Tag Archive for: bans

Statewide Bans on Ransomware Payments Bring New Challenges

/in


Cyber criminals will keep making ransomware attacks as long as they see profits outweigh the effort and risks. Some states have responded by prohibiting state and local government entities from paying the extortionists — a move North Carolina and Florida took in 2021 and 2022, respectively, and which several others have mulled as well.

State bans like these keep taxpayer money from funding cyber crime, but such small-level, standalone prohibitions are unlikely to have a big impact on the ransomware problem, said Jen Ellis — Institute for Security and Technology (IST) adjunct senior policy adviser and Ransomware Task Force co-chair — in response to a Government Technology question during an IST webinar.

A nationwide ban applying to both public- and private-sector victims would reach farther, however, and past years have seen cyber researchers debate the pros and cons. Deputy National Security Adviser Anne Neuberger said in May that federal officials had “grappled” with the question of whether to ban most extortion payments while allowing the federal government to grant waivers.


If the U.S. means to do so, there are plenty of risks and challenges to consider, cyber experts said during yesterday’s webinar.

That includes introducing and launching such a policy.

Silas Cutler is an adjunct senior cyber threat adviser at IST and a principal reverse engineer at cybersecurity company Stairwell. He worried that busy small-business owners may not be keeping up with the latest cybersecurity legislation and could accidentally commit a crime if they pay after a hypothetical ban passes. That would give cyber attackers leverage to keep extorting the businesses in exchange for keeping the fact of the payment quiet.

Another concern is attackers are likely to respond to a payment ban by testing how well it sticks. Attackers may intensify their focus on the victims most likely to feel compelled to pay, such as small- to medium-sized businesses — which may not be able to stay afloat during an interruption to their operations — and essential service and critical infrastructure providers where “disruption isn’t really…

Source…

Montana governor bans TikTok. But can the state enforce the law?

/in


NEW YORK (AP) — Montana Gov. Greg Gianforte on Wednesday signed into law a first-of-its kind bill that makes it illegal for TikTok to operate in the state, setting up a potential legal fight with the company amid a litany of questions over whether the state can even enforce the law.

The new rules in Montana will have more far-reaching effects than TikTok bans already in place on government-issued devices in nearly half the states and the U.S. federal government. There are 200,000 TikTok users in Montana as well as 6,000 businesses that use the video-sharing platform, according to company spokesperson Jamal Brown.

Here’s what you need to know:

WHY IS MONTANA BANNING TIKTOK?

Proponents of the law in Montana claim the Chinese government could harvest U.S. user data from TikTok and use the platform to push pro-Beijing misinformation or messages to the public.

That mirrors arguments made by a bipartisan group of lawmakers in the U.S. Senate, as well as the heads of the FBI and the CIA, all of whom have said TikTok could pose a national security threat because its Beijing-based parent company ByteDance operates under Chinese law.

Critics have pointed to China’s 2017 national intelligence law that compels companies to cooperate with the country’s governments for state intelligence work. Another Chinese law, implemented in 2014, has similar mandates.

TikTok says it has never been asked to hand over its data, and it wouldn’t do so if asked.

HOW DOES MONTANA PLAN TO BAN TIKTOK?

The law will prohibit downloads of TikTok in the state and fine any “entity” — an app store or TikTok — $10,000 per day for each time someone accesses TikTok, “is offered the ability” to access it, or downloads it.

That means Apple and Google, which operate app stores on Apple and Android devices, would be liable for any violations. Penalties would not apply to users.

The statewide ban won’t take effect until January 2024. It would be void if the social media platform is sold to a company that is not based in “any country designated as a foreign adversary” by the federal government.

The governor indicated he wants to expand the bill to other social media apps in order to address some of the…

Source…

vpn: Govt bans VPN, cloud services for employees

/in


New Delhi: The government has barred its employees from using third-party virtual private networks (VPN) and anonymisation services offered by companies such as Nord VPN, ExpressVPN and Tor.

The mandate comes just days after ExpressVPN, Surfshark and NordVPN said they would stop offering their services in the country following a directive by the Indian Computer Emergency Response Team (Cert-In) on how VPN companies should operate in India

The directive also urges government employees not to save “any internal, restricted or confidential government data files on any non-government cloud service such as Google Drive or Dropbox.”

cyberETtech

The National Informatics Centre (NIC), which is under the Ministry of Electronics and Information Technology, said it had put out the guidelines to improve the “security posture” of the government.

“In order to sensitize the government employees and contractual/outsourced resources and build awareness amongst them on what to do and what not to do from a cyber security perspective, these guidelines have been compiled,” NIC said in an internal document, titled Cyber Security Guidelines for Government Employees. ET has reviewed a copy of the document.

Discover the stories of your interest

The NIC has also asked government employees to not ‘jailbreak’ or ‘root’ their mobile phones or use any external mobile app-based scanner services such as CamScanner to scan “internal government documents”

CamScanner was among several Chinese apps banned by the government in July 2020, citing national security concerns following border hostilities with the northern neighbour but continues to be operational through some versions.

“By following uniform cyber security guidelines in government offices across the country, the security posture of the government can be improved,” the directive added.

The IT ministry did not respond to ET’s specific queries on the intent behind the directive.

“All government employees, including temporary, contractual/outsourced resources are required to strictly adhere to the guidelines mentioned in this document. Any non-compliance may be acted upon by the respective CISOs/Department heads,” according to…

Source…

VPN provider bans BitTorrent after getting sued by film studios

/in


piracy

“No logs” VPN provider TorGuard has reached a legal settlement this month with over two dozen movie studios that sued the company for encouraging piracy and copyright infringement.

In the settlement, TorGuard has agreed to block BitTorrent traffic for its users.

TorGuard VPN to block torrents using firewall

Last year, over two dozen film studios had sued TorGuard, claiming the VPN provider maintained no logs and encouraged online piracy through its marketing efforts.

The same set of plaintiffs had earlier demanded $10 million in “damages” from another log-less VPN provider, LiquidVPN.

According to court documents obtained by BleepingComputer, both the film studios and VPNetworks, LLC  d.b.a. TorGuard, have now agreed to reach a settlement in which the VPN provider will block torrents on its network.

TorGuard will “use commercially reasonable efforts to block BitTorrent traffic on its servers in the United States using firewall technology,” reveal the documents:

TorGuard blames host for ignoring over 100,000 piracy notices

Since June 2012, TorGuard had been leasing servers and IP addresses from hosting provider QuadraNet, until late 2021 when the VPN provider notified QuadraNet that it was terminating the service.

Some of these servers were used by TorGuard to offer SOCKS5 proxy services to its customers.

TorGuard’s Knowedgebase (KB) had detailed instructions on how its proxy servers could be configured by customers to work with existing BitTorrent clients: 

setting up TorGuard SOCKS5 server with BitTorrent
TorGuard SOCKS5 proxy servers can be used with BitTorrent clients

Note, unlike with VPNs, traffic routed through SOCKS5 proxy servers is by default unencrypted, making it possible for intermediary hosting providers to gain visibility into the network flows, should they choose to.

Records produced by the film studios show that 97,640 copyright infringement notices were sent to QuadraNet confirming instances of piracy at the SOCKS5 IPs assigned to TorGuard.

An additional, 47,219 notices confirmed piracy associated with other TorGuard IP addresses, through November 2021.

Plaintiffs’ attorneys shared an Excel spreadsheet with TorGuard showing 250,000 “hit dates of confirmed infringement.” Of these…

Source…