Welcome to The Dashlane Tech Check for June 30, 2017!  I’ll help you catch up on Dashlane-related news and the big news in the tech industry. And just for fun, I’ll include a useful life hack that will keep you safe and secure all year long.

What in the (security) world?

Here’s what made headlines this week in the world of digital identity, security, and privacy:

The Petya virus isn’t ransomware, but something much worse, say researchers

Following this week’s massive ransomware attack, researchers have shared new analysis of the malware’s encryption routine, which reveals the Petya ransomware outbreak may not be what it seems.

According to Wired, unlike ransomware that would just encrypt the target’s hard drive and demand $300 in Bitcoin in order to recover your data, this virus, in some cases “simply wiped machines on the same network, deleting a victim computer’s deep-seated master boot record, which tells it how to load its operating system”.

Matt Suiche, founder of Comae Technologies, and Anton Ivanoov and Orkhan Mamedov of Kaspersky Labs both concluded that since the Petya ransomware’s encryption was irreversible and it was most likely “disguised as a ‘wiper’”–“Pretending to be a ransomware while being in fact a nation state attack is in our opinion a very subtle way from the attacker to control the narrative of the attack,” Suiche concludes.

This theory is also supported by researchers at Kaspersky Labs who identified Ukraine–where approximately 60 percent of the devices infected by the outbreak is located–as the likely target of the attack.

“I think this was directed at us. This is definitely not criminal. It is more likely state-sponsored,” says Roman Boyarchuk, the head of the Center for Cyber Protection within Ukraine’s State Service for Special Communications and Information Protection to Wired.  Boyarchuk concluded that “it’s difficult to imagine anyone else would want to do this” besides Russia.

This story is still developing. Click here for the latest developments on the global Petya ransomware attack.

Anthem agrees to a record $115 million settlement for data breach

Anthem, the largest health insurance company in the US, has agreed to pay $115 million to settle a lawsuit from a 2015 data breach. According to CNET, if this settlement is approved, it’ll be the largest data breach settlement in history! The money from the settlement will go towards two years of credit monitoring and reimbursement for any breach-related expenses for victims.

US and Israel announced a new cybersecurity pact

During the Cyber Week conference in Tel Aviv this week, Tom Bossert–homeland security and cyberterrorism advisor–announced the US and Israel have made a bilateral cybersecurity pact. “These high-level meetings represent the first step in strengthening bilateral ties on cyber-issues following President Trump’s visit to Israel. The agility Israel has in developing solutions will innovate cyber-defenses that we can test here and bring back to America. Perfect security may not be achievable, but we have within our reach a safer and more secure internet,” said Bossert according to Infosecurity Magazine.

An accidental password reset email causes panic among Automobile Association (AA) members

The Automotive Association (AA) in the UK sparked panic after a password reset email was mistakenly sent to its members on Monday, leading many to assume a data breach occurred. To make matters worse, AA’s website “generated an unusually high number of login requests” that slowed down the system, causing members to fear the worst.

“Some Members and customers have received an email from the following address – email@info.theaa.com, incorrectly stating their password had been changed,” AA said in a statement. “This email was sent by us in error. We would like to reassure everyone that passwords have NOT been changed and personal data remains secure. We’re sorry for any confusion.”

Ohio Governor become the latest political target of a cyber attack

Ohio Governor John Kasich’s website, 10 Ohio state-run websites, and two servers were targets of cyber attacks, according to the Ohio Department of Administrative Services. The attackers claim to be members of ISIS, and defaced Kasich’s website with a pro-ISIS and anti-Trump message. A separate group, Team System DZ, claims to be the ones behind the attacked the other Ohio government websites.

A new service offers cybercriminals automated robocalls as a service to steal online banking accounts

A relatively new dark web automated phishing/social engineering service is giving hackers an automated way to trick targets into handing over their PIN number and other sensitive information via robocalls. According to Motherboard, an attacker simply needs to sign up for the subscription service, give the name, phone number, and bank of their intended target; then, the service will call the target with an automated message meant to collect their PIN number.

Did the CIA develop malware for Linux?

According to a document leaked from the US Central Intelligence Agency (CIA), the agency may have developed Linux malware called OutlawCountry in 2015. According to WikiLeaks, “OutlawCountry allows for the redirection of all outbound network traffic on the target computer to CIA controlled machines for exfiltration and infiltration purposes. The malware consists of a kernel module that creates a hidden netfilter table on a Linux target. With knowledge of the table name, an operator can create rules that take precedence over existing netfilter/iptables rules and are concealed from a user or even system administrator.” However, as InfoSecurity Magazine points out, an attacker would need shell access to their target, but instructions on how to do so are not included in the document.  

Breach Alerts

18 million 8tracks user accounts compromised in hack

Photo credit: AngelList

18 million user accounts were reportedly compromised from Internet radio service 8tracks. According to the 8tracks’ CEO David Porter, the believed “vector for the attack was an employee’s Github account, which was not secured using two-factor authentication.” No credit card numbers, phone number, or street addresses were compromised during the hack, but email addresses and encrypted passwords were exposed. However, users who signed up for an account using Google or Facebook have not had their passwords exposed. Porter urged users to update their account passwords, avoid reusing passwords across online accounts, and recommended enabling 2FA for extra security.

Dashlane News You Shouldn’t Snooze

Dashlane announces support for Android O’s Autofill API

Photo credit: Android Community

Today, Dashlane announced support for Android O’s new autofill feature is currently in beta!

Learn more about this feature and all of the upcoming updates to your Android devices here!

Dashlane reaches a $10 billion milestone

Digital Transactions covered Dashlane’s $10 Billion digital payment milestone in a news brief on Monday. To date, Dashlane’s digital wallet has surpassed $10 billion in online transactions enabled, 2 billion forms filled, and 1.5 billion log-ins. The wallet automates password entry and form-filling at checkout.

Following ransomware attack, discussions continue on the importance of password security 

A study from Dashlane was cited in Healthcare IT News today! The outlet reported multiple studies on the upwards trend of safer password habits this year. “There are a couple of key indicators that contribute to the improvement in password hygiene among users,” said Tim Bandos, director of cybersecurity at Digital Guardian. “First, we live in an age where breaches occur extremely frequently, and often large-scale attacks are making headlines in mainstream media. In addition to credit cards, e-mail addresses, and personally identifiable information, password credentials have been highly sought after by cybercriminals.”

Dashlane was also cited during HLN broadcast coverage on the recent global cyber attacks.  As a recommended tool to protect your devices from the damaging effects of ransomware, the commentator recommended using Dashlane to backup and protect your passwords.

This Week’s Lifehack to Improve Your Security

With ransomware attack dominating headlines, important that both consumers and business understand the risks and how to protect their devices and sensitive information. At the bottom of our coverage of both the WannaCry ransomware attack and the Petya/NonPetya attack, we’ve included useful tips on how to protect your personal and work-related networks and devices from future attacks. Make sure you read them and share them with others!

Have any thoughts on any of the news I shared? Leave me a comment below and make sure to visit our blog next week for another edition of The Dashlane Tech Check.

Also, don’t forget to follow us on Twitter to always be in the know!