Cyber News: US Government Hacked Again

In this week’s Cyber News roundup, we take a look at the massive breach impacting the United States government, and the latest shots fired in the war between Apple and Facebook.

Here goes:

US Government Hacked (again)

We’ll lead off with our heavy hitter. 

Several United States government agencies were the victim of a massive cyberattack. According to reports, the US Department of Commerce, Department of Homeland Security, the Pentagon, Department of the Treasury, the US Postal Service, and the National Institutes of Health were all breached. 

The common denominator? All of those agencies were customers of SolarWinds, an American software firm that has more than 300,000 customers across the government and private sector. Hackers were said to have broken into SolarWinds’ network and planted a backdoor into the company’s Orion software. SolarWinds says up to 18,000 customers downloaded the software between March and June 2020.

As for who may have been responsible, plenty of experts, including US Secretary of State Mike Pompeo, seem to believe the evidence points to a familiar suspect: Russia.

Russia, to be clear, has denied any involvement. President Donald Trump has also done his part to downplay the severity of the attack, as well as cast doubt on Russia’s involvement.

Others haven’t been quite as open to minimizing the damage.

It’s as if you wake up one morning and suddenly realize that a burglar has been going in and out of your house for the last six months.
— Glenn Gerstell, Former General Counsel For NSA (via NPR)

The hack was first discovered when, ironically, a third-party cybersecurity company discovered suspicious activity on its network. FireEye, one of the country’s top cybersecurity firms, began an internal investigation after encountering a fishy log-in attempt. The vulnerability was linked to SolarWinds, and the rest is history. 

“I have no doubt in my mind that had the Russians not targeted FireEye we would not know about this,” said Jake Williams, a former hacker for the NSA (via TechCrunch). “We’re going to find more government agencies that were breached. They’re not detecting it independently. This only got discovered because FireEye got hit.” 

Motives have yet to be revealed. Expect more updates on this story soon. 

Apple and Facebook Are at War (Still)

Another week, another chapter in the seemingly never-ending battle between two of the world’s most powerful tech companies. Facebook first made headlines earlier this month — quite literally — when it took out a full-page newspaper ad in The Wall Street Journal, New York Times, and Washington Post to criticize its fellow Silicon Valley giant.

But because nobody actually reads newspapers anymore, here we are: 

The beef stems around Apple’s controversial decision to require developers to ask users for permission to gather and track their data across mobile apps and websites on iPhone or iPad. Apple believes the power should be placed in the hands of those holding the iPhone (or iPad). 

Users will be prompted with a notification asking them for permission. And, if you’re the type to value privacy in the digital world, there’s a good chance you’ll be saying no. That’s a massive shift from how things currently are, where you essentially grant developers free range by simply downloading their applications. 

That, according to Facebook, is a problem. 

While the move has all the trappings of an altruistic decision with only the user in mind, Facebook wants to convince you otherwise. The company argues that limiting the ability to run personalized ads will inevitably hinder companies — both large and small — from making money. That, in turn, will lead many of those companies to turn to a subscription model of revenue. And because Apple takes a cut of all in-app purchases and subscriptions for apps that exist on its App Store, Facebook argues that this move is anything but a selfless one. 

Apple is certainly taking a step in a direction, but is it the right one? Privacy is obviously something we should value, especially during a time when our dependency on technology all but eliminates its existence. 

Whether or not it’ll end up being the long con that Facebook claims it to be, Apple’s move toward user enhanced privacy is still good for the user — at least in a vacuum. There’s no denying that this shift toward user privacy will force developers to adapt, which, as Facebook argues, may very well lead to a dropoff in quality free content we enjoy today.