Headline
The Post-Roe Privacy Nightmare Has Arrived
Plus: Microsoft details Russia’s Ukraine hacking campaign, Meta’s election integrity efforts dwindle, and more.
The United States Supreme Court yesterday struck down Roe v. Wade, the monumental 1973 decision that guaranteed the right to abortion in the US for 49 years and, as Maryn McKenna writes for WIRED, “revolutionized life for women.” Now, all of that is in peril.
It is impossible to overstate the profound consequences of the court’s decision. In addition to the life-and-death dangers now facing people who become pregnant, the end of Roe and the rise of criminalized abortion stand to usher in a privacy nightmare that civil liberties advocates have warned about for decades.
As we reported in May after a draft of the Supreme Court’s decision was leaked to Politico, the criminalization of abortion in states across the US requires that people adopt a comprehensive digital privacy strategy to protect themselves from the surveillance state. This can include steps like switching to an end-to-end encrypted app like Signal, limiting your data footprint by using search engines like DuckDuckGo instead of Google, locking down your privacy settings on your phone, and using a browser extension to block web trackers. For more details on securing your digital privacy, we recommend guides from the Digital Defense Fund and the Electronic Frontier Foundation.
If you plan to protest against the Supreme Court’s decision, check out our guide on how to protest safely. And if you’re seeking information about receiving an abortion in post-Roe America, we have a list of resources for that as well.
In other stories this week, we explained how to password-protect any file and dove into lingering security risks related to Microsoft’s now defunct Internet Explorer browser. We got a look at Brave’s new Goggles tool for its privacy-focused search engine, which lets you create custom search filters. We explored the ways in which the US intelligence community is using artificial intelligence. And we detailed a new type of spyware that Google and Lookout researchers say has been used to target people in multiple countries.
But that’s not all. We’ve rounded up here the big security news from the past week that we haven’t been able to cover ourselves. Click on the headlines to read the full stories. And stay safe out there.
Microsoft this week released a report diving into Russia’s cyber efforts in its ongoing war against Ukraine. Researchers found that Russia has launched at least 48 attacks against Ukrainian entities. While some efforts have been successful, researchers found that rapidly deployed digital defenses have fended off many of these attacks, including a failed Russian military effort to deploy “wiper” malware against Ukrainian government computers. Vladimir Putin isn’t limiting Russian hackers to targets in Ukraine, however. Microsoft researchers identified Russian “network intrusion efforts” against 128 organizations in 42 countries outside Ukraine. Moscow frequently targets the governments of NATO countries, and researchers say that Russian attacks have been successful 29 percent of the time. In a quarter of the successful attacks, Russian hackers have pilfered internal data from victims’ networks. Microsoft also warns that Russia is carrying out global “cyber influence operations," at least some of which push propaganda encouraging people to not get vaccinated for Covid-19.
Despite political misinformation remaining rampant on Meta’s platforms ahead of the midterm elections in November, CEO Mark Zuckerberg has reportedly shifted his attention from election-related issues to focus on the metaverse. According to multiple sources who spoke to The New York Times, Facebook’s “core election team … has been dispersed,” and just 60 people now focus on election integrity issues full-time. Company spokesperson Tom Reynolds disputed that figure, claiming that “hundreds" of people at Meta are focusing on election-related work.
Another day, another cryptocurrency company hack that nets criminals staggering amounts of money. The latest known attack, against California-based Web3 firm Harmony, targeted the blockchain bridge, an application used to transfer cryptocurrencies from one blockchain to another. The company says the hackers stole approximately $100 million in digital assets. Bridges are a known weak point in the crypto ecosystem. In late March, hackers believed to be part of North Korea’s Lazarus Group made off with $540 million worth of cryptocurrency thanks to a bridge attack.
We’ve all been there: On your way home after a boozy night on the town, you realize you’ve misplaced a USB drive containing the names, addresses, birthdays, and tax-related information of every person in your city. Never happened to you? Well, a contractor in Amagasaki, Japan, wasn’t so lucky. The Guardian reports that the unnamed contractor lost a USB drive with the sensitive personal data of all 460,000 Amagasaki residents after a night of drinking at a restaurant. While the mistake is surely embarrassing, it hopefully won’t lead to privacy breaches: According to city officials, the data was encrypted and they’ve found no evidence of leaks. Cheers!