Top infosec trends in the social media spotlight this week

A ransomware attack that crippled the IT systems of industrial giant Norsk Hydro dominated the infosec news, and social networks, this week.

The attack – blamed on the LockerGoga strain of ransomware – took out IT systems at the firm’s aluminum smelting plants in Norway, forcing staff to rely on printed instructions and other backup manual measures.

The ransomware relied on a related attack against the firm’s Active Directory installation in order to spread.

Unfortunately, the disaster came just two days after the firm announced that its long-time chief exec Svein Richard Brandtzæg was stepping down to be replaced by Hilde Merete Aasheim in May.

Norsk Hydro stayed on top of the problem and did an exemplary job in communicating its state of play with both regulators and the general public, through regular updates posted to its official Facebook and Twitter feeds.

Infosec experts praised the firm’s incident response on social media. Crucially, Norsk Hydro maintained up-to-date backups so it had no need to cave into the demands of apparently well-organized tech extortionists.

Norsk Hydro said on Thursday that it has made “further progress in securing safe and stable operations across the company”.

UK infosec practitioner Kevin Beaumount offered a technical overview of the attack in a blog post that brought together many of his earlier observations on the attack, compiled together in a thread on Twitter.

Facepalm over Facebook. Again

We pivot from a well-handled potentially disastrous ‘smelt down’ to another security screw-up involving Facebook.

Investigative reporter Brian Krebs revealed on Thursday that Facebook has been storing the unencrypted passwords of hundreds of millions of users since 2012. These passwords were potentially searchable by 2,000 engineers and developers at the privacy-pratfall-prone social network.

The issue related to Facebook Lite, an Android app for ‘addicts’ with either slow connections or landfill-grade smartphones, and involved the inadvertent logging of web requests that contained clear-test passwords.

Facebook admitted the problem but said it hasn’t seen any evidence of abuse, a line that failed to either placate or convince long-term infosec critics of the Silicon Valley giant.

The company’s admission came via a blog post entitled ‘Keeping Passwords Secure’ – an approach to corporate PR seemingly taken from the playbook of the Ministry of Truth from George Orwell’s 1984.

Good week, bad weak

Facebook took a roasting for its slip-up, but Apple didn’t have the best of weeks on the security front either.

Microsoft said its ATP Defender enterprise-focused security software will now be extended to cover Macs. Perhaps Redmond was trolling Apple, which for many years past said malware wasn’t a problem for its OS?

In any case, early reaction to Microsoft’s product development roadmap was largely positive, with some infosec experts pointing out that Apple’s own efforts to provide adequate defenses against malware on Macs have fallen behind.

Separately, Kaspersky Lab filed a legal complaint against Apple in Russia over Apple’s App Store Policy, after the security firm was forced to remove features from its Safe Kids app.

All this served to divert attention away from Google’s woes: the ad-slinger was fined €1.5 billion by EU regulators for blocking competitor’s ads.

Herd mentality

US Democrat Beto O’Rourke was revealed to be a member of prominent hacking group Cult of the Dead Cow (cDc) back in the day.

The three-term member of the US House of Representatives and 2020 US Presidential election candidate rejoiced in the nom-de-guerre of Psychedelic Warlord, Reuters revealed this week.

cDc – authors of the notorious Back Orifice 90s vintage hacking utility – confirmed O’Rourke’s membership.

Gaming XSS

Finally, ending on a lighter note, HackerOne co-founder Jobert Abma gained plaudits this week with the launch of a web-based education game based on cross-site scripting.

The XSS game, developed by Abma, features progressively difficult levels and is geared towards helping hackers to hone their web security skillz.