Cyber Saturday—Verizon Breach Report, Facebook Sues Data Abuser, China’s NSA Loot

The tell: Three more exclamation points than I have observed the bossman ever having used !!!

Phishing, the attempted ensnarement of people’s personal information through fraudulent dispatches, continues to be one of the web’s great scourges. The tactic remains an effective means for spies to commit espionage, a lucrative pastime for criminals, and a nuisance to my inbox. Naturally, the practice is a highlight in Verizon’s 2019 data breach investigations report, a compendium of useful cybersecurity insights, published Wednesday.

Verizon’s useful report is based on an analysis of more than 41,000 security incidents and more than 2,000 breaches across many industries and companies. The data are culled from 73 data sources ranging from Palo Alto Networks, the cybersecurity firm, to the U.S. Secret Service.

Three findings from the report to call your attention to, all of which concern phishing:

• Hackers are increasingly targeting top dogs. Senior executives were 12 times more likely to be the target of “social incidents,” including email phishing scams, than in years past. They were also nine times more likely to be the target of “social breaches,” meaning the unauthorized disclosure of sensitive information through social channels, such as via phishing, than in years past.
• Money motivates. Financially-oriented social engineering attacks, which include phishing, represented 12% of all data breaches. Some miscreants sought to steal web login credentials, banking passwords, or credit card information; others urged people to wire money into coffers controlled by crooks.
• Phones are a threat. Mobile devices were associated with 18% of phishing email clicks. People are often distracted when using their phones and are thus easier targets.

It’s obvious why hackers are turning their attention to senior executives. They have greater access to organizational resources and, when compromised, their accounts hold more sway over underlings. (Yessir, right away, Mr. Lashinsky, sir!)

John Loveland, Verizon’s global head of cyber strategy, offered another reason for the uptick when visiting Fortune’s office this week. “Executives are very busy. They’re flying through lots and lots of emails a day. They’re more likely to click on bad emails,” he said. “The bad guys are focusing their attention on where they think they’re going to get the greatest bang for their buck.”

A tip for your consideration. Have a conversation with your teammates, and let them know that they should always confirm your identity out of band—over the phone, or through some other means—before they wire money somewhere. Make it urgent.

Robert Hackett

@rhhackett

robert.hackett@fortune.com

Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.

THREATS

Boomerang oops. Chinese spies secretly obtained U.S. National Security Agency hacking tools and used them to attack American allies in Europe and Asia, the New York Times reports. The agents got their hands on the cyber arms prior to a mysterious group known as the Shadow Brokers leaking the weapons online in 2016, an incident that led to global, business-crippling cyberattacks by Russia and North Korea. The report is based on findings by cybersecurity firm Symantec, which believes the hackers captured the code on machines targeted by NSA hackers. For a skeptic's view, read this piece of commentary by Dave Aitel, chief security technical officer at data center firm Cyxtera and former NSA hacker.

Cambridge Analytica part deux? Facebook is suing Rankwave, a South Korean data analytics firm, which the media giant is accusing of failing to comply with its advertising and marketing policies. The alleged offender supposedly would not submit to an audit concerning its data collection and retention, which involved 30 or so apps for tracking and analyzing Facebook comments and "likes." Facebook wrote in a blog post that "we are sending a message to developers that Facebook is serious about enforcing our policies." Better late than never.

Take a picture; it will last longer. Ever, a photo storage app, has been quietly training facial recognition algorithms based on people's photo uploads. The company then offers to sell this technology to military, law enforcement, and private companies, including a deal it has in place with SoftBank Robotics, maker of the Pepper robot, NBC News reports. The company updated its privacy policy after NBC contacted it questioning the policy's clarity.

Who left the door open? Security researchers are debating whether the presence of a flaw in a cryptographic algorithm submitted for consideration to an Internet standards body by a Russian delegation was intentionally included or not. Was this bug an accident, or a covert attempt to insert a backdoor? It's unclear. The issue, while not immediately exploitable, could lead to an attack.

Hot wallet. Binance, one of the world's biggest cryptocurrency exchanges, disclosed this week that looters stole more than 7,000 Bitcoin, worth nearly $41 million, from its digital vaults. The company is covering customers' losses using an emergency fund it set up for just such a contingency, the "secure asset fund for users," or SAFU. The exchange also said it has begun conducting a security audit intended to patch vulnerabilities and root out hackers.

Giving whole new meaning to "jailbreak."

Share today's Cyber Saturday with a friend:

http://fortune.com/newsletter/cybersaturday/

Looking for previous Data Sheets? Click here

ACCESS GRANTED

Elephant graveyard. On the latest episode of Crazy/Genius, The Atlantic's technology podcast, the hosts interview Shoshana Zuboff, the author of The Age of Surveillance Capitalism (whose work we have written about before). She describes how technology companies are creating exploitative marketplaces out of people's personal data—including, in one particularly egregious example, the recording and storage of children's voices by Internet-connected dolls. Are consumers unwittingly toiling in the data mines for Silicon Valley's overlords?

"There is an important distinction to be made between labor and raw material," [Zuboff] says. These children are not working. They are merely living, and their lives are being strip-mined for data, as an elephant might be harvested for its ivory.

"What are we in this equation?" Zuboff asks. "We are not the ivory. We are not what is poached. We are the carcass that is left behind."

FORTUNE RECON

After GDPR Struggle, Are Companies Ready for the Next EU Data Law? by Robert Hackett

Chelsea Manning Was Just Released From Jail. Here's What Happens Next by Erin Corbett

The Questionable Future of Donald Trump's Department of Justice by Renae Reints

A.I. Can Now Read Your Thoughts—And Turn Them Into Words and Images by John Nosta

20% of Americans Have Bought Counterfeit Mother's Day Gifts by Laura Stampler

Microsoft Prepping New Tools to Fight Election Hacking by Dina Bass

Zuckerberg Should Be Held Personally Liable for Facebook's Violations by Adam Lashinsky

ONE MORE THING

Doxing. A freelance journalist and former NSA hacker have embarked on a project to obtain and publish government files related to early hacker history using Freedom of Information Act requests. They've raised more than $2,300 to cover their FOIA costs and have submitted about 50 requests so far, reports Motherboard. The files they're seeking relate to groups like Anonymous, LulzSec, the Cult of the Dead Cow, and others.

The venture is already bearing fruit: Here's an internal NASA report about the so-called WANK worm, a self-propagating computer virus that struck the space agency in 1989. A pre-WikiLeaks Julian Assange is believed to have had a hand in that hijinks, though he denies involvement.