I’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too.

Turns out the same thing is true for non-technical backdoors:

The advisory said that the cybercriminals were successful in masquerading as law enforcement by using compromised police accounts to send emails to companies requesting user data. In some cases, the requests cited false threats, like claims of human trafficking and, in one case, that an individual would “suffer greatly or die” unless the company in question returns the requested information.

The FBI said the compromised access to law enforcement accounts allowed the hackers to generate legitimate-looking subpoenas that resulted in companies turning over usernames, emails, phone numbers, and other private information about their users.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

NATO Set to Build New Cyber Defense Center

July 13, 2024 0 Comments 0 tags

NATO members have agreed to develop a new integrated facility to help improve collective cyber-resilience

Read More

China-Linked Threat Actors Target Taiwan Military Industry

September 10, 2024 0 Comments 0 tags

TIDRONE group targets military, drone and satellite industries in Taiwan

Read More

Former deputy national cyber director DeRusha lands at Google Cloud

June 25, 2024 0 Comments 0 tags

The post Former deputy national cyber director DeRusha lands at Google Cloud appeared first on CyberScoop.

Read More