This week, the The Ministry of Justice charged a 22-year-old with accusations of tampering with the water system where he used to work. It is a strong reminder that while the power grid is receiving the most attention, it is not the only critical infrastructure that is vulnerable to potentially devastating attacks.
We also looked at YouTube’s ongoing issues with moderating child-focused content; a WIRED investigation found dozens of scary thumbnails on videos for Minecraft and child-centric pursuits that were on or near the top of the platform’s “Topic” pages. It’s not quite as eerie a situation as the so-called Elsagate controversy a few years ago, where the YouTube Kids app was flooded with grotesque videos of popular child characters performing unspeakable acts. But it still shows that YouTube still has a lot of moderation work ahead of it.
Tired of receiving unwelcome files from strangers, either through AirDrop or what Android calls its version these days? You can make them stop! And probably should. Just follow our guide to check and uncheck the various settings needed to close the crossover.
And there is more! Every week we round up all the news WIRED did not cover in depth. Click on the headlines to read the full stories. And be safe out there.
An organization known as “Chicken Drumstick”
A whistleblower tells independent security journalist Brian Krebs that a recent breach of the network equipment company Ubiquiti was much worse than originally reported. The source said that hackers “gained full read / write access to Ubiquiti databases on Amazon Web Services,” as well as root administrator access to Ubiquiti’s AWS accounts. These are basically the keys to the kingdom. Ubiquiti has said in response that it has no indication that user data was accessed or stolen, although Krebs’ source says that the company does not keep logs that will give them that information in the first place. Anyway, that’s a mess!
In January, Google reported that Lazarus Group hackers in North Korea had spent a lot of energy fooling security researchers, and had even been successful in doing so. This week, the search giant’s Threat Analysis Group followed up and said that the North Korean campaign continued quickly, this time armed with a fake website and fake profiles on social media. In an inspired bit of trolling, one of the Twitter dolls was named Sebastian Lazarescue.
It is safe to say that many, many people are feeling burnt out by pandemics these days. But think of men and women from the US Cybersecurity and Infrastructure Security Agency. After the widely respected leader Chris Krebs was fired by the president’s tweet last fall, CISA has had to contend with the fallout of SolarWinds and Hafnium, one of the largest hacking campaigns to hit the United States in recent history. Politico reports that the agency’s 2,000 workers are at risk – which could leave the country ill-prepared to deal with the next attack.
Last weekend, the United States’ strategic command – those in charge of nuclear weapons – tweeted a small string of noises, which makes some people understand that they have been hacked. The good news is, no, they were not. The less good news is that instead, the kid of the person who was logged into the account had a moment on the keyboard. Just the right mix of sweet and alarming!
More great WIRED stories