Information Technology

The Singapore government has defended its decision to allow the police to access the country’s COVID-19 contact tracing data when necessary, in order to safeguard public safety and interest. It  reveals that data collected via the TraceTogether platform already has been tapped at least once to assist in a homicide investigation. 
Its defence came a day after it confirmed COVID-19 contact tracing data could be pulled by local law enforcers to aid in criminal cases. This contradicted previous assertions the government repeatedly made that the data would only be be accessed if the user tests positive for the virus and was contacted by the contact tracing team. 
Minister-in-Charge of the Smart Nation Initiative and Minister for Foreign Affairs, Vivian Balakrishnan, also previously stressed TraceTogether data would be used solely for contact tracing purposes and accessed by “only a very limited, restricted team of contact tracers” to reconstruct the activity map of the COVID-19 patient. 

Introduced last March, TraceTogether taps Bluetooth signals to detect other participating mobile devices — within 2 metres of each other for more than 30 minutes — to allow them to identify those who have been in close contact when needed.
To date, more than 4.2 million residents or 78% of the local population have adopted the contact tracing app and wearable token. This figure is double that of the adoption rate just three months ago in September, when TraceTogether had clocked 2.4 million downloads or about 40% of the population. A recent spike likely was fuelled by the government’s announcement that use of the app or token would be mandatory for entry into public venues in early-2021, when it was able to distribute the token to anyone who wanted one. 
Speaking outside the parliament session’s scheduled agenda Tuesday, Balakrishnan said he had failed to consider Singapore’s Criminal Procedure Code (CPC) when he previously spoke about the use of TraceTogether data. Under Section 20 of the CPC, the local police has the power to order anyone to produce any data, including TraceTogether information, for the purpose of its criminal investigation. He noted that phone or banking records, which were protected by specific privacy laws, also were subjected to the same provisions under the code. 
The minister said: “I think Singaporeans can understand why Section 20 of the CPC confers such broad powers. There may be serious crimes — murder, terrorist incidents — where the use of TraceTogether data in police investigations may be necessary in the public interest. The police must be given the tools to bring criminals to justice and protect the safety and security of all Singaporeans.” 

He noted, however, that the police should access the data judiciously and with “utmost restraint”. 
He added that the contact tracing platform was not designed to allow any government agencies to track the user, and efforts were taken in the system design and coding of the app to protect personal privacy. He said this had led to the move to make the software open source, so it was open to public scrutiny, and could be shared with other foreign jurisdictions. 
In addition, Balakrishnan said TraceTogether did not collect GPS location or movement data and kept temporary record of who the user had come in close contact with. Data also would be stored, encrypted, locally on the user’s device or token and automatically purged after 25 days. 
Asked how often the police had tapped the contact tracing data, the minister said he was aware of only one instance that had involved a homicide investigation. He would not provide other details on the case as he was not involved in its operations and, hence, was unable to comment further. 
He did point to discussions that were held over the last few weeks to mull over whether to change the law involving TraceTogether data, before the government decided to retain the CPC as it stood. This, he said, was necessary to ensure the police could remain effective in safeguarding public safety and interest. 
Balakrishnan noted that every jurisdiction had to strike a balance between how much power its police should have and an individual’s rights to privacy, and this would differ from country to country. He pointed to the US, where the FBI in 2016 paid professional bug hunters to access the smartphone of the shooter involved in the terrorist incident in San Bernardino. Investigators resorted to doing so after facing legal obstacles in accessing the data. 
Asked under what circumstances would the Singapore police be able to call up access to TraceTogether data, Minister for Law and Home Affairs K. Shanmugam said this was restricted to “very serious offences”, given the “national importance” of the contact tracing platform in dealing with the COVID-19 pandemic. 
“While that requirement is not in the legislation, it will be carefully considered within the police and discretion will be exercised in seeking this information,” Shanmugam said. 
He added that any TraceTogether data collected for a criminal investigation would be deleted if it no longer served any importance and was not needed in legal proceedings. 
According to Balakrishnan, once the pandemic was over and contact tracing data was deemed not necessary, the TraceTogether programme would be stood down. 
Noting that three quarters of the local population had adopted the platform, he said the high adoption rate not only reflected people’s “willingness” to participate in the “collective fight” against COVID-19, but also “their confidence in the government’s commitment to protect the data so collected”. 
“We do not take trust of Singaporeans lightly. We cannot prevail in battle against COVID-19 if Singaporeans did not trust the public health authorities and the government,” the minister said. “I want to again assure Singaporeans your confidence is not misplaced. We will protect your privacy.”
RELATED COVERAGE More

Image: Ho Mobile, Damiano Baschiera
Ho Mobile, an Italian mobile operator, owned by Vodafone, has confirmed a massive data breach on Monday and is now taking the rare step of offering to replace the SIM cards of all affected customers.
The breach is believed to have impacted roughly 2.5 million customers.
It first came to light last month on December 28 when a security analyst spotted the telco’s database being offered for sale on a dark web forum.

Image: Bank Security
While the company initially played down these initial reports, Ho confirmed the incident on Monday, in a message posted on its official website and via SMS messages sent to all impacted customers.
Ho’s statement confirms the security researcher’s assessment that hackers broke into Ho’s servers and stole details on Ho customers, including full names, telephone numbers, social security numbers, email addresses, dates and places of birth, nationality, and home addresses.
While the telco said no financial data or call details were stolen in the intrusion, Ho admitted that hackers got their hands on details related to customers’ SIM cards.
Free SIM card replacements
To avoid even the slightest threat of telephone fraud or SIM swapping attacks, the Italian telco is now offering to replace SIM cards for all impacted customers, if they wish, and free of any charges.

“You can go to one of our authorized dealers and request a SIM change free of charge, bringing your current SIM and a valid identity document with you,” the company wrote on Monday.
Since the SIM card and customer details have been stolen and could be abused to request a SIM card change, physical presence in the Ho stores will be required, the company said, to avoid allowing hackers to request a SIM change for a legitimate customer via the phone.
The telco said the investigation into the hack is still ongoing, together with local law enforcement agencies.
While security breaches have taken place at various telcos around the world, this is a rare case where the provider does good by its customers and offers free SIM card replacements. More

Image: Intezer Labs
Security firm Intezer Labs said it discovered a covert year-long malware operation where cybercriminals created fake cryptocurrency apps in order to trick users into installing a new strain of malware on their systems, with the obvious end goal of stealing victims’ funds.
The campaign was discovered last month in December 2020, but researchers said they believe the group began spreading their malware as early as January 8, 2020.
Intezer Labs said the hackers relied on three cryptocurrency-related apps for their scheme.
The fake apps were named Jamm, eTrade/Kintum, and DaoPoker, and were hosted on dedicated websites at jamm[.]to, kintum[.]io, and daopker[.]com, respectively.
The first two apps claimed to provide a simple platform to trade cryptocurrency, while the third was a cryptocurrency poker app.
All three apps came in versions for Windows, Mac, and Linux, and were built on top of Electron, an app-building framework.
But Intezer researchers say the apps also came with a little surprise in the form of a new malware strain that was hidden inside, which the company’s researchers named ElectroRAT.

“ElectroRAT is extremely intrusive,” researchers said today in a report shared with ZDNet. “It has various capabilities such as keylogging, taking screenshots, uploading files from disk, downloading files, and executing commands on the victim’s console.”

Image: Intezer Labs
Intezer researchers believe the malware was being used to collect cryptocurrency wallet keys and then drain victims’ accounts.
To spread the trojanized applications, Intezer says the hackers posted ads for the three apps and their websites on niche cryptocurrency forums, or they used social media accounts.
Because of a quirk in the malware’s design, which retrieved the address of its command and control server from a Pastebin URL, Intezer believes this operation infected around 6,500 users — the total number of times the Pastebin URLs were accessed.

Image: Intezer Labs
Cryptocurrency users who lost funds over the past year but did not identify the source of their breach should check to see if they have downloaded and installed any of the three apps mentioned in this article.
As a side note, Intezer Labs also pointed out that ElectroRAT was written in Go, a programming language that has slowly become more popular with malware authors over the past year.
The reasons for Go’s rising popularity among malware authors are many and include the fact that detection of Go malware is still spotty, analyzing Go malware is usually more complicated than malware written in C, C++ or C#, and that Go also allows operators to easily compile binaries for different platforms easier than other languages, allowing malware operators to create multi-platform malware easier than before. More

“We’re standing up to Apple for small businesses everywhere” blares Facebook’s headline. How? Because Apple’s privacy update “will limit businesses’ ability to run personalized ads and reach their customers effectively.”

The ad goes on:

Without personalized ads, Facebook data shows that the average small business advertiser stands to see a cut of over 60% in their sales for every dollar they spend.

Boohoo.
Why don’t you cut your small business ad prices in half once Apple’s new App Tracking Transparency feature goes live? That’s what would really help small businesses.
Forget the EFF
The Electronic Frontier Foundation eviscerated the Facebook strategy in a piece last week. A giant corporation vacuuming up user data to sell ads, pretending to care about small businesses?
Pour me another. Make it a double.
But there’s a simpler reason that the Facebook stance is laughable.
Competition sucks!

What makes Facebook’s stance truly braindead is simply what it is asking.
Facebook wants Apple to change its business model so Facebook doesn’t have to. Think about that. 
It’s like Ford Motor asking Tesla to build gas-powered cars so it can compete. Or Dell asking Apple to go back to Intel so their notebooks can compete.
I’d have thought that someone who’d made umpteen billions would know a little about how capitalism and competition works. You know, build a better mousetrap…
Evidently though, cocooned in tens of billions of dollars and surrounded by yes men and women – including Facebook’s board – the Zuck has lost sight of the Capitalism 101 fundamentals. Facebook provides lots of free services, paid for by ads. Apple provides excellent hardware and multiple features to protect user privacy, paid for by the user. People choose. The market decides.
As I’ve noted before 

. . . the web is a hive of scum and villainy — a virtual surveillance state, where maintaining your privacy is a low-level war with the capitalist running dogs that have staked out highly profitable franchises. 

The take
You can bet these ads were OK’d by the Zuck himself — which just goes to show that $100 billion is a mind-altering drug (and not for the better).
I’m all for choice. If people want to give up their data to enable ad-supported services like Facebook, OK. (Though I’d love a non-commercial alternative.)
I chose to leave Facebook years ago. And clearly, Facebook execs are wetting themselves thinking that, given the chance, 1.5 billion Apple customers will say no to their surveillance.
Count your blessings, Zuck. Be happy that Apple isn’t — yet — offering small businesses Apple user-targeted ads (after appropriate opt-in, of course).
Because we know you care so much.
Comments welcome.  More

People who are buying or selling second-hand laptops, tablets and smartphones are being urged to follow new consumer guidance in order to protect their personal information and prevent it from falling into the hands of cyber criminals.
January sales often sees people looking for new personal computing devices while those who’ve received an upgrade over Christmas could be looking to sell their own model. Buying and selling second-hand devices can provide benefits to users, but the UK’s National Cyber Security Centre (NCSC) has warned that if these devices are not properly secured, valuable personal information could be exploited.

More on privacy

Users who sell their devices without wiping them first could be handing their personal information and passwords on to others who might be unscrupulous when dealing with that data.
SEE: Network security policy (TechRepublic Premium)
The guidance provides instructions on what users should do to reset their Android, Apple, Google or Windows devices to factory settings in order to erase all content and personal data, including messages, contacts, photographs, browsing history, Wi-Fi codes, passwords, and any apps installed.
But it isn’t just leaving data on old devices that could put users at risk from cyber criminals – buying a smartphone that is no longer supported by its manufacturer could also lead to problems because it will no longer receive security updates to protect against known vulnerabilities that could be exploited by cyber criminals.
For those buying second-hand devices, it’s recommended that they perform a factory reset in order to erase all the personal data on it so they can’t gain access to any personal data that might have been left behind, or fall foul of previously installed apps that could put their own personal data at risk.

“At this time of year many of us take advantage of the pre-owned tech market, either to grab a bargain or cash in on a device we no longer need.” said Sarah Lyons, NCSC deputy director for economy and society.
“We want consumers to make the most of this market, but we also want them to be aware of the risks around security and personal data and what they can do to protect themselves.
The NCSC has also urged people who believe they’ve received suspicious emails to report them to the Suspicious Email Reporting Service (SERS) to help malicious websites get taken down and provide a better chance for everyone to stay safe online.
MORE ON CYBERSECURITY More

The healthcare sector should brace itself against an increase in cyberattack rates and a variety of attack vectors over the coming months, researchers have warned. 

On Tuesday, cybersecurity firm Check Point released new statistics that show a 45% increase in cyberattacks since November against the global healthcare sector, over double an increase of 22% against all worldwide industries in the same time period. 
According to the researchers, attack vectors employed by threat actors are wide-ranging; including distributed denial-of-service (DDoS) attacks, social engineering, botnets, phishing, and ransomware. 
However, ransomware, in particular, is of serious concern. 
We’ve already seen just how debilitating a ransomware attack wave can be. The WannaCry outbreak of 2017 locked up and disrupted operations for countless businesses worldwide, and in the past four years, ransomware has continued to grow in popularity due to how lucrative a criminal business it has become. 
When it comes to hospitals, some providers will pay blackmail fees demanded by ransomware operators rather than risk patient care. The death of a patient due to a ransomware attack on a hospital has already occurred. 
Check Point says that ransomware attack rates are surging against the healthcare sector. The Ryuk ransomware strain is now the most popular malware to deploy in these attacks, followed by Sodinokibi. 

Overall, an average of 626 attacks was recorded on a weekly basis against healthcare organizations in November, in comparison to 430 in October. Central Europe has been hardest hit in the past two months, with a 145% increase in healthcare-related attacks, followed by East Asia, Latin America, and then the rest of Europe and North America.
Healthcare organizations in Canada and Germany experienced the largest surge in cyberattack rates at 250% and 220%, respectively. 

Check Point says that the reason for the increase is financial, with threat actors seeking to cash in on the worldwide disruption caused by COVID-19. While bog-standard fraudsters are targeting the general public through phishing, emails, texts, and phone calls in coronavirus-related campaigns, other groups are hoping to profit through more debilitating attacks on core services. 
“As the world’s attention continues to focus on dealing with the pandemic, cybercriminals will also continue to use and try to exploit that focus for their own illegal purposes — so it’s essential that both organizations and individuals maintain good cyber-hygiene to protect themselves against covid-related online crime,” the team says. 
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Image: Getty Images/iStockphoto
The New York Stock Exchange (NYSE) has reversed course on its planned delisting of a trio of Chinese telcos.
On New Year’s Eve, it was announced NYSE intended to delist China Telecom, China Mobile, and China Unicom Hong Kong in order to comply with a 12 November 2020 executive order from outgoing US president Donald Trump.
The order sought to forbid trading and investing in any of the companies previously deemed to be Communist Chinese military companies by the US Department of Defense. It also looked to ban trading in any new companies that are given such a label.
By Monday though, the NYSE had reversed course.
“In light of further consultation with relevant regulatory authorities in connection with Office of Foreign Assets Control FAQ 857 … the New York Stock Exchange LLC announced today that NYSE Regulation no longer intends to move forward with the delisting action in relation to the three issuers … which was announced on December 31, 2020,” it said in a statement.
“At this time, the issuers will continue to be listed and traded on the NYSE. NYSE Regulation will continue to evaluate the applicability of Executive Order 13959 to these issuers and their continued listing status.”
In the executive order, Trump said the People’s Republic of China (PRC) was “exploiting United States capital” to boost and update its military, which he claimed would allow Beijing to threaten the US and its overseas forces, as well as develop “advanced conventional weapons and malicious cyber-enabled actions against the United States and its people”.

“Through the national strategy of Military-Civil Fusion, the PRC increases the size of the country’s military-industrial complex by compelling civilian Chinese companies to support its military and intelligence activities,” Trump said.
“Those companies, though remaining ostensibly private and civilian, directly support the PRC’s military, intelligence, and security apparatuses and aid in their development and modernisation.”
Trump also said the PRC “exploits United States investors” to finance its military.
For its part, the China Securities Regulatory Commission hit back on Sunday and said the ban was politically motivated and ignored the rights of investors while severely damaging the market.
It added that the size of the listings on American markets was under 2.2% of the total shares on offer, so the direct impact of the delisting was “rather limited”.
“The role of the US as an international financial centre, is built on the trust of the global enterprises and investors in the inclusiveness and certainty of its rules and institutions,” the Commission said.
“The recent move by some political forces in the US to continuously and groundlessly suppress foreign companies listed on the US markets, even at the cost of undermining its own position in the global capital markets, has demonstrated that US rules and institutions can become arbitrary, reckless, and unpredictable. It is certainly not a wise move.”
Related Coverage More

A UK court has ruled that WikiLeaks founder Julian Assange will not be extradited to the US, where he would have faced over 18 charges, including espionage and breaching national security.
District Judge Vanessa Baraitser refused the US extradition request on the basis that there was a high risk of Assange committing suicide if he were to be sent to the US.
Assange came to prominence for creating WikiLeaks, which for years leaked state secrets from governments all over the world.
The extradition decision follows over a decade of Assange facing court allegations across various jurisdictions. In 2010, Assange was accused of unlawful coercion, rape, and molestation in Sweden and was ordered to be extradited to the Scandinavian country in 2011. Shortly after the order was made, Assange entered the Embassy of Ecuador in London to escape extradition. 
These charges have since been dropped.
He spent seven years in the Ecuadorian Embassy before being arrested by the British police in 2019 for previously failing to surrender to court. The arrest occurred when the Ecuadorian government withdrew its asylum.
Assange was found guilty of failing to surrender to court and sentenced to 50 weeks in jail for breaching bail conditions.

During that time, the US Department of Justice (DoJ) issued 18 charges against him. Among those charges were that Assange allegedly conspired with, and “aided and abetted”, Chelsea Manning to remove US classified documents. The department also alleged that Assange published on WikiLeaks the unredacted names of sources in Iraq and Afghanistan that provided information to the US, which put those individuals in danger.
Releasing her judgment on Monday, Baraitser categorised her analysis of the charges into three strands: Broad conspiracy, aiding and abetting Chelsea Manning with obtaining and disclosing government documents, and publishing documents that contained the names of informants.
In all three strands, Baraitser rejected Assange’s defences, saying that media members, in principle, are not released from their duty to obey the ordinary criminal law. Journalists have “duties and responsibilities” and the scope of these responsibilities depends on their situation and the “technical means” they use, she said, while noting that it could be argued that Assange is not a media member.
She also said that Assange could not prove that the releasing of government documents stopped crimes against humanity, explaining that he was unable to identify a class of people for whom he reasonably regarded himself as being responsible for. 
In terms of the extradition itself, Baraitser said that the extradition of Assange to the US was permissible under UK law despite a UK-US treaty stating that people could not be extradited from the UK to the US for a political offence due to the powers of Parliament reigning supreme in this instance. 
“Whilst it is obviously desirable for both governments to honour the terms of a treaty they have agreed, Parliament has made its intentions clear. The source of lawmaking remains with Parliament and the executive does not have the power to alter this through the provisions of a treaty,” Baraitser said.
Despite these conclusions, Baraitser blocked the extradition request as it would be “unjust and oppressive by reason of Assange’s mental condition and the high risk of suicide”. This conclusion was made following testimony from various medical experts that Assange had severe recurrent depressive disorder, which was sometimes accompanied by psychotic features and suicidal ideas. 
Assange was also found to have post-traumatic stress disorder, generalised anxiety disorder, and autism. 
In response to the extradition’s rejection, the US Justice Department said it was “extremely disappointed” but was gratified that it “prevailed on every point of law raised”.
“In particular, the court rejected all of Assange’s arguments regarding political motivation, political offense, fair trial, and freedom of speech. We will continue to seek Assange’s extradition to the United States,” the Justice Department added.
IF YOU OR ANYONE YOU KNOW IN AUSTRALIA NEEDS HELP CONTACT ONE OF THESE SERVICES:
Suicide Call Back Service on 1300 659 467
Lifeline on 13 11 14
Kids Helpline on 1800 551 800
MensLine Australia on 1300 789 978
Beyond Blue on 1300 22 46 36
Headspace on 1800 650 890
QLife on 1800 184 527
Related Coverage
Edward Snowden asks Trump to pardon Wikileaks founder Julian Assange
Snowden claims the pardon would save Assange’s life.
WikiLeaks founder charged with conspiring with Anonymous and LulzSec hackers
US Department of Justice claims Assange tried to recruit hackers to commit crimes on his behalf. One of the hackers was an FBI informant, said the FBI.
Courts to decide Assange fate after UK signs US extradition request: Report
WikiLeaks founder Julian Assange will face an extradition hearing on Friday.
United States rolls out new 18-count indictment on Assange
Long-awaited superseding indictment contains 17 new felony charges against the WikiLeaks founder.
Julian Assange arrested by UK police, charged with hacking in the US
Live updates: US DOJ indicts Assange on hacking charges, confirms extradition request. More