FixMeStick’s Weekly Cybersecurity Round-Up: Feb 10th – 16th

Happy President’s Day to our American friends, and happy Family Day to our friends up north! Having an extra day off is always a good time to catch up on lingering tasks you have, whether it be cleaning up the house, paying off some bills, or doing some light reading on your favorite subject – because who doesn’t love a little cybersecurity on their day off.

This week we have some news regarding malicious Google Chrome extensions, information on Google Nest and 2-Factor Authentication, and a suspect who had been detained for four years after not decrypting their hard drives.

Recently, Google removed over 500 Chrome Extensions from its web store after researchers found that they were stealing browser data, executing click fraud and malvertising once installed onto the Chrome browser. 

This is big news for anyone using Chrome, as it means that users are all around more safe and secure when it comes to downloading extensions. 

In this case, we have researcher Jamila Kaya to thank, as she was able to spot shady extensions which used recurring patterns in their code. Most of these extensions were under the guise of being used for advertising and marketing, but instead worked to steal information from the users.

If you’d like to learn more about the situation, you can click here.

For those of you using Google Nest, Google will start requiring you to use 2-Factor Authentication (2FA) when signing in to your Google account. 

2FA is essentially an added layer of security when signing in to your account, so it really comes as no surprise that Google wants to beef up its protection, especially if it keeps weirdos away from accessing the Nest’s webcam and voice software. 

Google announced this recently in a blog post, and it will most likely come into effect within the next few months. While some people may be a bit annoyed with the extra steps, in reality it’s only keeping you safer from prying eyes and ears.

Recently, the FBI released their 2019 Internet Crime Report, and it seems like the demographic targeted most by cyber crime tend to be those who are older and have more cash to lose. 

Reports show that 68,013 individuals over the age of 60 were victimized in 2019, with a monetary loss of $835,164,766 being the grand total stolen. However, cyber crime isn’t solely targeted at an older demographic, as people under 20 are also seen to have been targeted quite a bit, though their monetary loss is not quite as high.

In total, an estimated $3.5 billion is thought to have been stolen as a result of cyber crime. Even if you’re up-to-date on the best security practices, you never know what you might encounter on the internet. To find out more on how to protect yourself online, you can consult our Internet Safety Guide for more info.

Back in 2015, former Philadelphia police sergeant Francis Rawls was arrested after police believed his hard drives contained images of child abuse imagery. After being detained for the past four years, Rawls has since been released. 

The investigators based their claims off of Rawls’ download habits and off of testimony from his sister. However, when it came to decrypting the drives, Rawls simply stated that he had forgotten the passwords, while his lawyers argued that by decrypting the drives he would be violating his Fifth Amendment right against self-incrimination.

Even though in 2017 the court rejected the Fifth Amendment claim, they were still unable to charge Rawls without any concrete evidence.

The files were encrypted using Apple’s FileVault software, which brings up the government’s long standing dispute over Apple’s encryption services. Though the issue at hand is between Rawls and the court, it nevertheless raises the question regarding the company’s involvement with decrypting the devices of criminals.

You can read more on the case here.

With all that being said, you can see why it’s so important to keep updated on your cyber security. Safer Internet day was just last Tuesday, so have yourself a belated celebration and catch up on your cyber security needs!