Neuberger as the NSA’s cybersecurity director. Joyce has a long history with the NSA, having held various positions there in the past. He is returning to the agency from his post at the U.S. Embassy in the U.K. to become the second individual to hold the position of NSA cybersecurity director. Joyce is also noted for his enthusiastic hobby of decorating with Christmas lights. His background as a hacker continues to be a defining characteristic.

$ECURITY $TARTUPS

A cybersecurity firm located in the United Kingdom, PPC Protect, has successfully secured £2 million (equivalent to $2.7 million USD) in seed funding. This financial boost will be utilized to aid organizations in defending themselves against click fraud, a deceptive practice that exploits pay-per-click advertising systems.

Furthermore, L7 Defense, a cyber company originating from Israel, has received $2 million in funding to strengthen the security of application programming interfaces (APIs) and web application firewalls (WAFs). This investment round was spearheaded by Quick Heal Technologies, a prominent provider of data protection solutions.

For secure communication of tips, please use Signal or WhatsApp at +1 646-755-8849. Alternatively, files and documents can be submitted via our SecureDrop. Further information is available.