Dancing Pandas & China Hacks Pretty Much Everything

.not quite as cute as it sounds

A dancing panda sounds delightful. It doesn’t sound dangerous. Maybe that has something to do with why the codename was later changed to Legion Amethyst, which personally, I think sounds far more nefarious.

According to an NBC report, Dancing Panda/Legion Amethyst were codenames for a coordinated email attack campaign by China. It was initially discovered in 2010. According to the report, it’s still going on. 

The scope of the campaign is staggering.

The senior official says the private emails of “all top national security and trade officials” were targeted.

The Chinese also harvested the email address books of targeted officials, according to the document, reconstructing and then “exploiting the(ir) social networks” by sending malware to their friends and colleagues.

And if you’re wondering, yes, it coincided with the timeframe a certain presidential candidate is in hot water for over the use of a personal account being used in official government business.

.at least it’s just email, right?

No. Another gem available at the link above is a report that claims that that China has been hacking into pretty much everything. Ok, maybe not everything, but a lot. Apparently, China has engaged in hundreds of attacks across (at least) dozens of different industries. They’ve been looking to steal details around aerospace engineering, defense, autos (for hybrid car specifications), pharmaceutical companies (formulae for successful drugs), and (and this really bothers me) details around civilian and military air traffic control systems. They have apparently been targeting power and telecom.

.so what’s the worst that could happen?

I mean… why would anyone worry about this? I only know of maybe one instance where a ragtag group of ‘rebels’ found the technical design specifications of a battle station and they were able to somehow target it with a well-placed hit that caused a massive chain-reaction leading to the destruction of the battle station. But the odds of that had to be 1:1000000. Seriously, what could China possibly do with information about our aerospace, defense, manufacturing, transportation, power, and telecom?

.set attitude.sarcasm = off

Seriously though. People in the security world have known for some time that there are massive attacks originating there. Protecting against these types of attacks is near impossible as long as people are careless. And people, generally, are careless.

Facebook Security Hole Allows Bulk Discovery of Personal Information

There’s a nasty little security hole (not a vulnerability according to Facebook – in case you were wondering exactly how important your privacy is) that was discovered recently. The original work seems to belong to Salt Agency, an SEO agency.

.about the hack

The flaw allows an attacker to essentially grab all of the public data about users who share their cellphone number if the attacker knows/guesses that number. Now this might not seem like a big deal on the surface, but as described in the post linked above, it allows a hacker to create a list of all possible phone numbers, and then get lots of data about the owners of those phone numbers.

By using a script, an entire country’s (I tested with the US, the UK and Canada) possible number combinations can be run through these URLs, and if a number is associated with a Facebook account, it can then be associated with a name and further details (images, and so on).

.fixing the hack

To fix, select Settings from the padlock menu

FBFind_by_phone_Settings

Then click Privacy on the menu on the left.

The screenshot below shows the default setting:

FBFind_by_phone_default

This is why the flaw allows an attacker to get your personal information. By limiting the audience here, you can change who can see your data. While allowing only Friends to look you up by phone number is kind of silly – you can still have the benefit of allowing people you are likely to know to find you if you use the Friends of Friends setting.

FBFind_by_phone_preferred

.warning

Note that if you share your phone number, Friends, is the most restrictive setting available.