Security Update: ADT Eavesdropping, an iOS Patch, & More

Last week we discussed several ways to protect your data privacy on a regular basis. These were everyday things you could change that would have a big impact on how much of a target you could be. This week we will cover some recent data breaches and Ransomware attacks that may have put your data at risk, of which you had no control over. It is important to be aware of threats you cannot control because there are often steps you can take to protect yourself and secure your accounts after-the-fact.

This post covers a flaw in ADT security cameras, an iOS emergency patch, a few healthcare breaches, and more.

Security Update: ADT Eavesdropping, an iOS Patch, & More

ADT eavesdropping

Researchers recently disclosed security flaws in ADT's LifeShield DIY HD Video doorbell. The doorbell connects to the owner's Wi-Fi network which allows the home owner to remotely answer the door via the LifeShield app. The flaw allowed attackers to access credentials, live video feeds, and conversations if exploited.

ADT had one specific video doorbell suffer a data breach. Luckily, only 1,500 devices were affected and a patch has already been released.

ADT has already pushed out a patch to the 1,500 devices that were affected. Unfortunately, this is another reminder of smart home devices that do not come with enough security out of the box.

The takeaway: Every device that connects to your Wi-Fi puts all other devices on the Wi-Fi at risk. Each device becomes a potential point of failure security-wise. This happens because once a device is breached, hackers can often use it to access other devices. Any device on the same network becomes a target.

In this breach, user credentials were also exposed. If those are reused anywhere else, those accounts could also be at risk. This is a perfect example of why it is not safe to reuse credentials! At the very least, be sure not to reuse credentials for less secure smart home devices on other important accounts like banking credentials.

Also, wherever possible, separate your Wi-Fi into two individual networks - one for computers and printers and another for smart devices like tv's, doorbells, fans, streaming devices, etc.

NOTE: Two networks means broadcasting two unique SSIDs that have different keys, not the 2.4 and 5.0GHz ranges of a single Wi-Fi network.

iOS emergency patch

Recent vulnerabilities described as kernal flaws, were found within Apple iOS software. These prompted a security update for both iOS and iPadOS versions 14.4. If exploited, the flaw allowed a malicious application to elevate privileges.

Allowing elevated privileges is something Apple is notorious for being very strict about with developer applications, trying to restrict access to only that which is absolutely needed for the application to run properly. Limiting privileges helps prevent rogue applications from accessing local settings it should not need in an effort to keep your device secure.

The takeaway: It is nearly impossible to prevent 100% of threats and vulnerabilities. This is why it is important to run updates when they become available. Many times features are the original purpose, but security updates, however small they may be, are typically in every released operating system update as new threats are constantly popping up whether that operating system is Windows, Google, or Apple-based.

Healthcare breaches

Several healthcare breaches have been reported in the last few weeks. A recent cyberattack in Okanogan County Washington, took multiple regional offices offline including the Public Health department. The effects of this breach spread across the entire network, taking down computers, phones and disrupting email access as well.

Another attack hit Einstein Healthcare Network, based in Philadelphia. This breach occurred back in August of 2020 but some patients were recently notified of it. This breach included protected health information and for those patients affected, may have included their social security number, health insurance details or driver's license info.

The takeaway: There is never a good time for a healthcare breach, but an argument could be made that during a pandemic is about the worst timing. HIPAA compliance requires data breaches of this type to be reported within 60 days and an investigation follows. If you do get notified of such a breach, make use of the free credit reporting or other services offered as a result. Always be sure to change your credentials with that company and anywhere else you re-cycled those credentials (which we encourage you not to!).

USCellular

USCellular suffered a data breach last month after some employees were tricked into downloading malware onto company computers. With access to an employee machine, hackers were able to access some customers wireless accounts and phone numbers. Additionally, since some employees were already logged into the company CRM system, hackers were able to access customer names, addresses, PIN numbers, cell phone numbers, plan types and billing statements.

USCellular suffered a data breach last month that exposed PIN numbers, billing information, phone and account numbers and more of some customers.

The takeaway: If you were one of the victims of this breach, your PIN number, security questions and answers, will have already been reset by USCellular for security reasons. Still, you must be diligent and cautious of targeted scams and phishing attacks that may result from the wrong people getting this information. Always call a company directly rather than clicking on links in emails or messages. If you question the validity of something, do not click on it, respond or otherwise engage! Call the company to report anything out of the ordinary so they can warn other customers and help prevent attacks from spreading.

Ransomware group thwarted

Our last story is a positive one as the U.S. Justice Department and Bulgarian authorities disrupted the NetWalker Ransomware group, seizing servers and making an arrest. During this takedown, police confiscated hundreds of thousands of dollars and more than $450,000 in cryptocurrency that was gained by users paying ransoms.

NetWalker is a ransomware-as-a-service application that was acquired from the darknet by those who wanted to use it to infect victim's machines. NetWalker has been active since 2019 and was behind several high-profile attacks in 2020, but luckily the servers hosting it have been shut down.

The takeaway: Ransomware is effective because people pay it. If we all take a little more time to plan ahead, stay up to date with current threats, and most importantly, have backup copies of our data not attached to our local networks, we can put Ransomware attackers out of business.

In the meantime, law enforcement will continue to work on shutting these groups down, but it is your responsibility to protect yourself and your data. Don't make it easy for someone to target you - use complex passwords, do not reuse credentials, refrain from clicking on unknown links in email or on webpages, and always have duplicate copies of important files.

Security threats never end. Sometimes those introduced are purposeful, like Ransomware attacks. Others, like unknown vulnerabilities introduced into an environment, spawn emergency updates. Still others are examples of technology entering our lives in ways nobody expected, and as a result, they lack proper security. It is always best to use caution introducing new items into your home, and if your data is exposed, be sure to change account credentials and be alert for fraud.

As always, being cautious helps keep you from being the low-hanging fruit that hackers often target!