Cybersecurity news headlines for June 1-30, 2020

In June’s edition of cybersecurity news headlines, we report on the BlueLeaks data dump, which leaked 269 GB of US police department data; Honda’s cyber attack; and India banning TikTok among other 59 Chinese apps.
Without further ado, here’s what made the biggest headlines in June, 2020.

BlueLeaks data dump leaks 269 GB of US police department data

Distributed Denial of Secrets (DDoSecrets), a group similar to Wikileaks, published on the 19th a collection of sensitive data from police departments all across the US. The 269 GB database came from a security breach at a web design and hosting company that manages websites for many law enforcement agencies. DDoSecrets claims they received the data collection from the infamous Anonymous group.

The group’s Twitter account, which has since been suspended, posted a link to download the database and explained that it contained ten years of data from over 200 police departments, fusion centers, as well as other law enforcement agencies. Fusion centers are entities that help share information between law enforcement agencies.

Investigative reporter and cybersecurity specialist Brian Krebs obtained an internal analysis by the National Fusion Center Association (NFCA), in which it was revealed that the files in the leaked collection actually span nearly 24 years, from August 1996 to June 19, 2020. Among the files, there is personal information such as names, email addresses, phone numbers, PDF documents, images, text, video, CSV and ZIP files. Furthermore, some of the files were found to contain highly sensitive information including ACH routing numbers, international bank account numbers (IBANs), financial data, personally identifiable information (PII) and images of suspects who are listed in certain law enforcement and government agency reports.
It is believed that the leaked data was taken during a breach at Netsential, a web development firm.

“Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data,” the NFCA said.

Due to the nature of the information in the leaked data dump, there are fears that hacktivists and cyber criminals may exploit the data and target fusion centers and intelligence agencies. While many were expecting that the data would expose potential police misconduct, it is more likely that it will put victims and ongoing investigations in danger.

“Every organized crime operation in the country will likely have searched for their own names before law enforcement knows what’s in the files, so the damage could be done quickly. I’d also be surprised if the files produce much scandal or evidence of police misconduct. That’s not the kind of work the fusion centers do,” Stewart Baker, an attorney at Steptoe & Johnson LLP said.

Honda suffers a cyber attack, a suspected ransomware incident

Earlier this month, car manufacturing giant Honda suffered a cyber incident, now believed to have been a ransomware attack. The company tweeted on June 8 that its customer and financial service networks were experiencing technical difficulties in Europe and Japan, but did not disclose more information.

However, a security researcher Milkream identified a SNAKE ransomware sample uploaded onto VirusTotal that checks for an internal Honda network domain mds.honda.com. If the ransomware is unable to resolve the domain, it terminates itself without encrypting any files.

BleepingComputer reached out to SNAKE ransomware operators to confirm the attack but received a response neither confirming nor denying it “in order to allow the target some deniability”.

While some of company’s operations were impacted by the attack, it has long since been resolved. The car manufacturer also confirmed that no personally indefinable information of customers has been affected.

India bans dozens of Chinese apps, including TikTok

Amid rise of tension between China and India following a deadly clash at the border, India has banned 59 Chinese apps, including the viral TikTok.

On June 29, the Indian government announced that it was banning 59 apps developed by Chinese companies due to fears that said apps may pose a national security risk. Among the banned apps is TikTok, the highly popular video sharing social media site with millions of users, many of whom are located in India.

The statement announcing the ban states that India’s Ministry of Information Technology has received complaints regarding certain mobile apps available on Android and iOS platforms stealing and surreptitiously transmitting user data to servers outside of India without authorization. The ban, according to the government of India, “will safeguard the interests of crores [tens of millions] of Indian mobile and internet users”.

“The compilation of these data, its mining and profiling by elements hostile to national security and defence of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures,” the statement reads.

It is not yet clear how exactly the ban will be executed, but the apps are no longer available on both Google Play Store and Apple’s App Store in India. TikTok India Twitter posted a statement saying they are in the process of complying with the ban, and claim to not have shared any user information with foreign governments, including the Chinese government.

When the ban in implemented, it will have huge impact on many of the apps, for some of which India is the biggest market. ByteDance, the developer behind TikTok, will likely suffer substantial financial loss. Last year, when TikTok was banned in India for a week due to fears it was encouraging pornography, the company claims to have lost $500,000 per day.

TikTok also made other news recently when the social media app was caught accessing the clipboard on users’ devices. Apple’s upcoming iOS 14 release will warn users whenever an app access the clipboard, and users who are testing out the trial version have started getting alerts about TikTok. TikTok has been caught doing this in the past but explained it as means to stopping people who copy and paste the same content from spamming the platform. The company behind TikTok said an updated version of the app has been uploaded onto the App Store, and it should no longer try to access the clipboard.

References

1. Brian Krebs. ’BlueLeaks’ Exposes Files from Hundreds of Police Departments. KrebsOnSecurity.
2. Ionut Ilascu. Honda investigates possible ransomware attack, networks impacted. Bleeping Computer.
3. Press Information Bureau, Government of India. Government Bans 59 mobile apps which are prejudicial to sovereignty and integrity of India, defence of India, security of state and public order.
4. Aditya Kalra, Munsif Vengattil. Exclusive: China’s Bytedance says India TikTok ban causing $500,000 daily loss, risks jobs. Reuters.
5. Zak Doffman. Warning—Apple Suddenly Catches TikTok Secretly Spying On Millions Of iPhone Users. Forbes.