On Wednesday, Wired broke down what we know about the recent Ukrainian power plant hack. The attack used malware to cause a power outage, and then used a telephony denial of service attack (TDoS) to prevent customers from reporting the outage. This multi-pronged attack demonstates the vulnerabilities in US power systems.
On Friday, InSight Crime published an investigation into the spike in the homicide rate in Jamaica. Authorities trace the violence to the increasingly popular lottery phone scams that originate in the country. Gangs of phone fraudsters are fighting over contact lists and other resources needed to conduct the scams.
On The Wire: On the Wire Podcast: Steven Murdoch – In this podcast, Dennis Fisher and Murdoch discuss why the U.K. implemented MIKEY-SAKKE rather than another protocol, what the security and privacy implications are, and whether the standard will be used in broader applications.
InSight Crime: Deciphering the Lottery Scam Rings Fueling Violence in Jamaica – The total number of killings in Jamaica jumped to 1,192 in 2015, a 20 percent increase from the previous year. Authorities point to violence between lottery scam rings fighting over profits and valuable “lead” or contact lists as the major cause of the spike.
Atlanta Journal Constitution: Feds indict 51 in South Georgia prison cellphone scam – The call came from a law enforcement officer who had bad news: You failed to appear for jury duty and a warrant has been issued for your arrest. You can either get ready to be handcuffed or you can pay a fine to have the warrants dismissed.
The Daily Dot: Former MTV VJ Dave Holmes tweets bizarro encounter with IRS scammers – This type of IRS phone scam isn’t new; its been going on for years, and right now is especially ripe for scammers as people prepare their taxes. Holmes, a writer and actor, apparently took this anxiety-inducing opportunity to try out some improv on his way home.
Wired: Everything We Know About Ukraine’s Power Plant Hack – To prolong the outage, they also evidently launched a telephone denial-of-service attack against the utility’s call center to prevent customers from reporting the outage. TDoS attacks are similar to DDoS attacks that send a flood of data to web servers.
Examiner: Taking a look at Vishing – The first thing that telephone scammers will want to do is to build up a rapport, and trust, with their intended victims. And by pleading to your human side, they will often be able to lull you into a false sense of security.
CBS: Tax season kicks off with IRS phone scam warning – Ten to twelve thousand calls are reported every week. Among those receiving one — CBS News Justice Correspondent Jeff Pegues. Pegues asked why the caller didn’t ask him to send a check directly to the IRS.
Krebs on Security: Firm Sues Cyber Insurer Over $480K Loss – Roughly 30 minutes later, Mr. Wurm said he was contacted via phone and email by Mr. Shapiro stating that due diligence fees associated with the China acquisition in the amount of $480,000 were needed.