Apple Undeletes That Photo You Thought You Deleted—Yes, That One
Russia, China & N. Korea Nevertheless Eclipse Domestic Blunders In This Week's Cybersecurity Review
It is a story straight from a Katy Perry song: Remember that naughty iPhone photo you thought you deleted? Check again. Users who performed the recent iOS 17.5 update may find that their deleted N.S.F.W. (Not Safe For Work) photos were recently uploaded to their iCloud collections. In some reported cases, the compromising photos are years old and survive multiple attempts to delete them.
Based on initial reports, a possible fix is to ensure the photos are deleted not only on the source device, but also deleted from all iCloud backup sets. Of course, the best way not to have compromising photographs end up online is simply not to take compromising photographs in the first place.
Bad as it is, Apple’s faux pas is one of this week’s smaller cybersecurity stories. Instead foreign actors dominated.
Across the pond, for instance, London’s new spy chief used her inaugural keynote speech to lament alleged ties between Moscow and Russian hacking groups. Anne Keast-Butler, the new head of Britain’s Government Communications Headquarters (G.C.H.Q.), headlined the Cyber U.K. Conference on Tuesday, saying that Moscow has escalated its support for Russian cybercriminals who attack western targets, particularly with ransomware.
“Before,” said Keast-Butler, “Russia simply created the right environments for these groups to operate but now they’re[sic] nurturing and inspiring these non-state cyber actors.”
Keast-Butler also addressed Beijing, saying “we now devote more resources to China than any other single mission,” and differentiated Moscow as an immediate threat and Beijing as a long-term challenge.
Keast-Butler has a point. This week a crippling cyberattack on the St. Louis-based Ascension Health system was attributed to the Russian group Black Basta.
And, amid ever-rising tensions between Beijing and the west, and ever-tightening technology-export controls, Microsoft is trying to move hundreds of A.I. experts out of China to the U.S., Ireland, Australia and New Zealand. No mention has yet been made as to whether Beijing would let them go.
Starkly absent from Keast-Butler’s remarks, however, were the G.C.H.Q.’s own histories of unlawful counterintelligence against human-rights groups and illegal dragnet monitoring of citizens and journalists. Nor did she mention the west’s century-long record of throwing elections in Central and South America, Europe and the Middle East.
North Korea was also in this week’s news, after revelations that Pyongyang had placed its nationals in high-paying remote I.T. jobs with over 300 U.S. companies. The jobs generated millions in salaries, money that was funneled back to Pyongyang’s ballistic missile program.
Prosecutors indicted Christina Marie Chapman, 49, of Litchfield Park, Arizona and charged Oleksandr Didenko, 27, of Kyiv, Ukraine, for allegedly facilitating the schemes. Chapman operated a domestic “laptop farm,” the feds say, to help Pyongyang’s operatives appear to be connecting to their workplaces from within U.S. borders. She also allegedly used her U.S. address to receive paychecks for the scheme.
According to the indictment:
The overseas IT workers worked at blue-chip US companies, including a top-[five] national television network and media company, a premier Silicon Valley technology company, an aerospace and defense manufacturer, an iconic American car manufacturer, a high-end retail chain, and one of the most recognizable media and entertainment companies in the world, all of which were Fortune 500 companies.
More concerning than the purely financial fruits of the operation, is the sensitive data that almost certainly was expatriated. Those aftershocks will likely be felt for years to come.
Prosecutors used the case to warn U.S. tech companies about “remote IT workers.” A less hair-on-fire approach is more realistic. Companies hiring for positions of trust should know or get to know their candidates. Face-to-face interviews are prudent and valuable, even for jobs that will be 100-percent remote. Reasonable candidates will accept paid airfare and lodging for final on-site interviews, and such gestures can go a long way to make candidates feel valued and welcomed versus being hired sight unseen.
Returning to the U.S., a pair of M.I.T. alumni allegedly exploited Ethereum’s blockchain and snagged $25 million in 12 seconds. Though the Justice Department was able to track the heist and make arrests, it claims the exploit “calls the very integrity of the blockchain into question.” More alarm might be called for if the attackers had actually gotten away with it. Worth noting, the D.O.J. has always considered cryptocurrency the enemy, and its hyperbole comes when the Securities and Exchange Commission is considering approval of an Ethereum exchange-traded fund (E.T.F.).
The more practical issue for many cryptocurrency owners this week was being locked out of their wallets. Bitcoin’s price leapt to nearly $66,000, but many could not sell because they could not remember their passwords. Proper password practices apparently remain as vital as they are commonly overlooked.
Finally, this week, VMware announced that its VMware Workstation and Fusion desktop virtualization products for Windows, Linux and Mac O.S. are now free for personal use. This is an absolute game changer for security-conscious power users who were either unaware of desktop virtualization or previously discouraged by VMware’s sticker prices.
Desktop virtualization offers many security advantages, and VMware’s desktop solutions have historically outperformed their rivals. One may run a critical application, for example, inside a virtual machine (V.M.), and thus separate it from the wide-open attack surface of the day-to-day operating system in which one browses the Internet and opens email attachments. When a laptop is replaced, the V.M. may simply be moved without having to reinstall the application or export its sensitive data. The V.M. may be run at a different patch level than the host operating system (O.S.). And, the V.M. may be encrypted to a level the F.B.I. has previously failed to break.
Desktop virtualization also allows, e.g., a person to experiment with Linux or FreeBSD without purchasing dedicated hardware.
VMware Workstation and Fusion may be downloaded here.