Mark Miller:

From Sourced Network Productions in New York City, it’s 5:05 on Thursday, May 25th, 2023. This is your host Mark Miller sitting in for Pokie Huang. Stories in today’s episode come from Edwin Kwan in Sydney, Australia, Trac Bannon in Camp Hill, Pennsylvania, Katy Craig in San Diego, California, and me ,this week calling in from Albuquerque New Mexico.

As Pokie likes to say. “Let’s get to it.”

Tracy Bannon:

Microsoft threat Intelligence revealed they have discovered “stealthy and targeted malicious activity” in Guam and locations in the US. Guam is a major US military hub. Dare I say, “This shit’s gettin’ real!”

Hello, this is Trac Bannon reporting from Camp Hill, Pennsylvania.

A state sponsored Chinese hacking group called Volt Typhoon has been operating since 2021. They’ve compromised education, communications, manufacturing, and yes, government organizations.

Using a technique called living off the land, the malware avoids detection and it’s actually considered to be fileless malware.

Traditional malware requires some sort of executable to be deposited and then invoked. Living off the land abuses legitimate tools and components already available on the targeted system. In combination with hands on keyboard or with a registry key, fileless malware leaves no traces for antivirus to detect.

In the case of Volt Typhoon, they are issuing commands from a command line to collect data, including credentials. Next, they package the stolen creds as an archive. Once those credentials are exfiltrated, the nefarious actors maintain their presence.

Yikes! Did I already say, this shit’s gettin’ real.

Should China move against Taiwan, Guam would be the core of the US military response. Volt Typhoon would be positioned to completely disrupt infrastructure in Guam.

The reports I researched said Guam and the US mainland have been targeted. The NSA has published a hunting guide with tactics and techniques to detect and defend.

Please check out today’s resources and the deep dive details. It will give you something to noodle on.

Mark Miller:

“90 Chinese chemical companies that sold fentanyl precursor chemicals and advertise their products on the open web, fully 90% of which offered to accept payments in cryptocurrency like Bitcoin and Tether.” That’s a quote from Andy Greenberg’s article in Wired Magazine this week.

Andy references two research reports; Chainanalysis’ “Crypto and the Opioid Crisis: What Blockchain Analysis Reveals about Global Fentanyl Sales”, and Elliptic’s, “Chinese Businesses Fueling the Fentanyl Epidemic, Receive Tens of Millions in Crypto Payments.”

What these reports exposes that even dark web markets are placing bans on the sale of this stuff, because it’s so damn dangerous. But these chemical companies think it’s okay to sell the ingredients to make fentanyl on the open market. Talk about an end run…

The Chinese companies producing the precursor components of fentanyl don’t seem to care or have concern about the tracking of cryptocurrency that’s being used to make millions of dollars of purchases. The outcome might be that while, the US can’t do anything about the transactions in China, they can pressure the cryptocurrency markets to cut off accounts which they have identified as the main source of the chemicals.

I’ve placed links to the Wired article and to the two reports in the transcriptions and resources section of today’s episode. Take a look for yourself.

And while you’re at it follow Andy Greenbert at Wired.com. He’s up to something every week…

Edwin Kwan:

This is Edwin Kwan from Sydney, Australia.

While some companies are embracing AI technology and using ChatGPT, others have chosen to avoid them. Apple is one of those companies. They have restricted their employees from using ChatGPT and other artificial intelligence utilities. They have also bared their staff from using GitHub’s Copilot, which is a tool that helps write code with auto completion.

This comes in the context of Apple apparently working on its own language models and AI technologies. According to those familiar with the matter, Apple is concerned that AI tools could leak the company’s confidential data.

Katy Craig:

The state of Montana thinks they can ban TikTok within their borders. They passed a law saying, no TikTok allowed, and they wanna slap TikTok in those app stores with massive fines. 10 grand per violation per day.

This is Katy Craig in San Diego, California.

TikTok isn’t taking this lying down. They’re suing Montana and they’ve got a point. They’re saying this law violates the First Amendment. And you know what? The ACLU agrees with them. Free speech advocates know what’s up.

Now let’s see what the Montana governor’s got to say about this. Maybe they’re realizing how ridiculous this whole thing is.

But here’s the rub. TikTok is owned by a Chinese company, ByteDance, and we’ve been hearing all these national security concerns: calls for bans and divestment at the federal level. But even if they pass these laws, who knows if they can even enforce them?

It’s a mess. We got states trying to ban apps, federal concerns about national security, and companies fighting back for their First Amendment rights. Stay tuned as we follow this battle between TikTok and the State of Montana to see who comes out on top.

This is Katy Craig. Stay safe out there.

Mark Miller:

That’s it for today’s open source and cyber security updates. For direct links to stories and resources mentioned in today’s episode, go to 505update.com.

505 is a Sourced Network Production with updates available Monday through Friday on your favorite audio streaming platform. Just search for “It’s 5:05”.

This is Executive Producer, Mark Miller. The editor and sound engineer is Pokie, Huang. Music for today’s episode is by Blue Dot Sessions, and we use descript for spoken text editing. Audacity is used to layer in the soundscapes. The show distribution platform is provided by captivate.fm.

Tune in tomorrow for our 150th episode. We’ll see you then. At 505.