Information Assured April 1st, 2023
Driverless taxis debut in Beijing, UK's NCA sets up fake DDoS-for-hire sites to catch criminals, Bitcoin ATMs hit by a zero-day bug, China's economic growth, Ferrari suffers a ransom attack, US court allows legal notice via NFT, and Huawei replaces US-banned components.
Driverless taxis are now available in suburban Beijing, marking a milestone in intelligent transport. Chinese tech giant Baidu and autonomous vehicle startup Pony.ai were granted licenses to run fully driverless robotaxi services, making it the first time a fully autonomous fleet can operate in a major city. Both companies have deployed 10 autonomous vehicles in a 60-square-kilometer area. Baidu plans to expand its service to 65 cities by 2025 and 100 by 2030. China's self-driving taxi market is projected to be worth $188.6 billion by 2030, accounting for 60% of the country's ride-hailing market. Despite current limitations, robotaxi coverage is expected to grow with data accumulation and algorithm improvements, paving the way for private autonomous vehicles and potentially transforming people's lives.
The UK National Crime Agency (NCA) has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. These sites appear to offer tools and services for cybercriminals, but instead, the user data is collected by investigators. This effort is part of Operation PowerOFF, an international collaboration to dismantle criminal DDoS-for-hire infrastructures. DDoS-for-hire services enable cyber criminals with the limited technical ability to launch attacks against websites. This operation follows a similar approach used by the FBI and Australian Federal Police, who ran an encrypted chat service called ANoM to intercept messages between criminal gang members.
A zero-day bug in Bitcoin ATMs was exploited to steal $1.5 million in digital currency. The affected ATMs had a feature to upload videos, and the attacker uploaded a custom application to the ATM application server, which allowed applications to start by default. The attacker accessed the database, decrypted API keys, sent funds from hot wallets, downloaded user names and password hashes, and turned off 2FA. General Bytes collects information on those affected to validate losses, but recovering funds is uncertain. To keep hot wallets secure, users should enable two-factor authentication, keep their recovery passphrase safe, and be skeptical of airdrops.
Einar Tangen, a senior fellow at Taihe Institute, stated that China's opening will significantly boost the global economy. China produces a vast range of goods as the world's manufacturing hub. Tangen identified three perspectives on China in 2023: the World Bank, IMF, and ADB; moneymen like Goldman Sachs and JP Morgan; and Chinese economists. He believes that if unleashed, China's $17 trillion in savings could help boost global confidence. Tangen also noted that some countries criticize China for fear that its success will make their systems look bad, as China's rapid economic growth challenges the ideology of American exceptionalism. He emphasized that China is not advocating for other countries to adopt its system but believes each country should choose its path without interference.
Luxury car manufacturer Ferrari has warned customers that their personal data may have been stolen following a ransom demand by a threat group. The company refused to pay the ransom and informed customers and authorities of the potential data exposure. Ferrari has engaged a third-party security company to investigate the incident. The accessed data includes names, addresses, email addresses, and phone numbers, but no financial or vehicle details were stolen. It is unclear which threat group targeted Ferrari, but RansomEXX had previously posted 7GB of allegedly stolen internal Ferrari data in October.
A U.S. federal court has approved serving a legal notice via NFTs for the first time, following similar rulings in New York and the UK last year. The case involves a plaintiff whose $971,291 worth of Tether stablecoins were stolen by anonymous hackers from his Coinbase wallet. The plaintiff sued the hackers without knowing their identities and served the notice via NFTs. District Judge Beth Bloom of the Southern District of Florida allowed blockchain and NFTs to serve the legal notice, as it was the only means to contact the defendants. The hackers are now required to repay the stolen funds, likely in interest-bearing fiat currency.
The cost of fraudulent robocalls is expected to rise by 9% from 2022, reaching $58 billion globally in 2023, according to a report from Juniper Research. Despite efforts to mitigate such scams, losses will reach $70 billion globally by 2027. North America is the most affected region, accounting for over half of all losses in 2023. The STIR/SHAKEN initiative in the US has helped reduce robocall fraud-related losses by an estimated 85% between 2022 and 2023. Juniper Research recommends stakeholders outside North America adopt their own version of the framework and other initiatives to tackle fraudulent call tactics. Brand authentication technology could also help combat robocall fraud by allowing users to verify a brand's authenticity before answering a call.
Huawei has replaced over 13,000 banned components from the US with domestically produced versions, according to founder Ren Zhengfei. Huawei, a leading supplier of telecom gear and smartphones, has been targeted by the US over cybersecurity and espionage concerns. The company has also redeveloped more than 4,000 circuit boards. Ren acknowledged challenges in manufacturing advanced microchips in China but said the company is finding other ways to compete with the US. Huawei invested $23.8 billion in research and development in 2021 and plans to increase investment as profits grow.
Comments
Post a Comment