Information Technology

Image: APH
The head of the Australian Security Intelligence Organisation (ASIO), Mike Burgess, has lashed out at tech giants for running interference and handing a free pass to Australia’s adversaries and “some of the worst people in our society”. “Through the use of encryption social media and tech companies are, in effect, creating a maintaining a safe space for terrorists and spies,” Burgess told Senate Estimates on Tuesday. “It’s extraordinary how corporations that suck up and sell vast amounts of personal data without a warrant or meaningful oversight can cite a right to privacy to impede a counterterrorism investigation by an agency operating with a warrant or rigorous oversight.” Unlike his counterparts at the Australian Criminal Intelligence Commission, Burgess did not go so far as to rule out all legitimate reasons for using encryption. “Encryption is a fundamental force for good as a society, we need to be able to shop, bank, and communicate online with confidence. But even a force for good can be hijacked exploited and abused,” the director-general said. “In the case of encryption, we need to recognise how it is being used by terrorist and spies. End to end encryption is degrading our ability to protect Australia and Australians from threats, from the greatest threats.” In the recent federal Budget, ASIO walked away with a 10-year, AU$1.3 billion funding boost.

Burgess said the cash would go towards “connecting the dots” via data analytics, machine learning, and artificial intelligence across a number of areas including language recognition, voice to text, language translation, image recognition, and sentiment monitoring. “Most important need for my people is to have the technologies support them in the job they do, so this will continue to be human-led, data-driven, technology-enabled,” he said. Earlier in the day, the Australian Federal Police (AFP) faced questioning on ACT Policing accessing metadata unlawfully on 1,704 occasions. Deputy commissioner Ian McCartney said the incidents were reported by the AFP, and it has started to rectify the process issues in the past couple of years. “We’ve agreed with all of the recommendations and we’re working with the Ombudsman in terms of implementation those recommendations, and we’ll report regularly back to the Ombudsman in relation to that issue,” McCartney said. The deputy commissioner then offered a lack of officer education and complex legislation as playing into the situation. “I think it’s fair to say our young investigators in the AFP, the complexity of legislation they face, and that the government’s apparatus around that is quite large, so there is an onus on the organisation which we take very seriously, to provide that education back, particularly, to our young investigators,” he said. McCartney said the requests were location requests, and therefore, were unlikely to pervert the course of justice and confined to the ACT Policing arm of the organisation. Following the Ombudsman’s investigation, compliance for ACT Policing now sits within the AFP compliance area, as well as establishing an inspectorate within its professional standards command. “We will generate a lot of our own audits — that perhaps in the past we’ve relied a little bit on the Ombudsman to do some of these — we’re going to be front-running a lot of those matters to make sure that we’re compliant on all fronts,” AFP commissioner Reece Kershaw said. Related Coverage More

Image: Getty Images
Almost 70% of Australians, regardless of their age, are concerned about their privacy when using new technology, according to a survey conducted by the Australian Communications and Media Authority (ACMA). “Such deep immersion in the online world also brings with it a range of risks and challenges — from privacy and security concerns to exposure to misinformation and disinformation, scams, online bullying, and other harms,” ACMA said. This finding arose as part of two new reports that were released by ACMA on Tuesday. The first report [PDF] provides data about the digital preferences of Australians aged 65 or over, while the second report [PDF] looks at same type of data for Australians in the 18 to 34-year-old age bracket. Both reports are aimed at providing snapshots of Australia’s digital usage and uses findings from ACMA-commissioned research undertaken by the Social Research Centre, which consisted of interviews with thousands of Australians from December 2019 to June 2020. In the first report, ACMA said Australians aged 65 or older have been connecting to the internet more than ever before, with 93% of these Australians having internet access in their homes as of June 2020. By comparison, in 2017, only 68% of these Australians had home internet access. Australians aged 65 and older are also using more devices, with the proportion of older people using five or more types of devices to go online, growing from 6% to 26% over the past four years. In a report published last month, ACMA said the use of social media by people aged 75 and over doubled from 18% to 41% from June 2019 to June 2020, which the report attributed to Australia’s COVID-19 restrictions.While the behaviours of people aged 65 or older have changed considerably, older people’s views of the digital world remain circumspect as 80% still feel overwhelmed by technological change. 72% of these Australians also feel unmotivated to find out more about these technologies, which is only a slight decrease from the 74% figure recorded in 2017.

According to the report, most Australians in the 65-and-over age bracket are engaging in online environments due to perceived or actual necessity, rather than doing so because they believe there are benefits to going online. “This research suggests that older people may be feeling somewhat ‘forced’ online — a situation that may have been accelerated by the pandemic, but also by the increasing digitisation of life in general,” ACMA said. Only 34% of Australians in this age bracket believe technology has given them more control over their lives. By comparison, 66% of the people in the 18 to 34-year-old age bracket felt that computers and technology gave them more control over their lives. This higher level of positivity about technology translated to almost half of Australians in the 18 to 34-year-old age bracket using five or more types of devices to go online as of June 2020, which is up from 30% in 2017. In addition, almost two-thirds of young people used, on average, five or more social networking sites or apps, compared to just over one-fifth of other Australians. Across the board, mobile phones were the most common device used by both young and older Australians to access the internet as of June 2020. After mobile phones, the second most used device to connect to the internet for younger Australis was laptops, while for older Australians, it was tablets. Looking at how Australians use the internet, almost 95% of Australians aged 65 and over now use email, while banking, viewing video content, and buying goods and services online have increased substantially over the past four years, where more than 60% of this demographic went online to perform these activities at least once during the first six months of 2020. Meanwhile, for Australians aged from 18 to 34, more than 90% of this demographic used the internet to perform all of these activities. Earlier this year, the Australian Bureau of Communications, Arts and Regional Research (BCARR) found that almost the same number of Australians now watch content from over-the-top (OTP) streaming services, like Netflix and Amazon Prime, when compared to those who watch free-to-air (FTA) television. As of the end of last year, 70% of Australians watched OTP content, which is almost triple the amount from 2016. By comparison, Australians have continued to watch less FTA television. In 2016, 90% of Australians consumed FTA content but this has since dropped to 82.5%. Related Coverage More

After pinning the cost of keeping Australia’s COVIDSafe app running at AU$100,000 a month in March, DTA CEO Randall Brugeaud has said the agency is almost halving its previous estimate. “I estimated AU$100,000 per month to host COVIDSafe at the last hearing, that has ended up at AU$75,094.98 per month. And we’ve made a number of performance improvements to the app over the last couple of months, which should see that sitting at about AU$60,000 per month from the first of July,” he said on Monday. “There’s been a range of tuning efforts that we’ve applied, quite considerable improvement on the backend, which is the COVIDSafe National Data Store and how the data is stored as the app is in operation.” The total cost to build and operate the app was now sitting at AU$7,753,863.38 including GST, the DTA CEO said. To the end of January, that figure was AU$6,745,322.31. “That includes a combination of development, which is the actual build of the app, and the hosting of the app. So the breakdown is, for the development of the app, AU$5,844,182.51 and the hosting is AU$901,139.80,” Brugeaud said in March. On Monday, Brugeaud also said the app had picked up 567 close contacts not found through my manual contact tracing, a large increase on the previous number of 17 contacts, and there has been 779 uploads to the National Data Store since inception last year. When introduced, Prime Minister Scott Morrison said the app would be digital sunscreen. DPS attackers tried to brute-force on MobileIron kit

Providing a little more detail on the March outage at Parliament House, Senate President Scott Ryan said the MobileIron equipment in the parliamentary network was targeted. “A malicious actor sought to access DPS network accounts through MobileIron devices using unsophisticated, brute-force tradecraft. The malicious activity lasted just under 24 hours. It was unsuccessful, and DPS networks were not compromised,” Ryan said on Monday. “Appropriate network controls were implemented, which ensured that accounts were locked down, preventing compromise. Those controls were successful in blocking the malicious actor but also impacted legitimate users’ ability to access DPS networks for several days while even more rigorous IT security arrangements were implemented.” Those controls involved taking the existing solution offline and putting into production an MDM system being piloted. “While the outage did cause significant inconvenience, the Department of Parliamentary Services put significant effort into implementing a new mobile device management system in a very short period of time. This migration had been planned well before the incident, but it was to be implemented over a three-month period,” Ryan said. “DPS staff migrated most email data to new services over the course of just three days between 27 and 31 March. Contrary to media coverage, the complexity of the migration did not extend the outage. “14 technical staff across different IT disciplines worked over the Easter long weekend to ensure the remaining migration and to provide support to parliamentarians and other users who needed assistance.” Acting secretary of DPS cybersecurity branch Gary Aisbitt said within “several hours of identifying that we were under attack”, the department had put mitigations in place to prevent “any more potential intrusions”. Under questioning from South Australian Senator Rex Patrick, Ryan tried to spell out the difference between the cyber realm and regular old household burglary. “We need to accept that such a prominent network as this is not like your house being burgled, because you don’t expect your house to be burgled every hour,” Ryan said. “In this particular world, the idea of comparing it to a break-in of your house and reporting it to the police is simply not realistic. We work with the authorities and agencies extensively to protect the network. Protection of the network is paramount. Secondary is usability of the network.” Ryan added that a “great deterrent” against cyber intrusions was not present, as there was no shortage of actors trying to access the DPS network. “There is incredible resourcing that goes into protecting this network. The agencies are actually very happy, given what happened several years ago, about what this network does, its capabilities and how it protects itself,” he said. “While it was an unsophisticated, brute force type of attack, there was no penetration of the network.” Ryan reminded the committee that simply because an unsophisticated approach was taken, did not mean the actor was unsophisticated. In February 2019, it took eight days to remove malicious actors from the DPS network. “While I do not propose to discuss operational security matters in detail, I can state that a small number of users visited a legitimate external website that had been compromised,” Ryan said at the time. “This caused malware to be injected into the Parliamentary Computing Network.” Since that time, Aisbitt said DPS has stood up a cybersecurity operations centre. “It’s a very capable cybersecurity operations centre,” he said. “Our role is to initially triage and have a look at those incidents ourselves. We get a number of attacks — for want of a better term — and they happen regularly. We triage these and at some point we decide whether we need to notify the ACSC and seek their assistance, and that occurs as par for the course.”Related Coverage More

Police have made eight arrests following operations targeting individuals suspected of sending out “smishing” texts, which aim to steal personal information and financial details by directing recipients to fake versions of trusted organisations’ websites, such as the Royal Mail.Operations across London, Coventry, Birmingham and Colchester resulted in eight men being arrested on suspicion of fraud, according to City of London police.SEE: Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)The eight suspects are believed to be involved with a smishing campaign which sent out scam texts claiming to be from Royal Mail, claiming the recipient needed to pay an outstanding postage fee for a parcel or enter their details to rearrange a delivery. Officers from the Dedicated Card and Payment Crime Unit (DCPCU), a specialist City of London and Metropolitan police unit, worked in partnership with Royal Mail and the telecoms industry as part of a ‘week of action’ which included the arrests.Devices suspected of being used in smishing scams have been seized by police and records of stolen financial details have been identified – which will allow banks to inform customers that they’ve fallen victim to fraud. “The success of these operations shows how through our close collaboration with Royal Mail, the financial services sector, and mobile phone networks, we are cracking down on the criminals ruthlessly targeting the public,” said Detective Chief Inspector Gary Robinson, the head of DCPCU.

“Ongoing investigations are now underway and we will continue to work together to bring those committing smishing scams to justice.”SEE: My stolen credit card details were used 4,500 miles away. I tried to find out how it happenedSeven of those arrested have been released under investigation, with one suspect charged and remanded into custody ahead of their court appearance. Investigations are still ongoing and City of London police said they expect to make further arrests and charges.Often these phishing messages contain a link to a fake version of a legitimate website which ask for usernames and passwords or even bank details. There’s been a large rise in SMS phishing attacks over the last few months, particularly with messages claiming to be from a delivery company, as many people have been doing more online shopping during the Covid-19 pandemic.Members of the public can help investigations into smishing campaigns by forwarding suspicious texts to 7726, free of charge.MORE ON CYBERSECURITY More

GAO
Cyber insurance premiums have surged amid more frequent cyberattacks and are likely to surge in 2021, according to a General Accountability Office report.The National Defense Authorization Act for Fiscal Year 2021 included a provision for GAO to study the US cyber insurance market. GAO analyzed industry data on policies, cyber risk and insurance research and interviewed Treasury officials.According to the GAO, cyber insurance adoption is picking up. The GAO found that the take-up rate for cyber insurance rose from 26% in 2016 to 47% in 2020.Take-up rates also vary by industry. According to Marsh McLennan, among its clients, the industry sectors with the highest take-up rates in 2016–2020 included education and health care, which collect, maintain, and use significant amounts of personally identifiable information or protected health information. Sectors experiencing significant growth in take-up in that period included the hospitality and retail sectors, which commonly collect payment card information. The manufacturing sector’s take-up rate also grew significantly, as that industry became increasingly aware of potential cyberattack risks, according to industry sources.Along with that adoption, insurance brokers said that more frequent and severe cyberattacks have led to premium increases. The GAO said more than half of the respondents in its report saw prices go up 10% to 30% in late 2020.GAO noted in its report:One broker told us that minimum premiums for high-risk industries with revenues up to $5 million can range from $2,000 to $3,500 per million of limit, while other brokers said premiums on policies that target mid-size entities with revenues from less than $100 million to $250 million can average from about $5,000 to more than $10,000 per million of limit. In addition to entity and industry risk factors, premiums can differ based on the amount of a deductible or other self-insured amount, which the brokers told us had minimums from $1,000 to $5,000 for policies with a $1 million total limit. These same risk factors also can result in lower coverage limits for certain perils, such as $250,000 for social engineering and wire transfer attacks on a policy with a $1 million total limit.In addition, cyberattacks have led insurers to reduce coverage limits for some sectors including healthcare and education. The GAO report found that the cyber insurance industry faces multiple challenges such as limited historical data on losses, lack of common definitions for terms like cyberterrorism as well as differences among industries. Another issue for the industry is that businesses have limited awareness of what’s in their policies as well as limits.  More

A massive phishing campaign is distributing what looks like ransomware but is in fact trojan malware that creates a backdoor into Windows systems to steal usernames, passwords and other information from victims. Detailed by cybersecurity researchers at Microsoft, the latest version of the Java-based STRRAT malware is being sent out via a large email campaign, which uses compromised email accounts to distribute messages claiming to be related to payments, alongside an image posing as a PDF attachment that looks like it has information about the supposed transfer.

ZDNet Recommends

When the user opens this file, they’re connected to a malicious domain that downloads STRRAT malware onto the machine. SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic) The updated version of the malware is what researchers describe as “notably more obfuscated and modular than previous versions”, but it retains the same backdoor functions, including the ability to collect passwords, log keystrokes, run remote commands and PowerShell, and more – ultimately giving the attacker full control over the infected machine. As part of the infection process, the malware adds a .crimson file name extension to files in an attempt to make the attack look like ransomware – although no files are actually encrypted. This could be an attempt to distract the victim and hide the fact that the PC has actually been compromised with a remote access trojan – a highly stealthy form of malware, as opposed to a much more overt ransomware attack.

It’s likely that this spam campaign – or similar phishing campaigns – is still active as cyber criminals continue attempts to distribute STRRAT malware to more victims. Given how the malware is able to gain access to usernames and passwords, it’s possible that anyone who’s system becomes infected could see their email account abused by attackers in an effort to further spread STRRAT with new phishing emails. SEE: Ransomware just got very real. And it’s likely to get worse However, as the malware campaign relies on phishing emails, there are steps that can be taken to avoid becoming a new victim of the attack. These include being wary of unexpected or unusual messages – particularly those that appear to offer a financial incentive – as well as taking caution when it comes to opening emails and attachments being delivered from strange or unknown email addresses. Using antivirus software to detect and identify threats can also help prevent malicious emails from landing in inboxes in the first place, removing the risk of someone opening the message and clicking the malicious link.

MORE ON CYBERSECURITY More

President Joe Biden’s recent executive order on cybersecurity drew praise for addressing critical gaps in the government’s efforts to protect its digital assets, but lawmakers and experts are raising questions about one aspect of the order: the creation of a Cybersecurity Safety Review Board. The executive order establishes a review board “co-chaired by government and private sector leads, that may convene following a significant cyber incident to analyze what happened and make concrete recommendations for improving cybersecurity.” 

ZDNet Recommends

The board will be there to “ask the hard questions” according to the executive order and is modeled after the National Transportation Safety Board, which investigates airplane crashes and transportation incidents. The fine print of the executive order says Homeland Security Secretary Alejandro Mayorkas will work with the Attorney General Merrick Garland to create the board, which will look into any attacks “affecting FCEB Information Systems or non-Federal systems, threat activity, vulnerabilities, mitigation activities, and agency responses.” Both federal law enforcement officials and private sector cybersecurity experts will populate the board, with one of each serving as chair and deputy chair biennially. Within 30 days, Mayorkas has to send a report to Biden about who will be on the board, its scope, responsibilities, structure, “thresholds and criteria for the types of cyber incidents to be evaluated” as well as how they plan on forcing companies or individuals to comply with their investigation.  Democratic leaders in Congress expressed support for the effort but had a range of concerns they hoped would be addressed by Mayorkas and Garland once the idea was more fully sketched out.  Rep. Carolyn Maloney, chairwoman of the Committee on Oversight and Reform, told ZDNet that it is “critical for the federal government to respond quickly when a significant cyber event occurs.” 

But Maloney said the board had to walk a fine line of complying with the Federal Advisory Committee Act, which forces boards like this to be “objective and accessible to the public,” while also keeping the information it collects safe. “It is important that sensitive information be properly protected but it is also important that the board operate with transparency and in full compliance with ethics laws,” Maloney said. Other congressional leaders in cybersecurity echoed those remarks and raised more pressing concerns about the board’s ability to effectively address devastating attacks that now occur on a weekly basis.  Congressman Jim Langevin, who helped found the House Cybersecurity Caucus that he now co-chairs, said he was in support of the idea that the cyber review board was meant to help defenders understand major incidents better.  But as a member of the Cybersecurity, Infrastructure Protection, & Innovation subcommittee, he told ZDNet he was “seriously concerned about the trend toward larger, more frequent cyber incidents that may be too much for a review board to handle.”  “That’s why I support the creation of a Bureau of Cyber Statistics, so that we can examine incident data in aggregate and make more informed cyber risk management decisions,” Langevin said.  A congressional aide explained to ZDNet that some on Capitol Hill have questioned how the board could work like the National Transportation Safety Board, which has broad authority to investigate transportation incidents and can issue subpoenas.  It is still unclear what thresholds the cyber review board will use to decide which breaches or attacks to investigate and what power they will be given to compel organizations to hand over critical information that some may be reluctant to share.  “With the NTSB, they just show up with their badge and the entity has to produce anything the investigator wants. They don’t always need a subpoena or the court system to get what they want,” the congressional aide said.  “It’s so far outside of the existing legal systems and I think there’s a strong incentive to cooperate because what are your options otherwise?”

The aide added that the idea for an NTSB-like effort for cybersecurity incidents has long been floated on Capitol Hill because there is always interest in finding the root causes of attacks and potential mitigations.  But the NTSB deals with far fewer incidents than any cyber review board would and incidents often involve dozens, if not hundreds, of different organizations, some of which will not cooperate with federal law enforcement. The NTSB mostly interacts with airline companies and maintenance operators, whereas the review board would be trying to investigate entire software supply chains.  “There’s huge benefits to root cause analysis but in terms of getting access to the data, it’s quite extraordinary the powers that NTSB has in some respects. I don’t think that that’s necessarily applicable in a cyber context,” the aide said.  Anurag Lal, former director of the US National Broadband Task Force for the Federal Communications Commission under the Obama administration, expressed fear that the board will be “bogged down by bureaucracy as others have in the past” and be hamstrung by red tape while investigating cyber incidents that require quick responses.  The executive order was a step in the right direction to creating the processes needed to respond to cyberattacks, Lal explained, but he said a more comprehensive cyber response bill is needed to put laws in place governing how the US responds to attacks.  “While these are comparable boards, I believe the Cybersecurity Safety Review Board needs to act with much greater urgency than the NTSB. In the case of flight incidents, a great deal of time needs to be taken to thoroughly investigate. However, the nature of cyber-attacks requires us to act quickly, so this board will not have the luxury of time,” Lal said.  “The CSRB must be mandated to respond in an urgent, accelerated manner. This executive order addresses how we can respond, but now we need to push further and determine how we are going to go on the offensive to prevent these attacks from even happening.” Christopher Fielder, who spent years as a network and cryptographic systems technician in the US Air Force and as a security analyst contractor with the CIA, told ZDNet that too many cyber incidents are shrouded in secrecy, resulting in numerous incidents that could have been prevented earlier had information been shared accordingly.  Fielder said the review board was a good idea because it could quickly identify underlying issues and establish a federal-level baseline of transparency around future compromises and how to learn from them.  “Using this postmortem approach for breaches can drive the development of standards based around historic evidence. It’s important to understand, however, that for a review board such as this to be effective it is going to require significant buy-in from both the private and public sectors,” Fielder said.  “We are going to have to feel that this will be a board that is not a regulatory body intended to punish or place blame on those who are affected by compromises, but instead designed to foster the sharing of knowledge and best practices that are discovered from incidents that are reviewed.”  The board would be a good first step but cybersecurity is still like the Wild West, Fielder explained, with many organizations protecting themselves the best they can with the resources they have available.  Post-incident recommendations often differ between cybersecurity companies and researchers, and Fielder said a board like this could help reconcile differing opinions on an incident’s root cause or next steps so that agreed-upon and trusted recommendations can be made.  Sounil Yu, chief information security officer at JupiterOne, said the best version of the review board would include “blameless postmortems” that produce “meaningful lessons learned that reduce the likelihood of repeated failure events.” “There are great examples of security-oriented postmortems (e.g., Coinbase and FireEye) that are highly instructive and can serve as a model for what a Cyber Review Board investigation report might look like,” Yu said.  A number of cybersecurity experts praised the review board idea for similar reasons but questioned what would happen in instances where it was clear the attack was leveraged by a state actor, like the most recent attacks attributed to Russia and China.  “The NTSB didn’t take the lead in the 9/11 investigations because it was clear that the cause was not due to safety issues,” Yu added. “Safety incidents are often handled very differently than security incidents.”  More

The Federal Bureau of Investigation (FBI) has linked the Conti ransomware group to at least 16 attacks aimed at disrupting healthcare and first responder networks in the United States.  

The targets identified include 911 dispatch carriers, law enforcement agencies, and emergency medical services — all of which have been attacked over the past year as medical services struggled to manage the COVID-19 pandemic. According to the FBI’s flash advisory (.PDF), Conti has been connected to at least 400 cyberattacks against organizations worldwide, and 290, at minimum, are based in the US.  In what has become a popular tactic for ransomware operators to increase the chances of a payout, attackers will infiltrate a victim’s network, steal confidential files, and then launch ransomware. If blackmail demands — usually made in cryptocurrency such as Bitcoin (BTC) — are not met, organizations then face the prospect of their data being published or sold via a leak site.  The Conti ransomware group is one of dozens of double-extortion criminal collectives that operate leak sites, having joined the likes of Sodinokibi, Nefilim, and Maze last year.  Conti may use stolen credentials, RDP, or phishing campaigns to obtain initial access to a network. According to the FBI, the group may also use Cobalt Strike, Mimikatz, Emotet, and Trickbot alongside Conti ransomware during attacks.  “If the victim does not respond to the ransom demands two to eight days after the ransomware deployment, Conti actors often call the victim using single-use Voice Over Internet Protocol (VOIP) numbers,” the advisory reads. “The actors may also communicate with the victim using ProtonMail, and in some instances, victims have negotiated a reduced ransom.”

The FBI does not encourage victim organizations to pay up, as decryption keys are not guaranteed to work and each successful extortion attempt only encourages ransomware-related criminal activity.  However, whether or not a victim has paid, the FBI urges transparency to law enforcement agencies when ransomware incidents occur. When it comes to Conti specifically, the FBI has requested boundary logs showing links to IP addresses, cryptocurrency wallet information, any decryptor files available, as well as encrypted file samples,  Recently, the finger has been pointed at Conti for a debilitating ransomware attack on Ireland’s Health Service Executive (HSE) on May 14. Officials say that a ransomware demand of $20 million will not be paid, and while Conti has released an — unverified — decryption tool to the service, the group has still threatened to sell or leak HSE records allegedly stolen during the attack.  Dublin’s High Court has issued an injunction against Conti, under “persons unknown,” in an effort to stop the spread of stolen information. At the time of writing, staff are still unable to access email, there are delays with issuing birth, death, and marriage certificates. The COVID-19 vaccination program is rolling out as normal but there may also be delays in receiving test results.  Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More