Daily Digest (9/9)

China Moves to Set Global Data-Security Rules With New Initiative; Federally Subsidized Phones Hacked Before They Are Turned On; Argentina’s Immigration Agency Hit in Ransomware Attack; New Amazon Program Allows Alexa to Be Installed in Rental Units. Click “Continue reading” below.

China Moves to Set Global Data-Security Rules With New Initiative

China is beginning its own initiative to set global standards on data security, in an apparent swipe against Washington that was announced by Chinese Foreign Minister Wang Yi.

The Tuesday disclosure comes about a month after U.S. Secretary of State Mike Pompeo announced the Clean Network Program, which seeks to exclude Chinese telecommunications firms, apps, cloud providers and undersea cables from the internet infrastructure used by the U.S. and other countries, The Wall Street Journal reports.

According to a text released by the Chinese Foreign Ministry, the “Global Initiative on Data Security” would call on countries to handle their data security in an “objective and evidence-based manner” and to ensure that countries maintain an open, secure and stable supply chain for information and communications technology and services, the Journal reports.

The initiative also would urge countries to oppose “mass surveillance against other states” and call on tech companies not to install “backdoors in their products and services to illegally obtain users’ data, control or manipulate users’ systems and devices.”

“Data security is an issue of shared interest for countries around the world,” Wang said in his video-conference announcement. “We call on all parties to communicate and coordinate in a constructive way as we work to ensure the secure and orderly cross-border flow of data.”

Sources (all external links):

Federally Subsidized Phones Hacked Before They Are Turned On

Federally subsidized cell phones were overrun with pop-up ads that make the phones unusable.

A researcher at Malwarebytes, Nathan Collier, found that federally subsidized phones distributed by the Lifeline Assistance Program and made by American Network Solutions, contained code that allowed third parties to load malicious apps and adware onto an unsuspecting user’s device, CNET reports.

Collier also found pre-installed malware and a broad range of disruptive or dangerous apps, on another Lifeline phone, made by Unimax.

Unimax said it had created a security patch to fix a vulnerability but disagreed with Malwarebytes that the vulnerability in the app qualified as “malware.”

According to the CNET report, budget phones generally use premade software from Android for apps that control settings and updates — and it is illegal for the phone manufacturer to tweak the apps to allow for the secret installation of adware.

“It is federal law that Lifeline funds are prohibited from supporting the cost of the handset or any other end-user device or software,” an FCC spokesperson told CNET in a statement.

“The security of Americans’ cell phones is critical — and the FCC urges Lifeline providers to protect consumers from adware and malware.”


Argentina’s Immigration Agency Hit in Ransomware Attack

Hackers last month breached Argentina’s immigration agency, Dirección Nacional de Migraciones, demanding $2 million to restore its servers.

Government officials were forced to briefly shut down all immigration checkpoints after they refused to negotiate with the group of Netwalker hackers, Cointelegraph.com reports.

Government officials said they were not concerned with retrieving the data stolen in the Aug. 27 attack and “will not negotiate with hackers.”

The group posted sensitive data from the agency as proof it was responsible for the hack and increased the ransom by about $4 million after a week.

During the shutdown, all computer networks used by immigration officials were taken offline, according to Cointelegraph.


New Amazon Program Allows Alexa to Be Installed in Rental Units

Amazon on Tuesday announced a program, called “Alexa for Residential,” which allows apartment complexes to integrate Alexa and Amazon devices into their units at a lower price.

The program would allow complexes to install a smart speaker into an apartment unit to provide potential renters with a tour of a unit and answer questions they might have, Vice reports.

The device also would allow tenants to pay rent, manage maintenance requests and reserve amenities, according to Vice.

In addition, The Verge reported that the company was billing it as a service “that makes having an Alexa-enabled home accessible for anyone, regardless of whether they rent or own their home.”

Amazon claims property managers do not have access to any tenant data, and voice recordings automatically are deleted daily.


By DPN Staff