Russia Hack Proves Privacy Hawks Weren’t Chicken Littles

Bob Barr


Posted: Dec 30, 2020 12:01 AM

The opinions expressed by columnists are their own and do not necessarily represent the views of

The recent revelation of a historic hacking attack on U.S. businesses and government targets has put America’s national security apparatus in a conundrum. On one hand, the scale of the likely Russian sponsored attack is an excellent cudgel with which to press Congress for more power and money to fund secretive — and constitutionally problematic — national security programs. On the other, it proves that privacy hawks have been rightfully concerned about the state of America’s data security.

Earlier this month, reports surfaced that a major IT security company, SolarWinds, was hacked and its software corrupted to include a “back door” easily exploited by other hackers. This corrupt software was then unknowingly pushed by way of an “update” to an estimated 18,000 customers – including numerous Fortune 500 companies and several government agencies – which left the back door wide open to hackers for months prior to being discovered. Experts suggest we may never know the full scale of this attack, or the degree to which it imperils America’s national security. 

That the hack involved a malicious back door is an irony not lost on privacy hawks, who have for years warned against federal agencies (especially the ultra-secret National Security Agency) having the power to force private software providers, smart phone manufacturers, and social media giants to build back doors that allow for surreptitious government access to users of their products and to their companies’ databases. The resulting compromised security has been as regrettable as it was predictable. 

In 2015, for example, the Chinese government is suspected of hacking into the NSA itself, via an encryption back door the agency demanded of a major cybersecurity company. Even earlier than that, the NSA was involved in developing one of the most effective hacks of Microsoft systems, only to have this tool stolen by hackers and released to the public, where it is now accessible by criminals, foreign governments, and all manner of non-state actors.



Big Tech trains guns at NSO Group over privacy concerns

Big Tech giants, such as Microsoft, Google, Cisco, VMWare, and the Internet Association, have decided to back Facebook in a major legal battle against the NSO Group over allegations that the latter exploited a critical vulnerability in WhatsApp to inject surveillance malware into users’ devices.

In October last year, Facebook filed a lawsuit against NSO Group in California, alleging that NSO Group “used WhatsApp servers, located in the United States and elsewhere, to send malware to approximately 1,400 mobile phones and devices” and that the firm developed their malware “in order to access messages and other communications after they were decrypted on Target Devices”.

In its complaint, Facebook alleged that NSO Group and its agents used WhatsApp servers and the WhatsApp Service to send discrete malware components to target devices after setting up various WhatsApp accounts and remote servers to conceal their involvement.

Using Facebook’s servers, NSO Group initiated calls that secretly injected malicious code into target devices and then executed the codes to create a connection between the hijacked devices and its remote server. Once a connection was established, NSO Group caused target devices to download and install additional malware, including Pegasus, for the purpose of accessing data and communications.

“Between approximately January 2018 and May 2019, Defendants created WhatsApp accounts that they used and caused to be used to send malicious code to Target Devices in April and May 2019. The accounts were created using telephone numbers registered in different counties, including Cyprus, Israel, Brazil, Indonesia, Sweden, and the Netherlands.

“Defendants reverse-engineered the WhatsApp app and developed a program to enable them to emulate legitimate WhatsApp network traffic in order to transmit malicious code—undetected—to Target Devices over WhatsApp servers. Defendants’ program was sophisticated, and built to exploit specific components of WhatsApp network protocols and code,” the complaint read.

Facebook further alleged that because of NSO Group’s covert activities that caused damage to its reputation and destroyed the goodwill between the company and its users,…


Potential privacy breach of Saskatchewan health records in January 2020 malware attack

The Saskatchewan government says a privacy breach may have occurred in an eHealth malware attack in January 2020.

Officials said a breach of personal health information potentially occurred on systems administered by eHealth for the Saskatchewan Health Authority (SHA) and the Ministry of Health.

The malware attack happened after an employee in the health-care sector opened a suspicious attachment in an email.

Read more:
eHealth files stolen in ransomware attack

The malware then spread throughout Saskatchewan’s IT system, officials said, and resulted in a ransomware attack.

eHealth said it managed to contain and eliminate the malware and restore compromised files after the attack was discovered.

Story continues below advertisement

A forensic investigation found that some files were sent to a suspicious IP address. Those were encrypted during the attack and later restored from backups, officials said.

However, they were unable to accurately determine what information was sent to the IP address.

“While the forensic investigation rendered no evidence that personal health information was compromised, the investigation was unable to rule out a breach of personal health information,” said a government statement.

“The inability to absolutely verify that no privacy breach occurred is leading to public notification of a potential privacy breach involving personal information or personal health information.”

Click to play video 'Cyber security experts say ransomware data breach in health care sector is a lesson for everyone'

Cyber security experts say ransomware data breach in health care sector is a lesson for everyone

Cyber security experts say ransomware data breach in health care sector is a lesson for everyone – Sep 29, 2020

eHealth said it continues to monitor the internet for any signs the files are in the wrong hands and said there is no evidence of this after its latest six-week scan was completed in November.

Story continues below advertisement

A number of measures have been brought in since the malware attack, officials said.

This includes intensified training for all employees on the…