Top infosec trends in the social media spotlight this week.
Social media was brimming with scandal this week, debating a critical – or not so critical – flaw found within the encrypted email service PGP.
But, as the community played the blame game, deliberating how the bug was disclosed and what kind of person would be using such an ancient platform anyway, it efailed to catch the highly anticipated update from the city still drowning in ransomware damage – sort of.
Speaking for the first time since Atlanta was hit with the crippling cyberattack, Richard Cox, chief operating officer for the city, told local radio that it had been “the most interesting beginning of any job” he’d ever had.
Cox was three days into his new position when attackers demanded $51,000 in bitcoin to unlock city servers and bring an end to the disruption on court proceedings, ticket payments, and most municipal business.
Remaining steadfast and refusing to pay the ransom, the long drawn-out campaign eventually cost the state capitol a reported $2.7 million in damages and plenty of criticism regarding how little information was provided by officials.
Cox said: “It was a monumental, and still is a big task for us to get out of this. I really feel good about us being in a better posture now, but you never claim victory.”
Some departments are still being forced to operate with pen and paper, Cox said, adding that new laptops were on the way.
Speaking of delays, an ongoing investigation at Symantec has setback the release of the cybersecurity firm’s annual report, which caused the company’s stocks to stumble a colossal 32% - its lowest point since 2001.
Needless to say, Symantec didn’t have much to say on the matter other than: “The investigation is in its early stages, and the company cannot predict the duration or outcome of the investigation.
“The company's financial results and guidance may be subject to change based on the outcome of the Audit Committee investigation.”
Symantec isn’t the only antivirus company to see some changes, as the Russian software provider Kaspersky decided to move its core infrastructure to Switzerland following a ban on the use of its products by the Dutch government.
The company, having previously been banned by the US Department of Homeland Security, responded to the ongoing spy concerns by saying: "Kaspersky Lab is very disappointed with this decision by the Dutch government based on theoretical reasoning, especially given that Kaspersky Lab is in the process of implementing a Global Transparency Initiative specifically aimed at alleviating any concerns."
Switzerland, ironically, isn't a country necessarily known for its transparency.
And in keeping with the growing east-west tensions, Ruslans Bondars, a resident of Latvia, was convicted by a US jury on Thursday for his role in the notorious malware campaign Scan4you.
Bondars, 37, was convicted of three counts for helping cybercriminals determine whether malicious software would be detected by antivirus programs – a service that he had been running with Russian Jurijs Martisevs since 2009.
Acting assistant attorney general John P. Cronan said: “Ruslans Bondars helped hackers test and improve the malware they then used to inflict hundreds of millions of dollars in losses on American companies and consumers.
“Today’s verdict should serve as a warning to those who aid and abet criminal hackers: the Criminal Division and our law enforcement partners consider you to be just as culpable as the hackers whose crimes you enable—and we will work tirelessly to identify you, prosecute you, and seek stiff sentences that reflect the seriousness of your crimes.”
Sentencing is scheduled for mid-September.