Controversial gunshot detection company ShotSpotter has deployed more than 25,000 microphones in 170 cities worldwide. This week WIRED and South Side Weekly revealed that the company may continue to provide shooting data to police in cities even after the contract ends. Internal emails obtained by the publications suggest the ShotSpotter sensors may have remained online even though contracts with law enforcement have expired, raising questions about what will happen to Chicago’s 2,500 microphones when the Contract expires at the end of the year.
Elsewhere, Change Healthcare finally admitted to paying a ransom to the AlphV hackers, also known as BlackCat, who had blackmailed the medical company. Weeks ago, WIRED announced that the attackers had been paid $22 million, one of the largest ransomware payments ever. However, the company admitted in a statement this week for the first time that it had paid the ransom as part of its efforts to “do everything possible to protect patient data from disclosure.” Some of this data still ended up on the dark web.
In another successful scam, researchers in North Korea have found animators creating artwork for major Hollywood studios. A misconfigured cloud server in North Korea discovered late last year contained thousands of animation files, notes and working documents for productions of shows streaming on Amazon Prime Video and Max. The companies probably didn’t know that workers from the hermit kingdom were creating the artworks, but it’s another example of how North Korea uses skilled workers to evade sanctions and monetize the regime.
Meanwhile, Cisco announced this week that some of its devices, called Adaptive Security Appliances, were targeted by state-sponsored hackers who exploited two zero-day vulnerabilities in the systems. The attack, dubbed “ArcaneDoor,” is believed to have had an espionage focus and sources suspect China’s state-backed hackers could be the culprits.
The November presidential election may still be months away, but the next US president will have expanded surveillance capabilities. This week, Joe Biden signed a controversial bill to expand and improve Section 702 of the Foreign Intelligence Surveillance Act. FISA allows spy agencies to collect calls, emails and more from Americans as they pursue foreign intelligence agencies. Critics say the changes are “a gift to any president who wants to spy on political enemies.”
That’s not all. Every week we round up the security and privacy news that we haven’t covered in detail ourselves. Click on the headlines to read the full stories. And stay safe out there.
In January, an Instagram account in Baltimore, Maryland, posted an alleged audio recording of local school principal Eric Eiswert making racist and anti-Semitic comments. Baltimore County Public Schools immediately launched an investigation into the incident. However, this week a former Pikesville High School athletic director was arrested after police said he used artificial intelligence software to create the fake Eiswert audio clip. The audio recording included comments about “ungrateful black children” and derogatory remarks about the Jewish community.
Dazhon Darien, the former employee, was arrested after being stopped at an airport with a gun when officers discovered there was an outstanding warrant Baltimore banner reported. The media organization reports that Darien was charged with disrupting school operations and stalking. The fake clip was allegedly created in retaliation for the principal investigating Darien for irregular payments to his roommate.