The Monthly Phish Fry: June 2025
Fishing for phish - it’s the Monthly Phish Fry!
Intro:
No, this isn’t a cooking blog where I tell you how to fry up your favorite fishy foods. Trust me, you wouldn’t want that advice from me anyway. Instead, we’ll be serving up security insights ranging from local to global threats, and physical and cyber security topics. On this month’s menu:
Hikvision Dome Camera
Canada Bans Hikvision
In a move that mirrors actions taken by the United States and other allied nations, the Canadian government has ordered the shutdown of the Canadian operations of the Chinese state-owned technology manufacturer, Hikvision (also known as Hangzhou Hikvision Digital Technology Co.). The company's surveillance equipment has been a source of growing security concerns in the West.
The ban in Canada follows a 2022 decision by the U.S. Federal Communications Commission (FCC) to ban the sale and import of new communications equipment from five Chinese companies, including Hikvision. The U.S. has cited concerns that the company's products could be used by the Chinese government for surveillance, posing a security risk. This sentiment has been echoed by other countries, leading to a growing list of nations that have implemented full or partial bans on the use of Hikvision technology, particularly in government facilities. These concerns stem from the close ties between the company and the Chinese government, as well as the potential for backdoors in the technology that could allow for unauthorized access to sensitive information.
Takeaway:
I still see these cameras everywhere, usually it’s an older installation on smaller buildings, like retail shops. Yes, these cameras may have been a cheap lifeline a decade ago when those shops needed security. Good on them for moving forward with some form of surveillance system. But, it’s time to wake up — we’re in a cold war with China, and saving a buck on their cheap hardware could come at a future cost that I’m not willing to pay.
Do yourself and your fellow Americans a favor and upgrade that ancient system to a more reputable solution.
Source:Mother of all dDOS!
In a stark reminder of the ever-present threat of cyberattacks, Cloudflare recently thwarted a record-breaking 7.3 terabits-per-second (Tbps) Distributed Denial-of-Service (DDoS) attack. This massive assault, aimed at a hosting provider, highlights the critical importance of individual and collective responsibility in securing our network-connected devices. The attack, which was 12% larger than the previous record, was largely comprised of a UDP (User Datagram Protocol) flood, a common method for overwhelming a target's servers with a deluge of traffic.
The attack delivered 37.4 TB (terabytes) of data in just 45 seconds. For comparison, this is equivalent to streaming 7,500 hours of HD video… in 45 seconds — Talk about binge watching…
Data provided by Cloudflare about the attempted attack
The Hidden Danger of Unsecured Devices
The most alarming aspect of such attacks is that they are often carried out by botnets, which are vast networks of compromised devices. These devices, which can include everything from routers and security cameras to smart home gadgets, are often exploited due to weak or default passwords, unpatched vulnerabilities, and a general lack of security awareness. Once infected, these devices become "zombies" in a botnet army, ready to be weaponized for large-scale DDoS attacks, data theft, and other malicious activities. The sheer number of these devices, with an estimated 27 billion IoT devices expected by 2025, creates a massive and readily available pool of resources for cybercriminals.
Taking Ownership of Our Digital Lives
This incident underscores the urgent need for a paradigm shift in how we approach the security of our connected devices. While it may seem like a daunting task, there are several simple yet effective steps that everyone can take to protect themselves and contribute to a more secure digital ecosystem:
Change Default Passwords: The first and most crucial step is to change the default passwords on all your devices. Use strong, unique passwords for each device and account.
Keep Software Updated: Regularly update the firmware and software on all your devices to ensure they are patched against the latest vulnerabilities.
Enable Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring a second form of verification, making it much harder for unauthorized users to access your accounts.
Secure Your Wi-Fi Network: Change your router's default settings, use strong encryption (WPA3 is recommended), and create a separate guest network for visitors and less secure IoT devices.
Be Mindful of What You Connect: Before connecting a new device to your network, consider its security features and the manufacturer's reputation.
By taking these proactive measures, we can reclaim ownership of our network-connected devices and prevent them from being used as pawns in the escalating cyberwar. It's not just about protecting our own data and privacy; it's about contributing to a safer and more resilient internet for everyone.
Sources:Shifting Gears to defense
Image from KTLA.com
In a chaotic scene underscoring a dangerous trend, a South Los Angeles AutoZone was ransacked by a large mob, an incident authorities believe was connected to a nearby street takeover. This marks the second time in a year the same location has been hit in this manner, where the lawless energy of the illegal car rally spilled over into opportunistic crime, causing what police estimate to be hundreds of thousands of dollars in damage and stolen merchandise.
This event is a stark illustration of why target hardening is no longer an optional security measure, but an essential business strategy, especially in environments with predictable risks.
Why Target Hardening is Crucial
Target hardening is the practice of making a location more difficult for criminals to attack. The recent AutoZone looting, where a crowd tore through a metal fence and shattered glass, highlights a critical vulnerability: being a "soft target." In high-energy, mob-mentality situations like a street takeover, the crowd will exploit the path of least resistance. A business that appears difficult to breach is often bypassed for an easier one.
Key target hardening measures that are crucial in these environments include:
Reinforced Barriers: Upgrading doors, windows, and fencing is the first line of defense. This can include installing security window films that prevent glass from shattering, roll-down metal security shutters for after-hours protection, and reinforced door frames that can withstand significant force.
Access Control: Limiting points of entry and controlling who can get in and out, even during business hours, can deter a mob. While challenging for retail, solutions like controlled-entry door systems can be considered in high-risk locations.
Visible Security: The presence of high-quality, visible surveillance cameras and prominent signage advertising an alarm system can act as a psychological deterrent. While it may not stop a determined mob, it can make some participants think twice and aids law enforcement in identifying suspects later.
Layered Defenses: No single measure is foolproof. A layered approach combining physical barriers, surveillance, alarms, and a well-rehearsed emergency plan provides the most robust protection. If one layer is breached, the next is already in place to delay criminals and alert authorities.
Kick It Up a Notch: If you want to go the extra mile, there are more proactive, advanced solutions such as fog systems, strobes, and sirens that are sure to make perpetrators second-guess why they are there. These systems can avert a break-in altogether, or buy you valuable time as law enforcement arrive.
For businesses in areas prone to volatile events like street takeovers, assuming "it won't happen to me" is a costly gamble. The AutoZone incident is a clear signal that the chaos of these gatherings can quickly escalate, and only by proactively hardening their defenses can businesses protect their property, their employees, and their livelihood from becoming collateral damage.
Source: ktla.comThe Moneyball Misplay
Hollywood headlines once again blur with police blotters as Brad Pitt's Los Feliz home was ransacked by a burglary crew, marking yet another high-profile attack on a California luminary. The incident, where three suspects reportedly scaled a fence and smashed a window, is the latest in a string of brazen crimes targeting the rich and famous, leaving many to wonder about a puzzling paradox: why do individuals with immense wealth so often appear to be reactive, rather than proactive, when it comes to their personal security?
This question becomes even more pointed when viewed alongside the recent, horrifically violent home invasion at the Montecito estate of Beanie Babies billionaire Ty Warner. In that case, an intruder broke in, brutally attacked a staff member, and barricaded himself inside while Warner was present.
These incidents highlight a baffling vulnerability. For a fraction of their net worth—the cost of a luxury car or a weekend getaway—these individuals could implement robust, multi-layered security systems. This goes beyond a simple alarm. It means "target hardening": installing shatter-proof windows, reinforced doors, high-tech motion sensors, and, most importantly, a trained and visible security detail.
The reluctance to invest in such proactive measures is a dangerous gamble. It seems to stem from a belief that "it won't happen to me," or perhaps a desire to maintain a sense of normalcy, free from the overt presence of security. But as these repeated and escalating intrusions demonstrate, in today's environment, wealth and fame alone are not deterrents—they are magnets. Without a formidable, visible defense, these sprawling estates are not fortresses, but glittering, soft targets waiting to be hit. The cost of a break-in is no longer just stolen property; it's a violent intrusion that shatters peace of mind and, as seen in the Warner case, can have devastating, life-altering consequences.
Source: ktla.com