Newsletters

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Servers that host data for the International Committee of the Red Cross's (ICRC) Restoring Family Links service were breached in January. The service reunites families and individuals separated by conflict and disaster and the details of the more than half a million people using the service are likely to have been stolen. Who was responsible? And why?

We mentioned this hack briefly two weeks ago when the US State Department warned that it was a "dangerous development" that "harmed the global humanitarian network’s ability to locate missing people and reconnect families".

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The leader of the Lurk hacking group, Konstanin Kozlovsky, was sentenced to 14 years in prison in a Yekaterinburg court this week.

At first glance this appears to be more evidence Russia is getting serious about cybercrime. Lurk was a professionally run group that managed to steal USD$45m before most of its members were arrested in 2016. But the history is, err, complicated. Kozlovsky's claims link him to world-changing hacks, criminal activity and treason.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The US Department of Homeland Security has officially established the Cyber Safety Review Board (CSRB), with its first task to be a review of the Log4j vulnerability and responses to it.

The new organisation is tasked with reviewing cyber security incidents, establishing root causes and providing recommendations to improve security. This CSRB concept is comparable to the NTSB, which investigates civil aviation accidents in the US and issues safety recommendations aimed at preventing future disasters.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

A Citizen Lab report into the official Beijing Winter Olympics app has triggered a flurry of over-the-top news articles about privacy risks to those attending the games. It's true there are risks to the privacy and digital security of games attendees, but a poorly constructed event app is pretty low on the list of things to worry about.

The My 2022 app provides a wide range of functions including voice and text chat, weather updates, translation services, navigation and Covid-19 health monitoring. According to Citizen Lab's report, installation of the app is "mandated" for attendees. Other reputable sources say attendees can use a web portal to submit their health information if they don't want to install it on their device. So… not mandatory.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Cyber operations will play a role in a (god forbid) Russian invasion of Ukraine, but let's be clear: cyber war is Not a Thing.

Offensive cyber operations (those that degrade, deny, disrupt, destroy or manipulate) can at times be a force multiplier or achieve something you couldn't with conventional military force, but they simply can't replace the brutal consequences of blowing something up or killing people.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The newsletter will be taking a break and the next edition will be 27 January.

End-to-end encrypted (E2EE) messaging app Signal has rolled out a worldwide beta integration with MobileCoin, an anonymity-enhanced cryptocurrency (AEC). We expect this will result in an avalanche of legal and regulatory challenges.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Welcome back to the first edition of 2022! This edition highlights some of the themes we expect will be important over the coming year — surveillance and exploit dev for hire, ransomware, and supply chain security and resiliency.

Public discussion of mobile exploit and malware developers has so far focussed on a small number of companies (and NSO Group in particular), but this will change in 2022.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The vulnerability disclosed in the Java Log4j logging library last week is, to put it mildly, quite bad. It also proves we need to pay more attention to little-known but pervasive software in the open source supply chain.

First, let's talk about the actual vulnerability.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The co-founder and COO of Mitto AG, a Swiss company that sends automated text messages including 2FA codes, has allegedly been selling access to his company's networks to surveillance companies.

Mitto AG sells automated messaging services and has relationships with telcos in more than 100 countries, giving it reach that has attracted major technology companies such as Google, Twitter and WhatsApp as clients. Bloomberg reports Mitto's COO, Ilja Gorelik, secretly allowed multiple surveillance companies to leverage its relationships with telcos to allow them to abuse SS7 (Signalling System 7, a telco signalling protocol) to track devices or perhaps even redirect calls and SMSs.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Despite US indictments, Russian ransomware developers and affiliates appear unaffected and live relatively freely in Russia.

This week the UK's Daily Mail was able to track down Russian Yevgeniy Polyanin at his home in the Siberian city of Barnaul. Polyanin was the subject of a US indictment unsealed earlier this month and is accused of being a ransomware affiliate and extorting over USD$13m from victims.