CYBERSECURITY

Cyrano de Bergerhack

Love is in the air…and so are cyber scams.

Singles looking for companionship are always ripe targets for scams and hacks, and Valentine’s Day is no exception.

The holiday provides scammers and threat actors with opportunities to prey on the lovelorn through a variety of attack tactics—some of which are utilizing new technologies like AI and deepfakes.

Sweet threat. David Divitt calls the attacks “romance scams.” Divitt, the senior director of fraud protection and experience at global identity verification firm Veriff, told IT Brew a romance scam is usually a process the attacker has put a lot of work into—and Valentine’s Day can offer a good opportunity to pull the trigger on extortion or theft.

“They could anchor around Valentine’s Day as, ‘I really want to come and see you, so can you send me money for tickets?” or, ‘I think it’s time we finally meet, so send me some pictures so I know what you look like,’” Divitt said. “And that kind of thing could be used as an anchor to convince the victim, unfortunately, to complete this scam.”

Read more here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

FROM THE CREW

Let Morning Brew Daily make you smarter

You’re already reading the newsletter, but did you know you can also listen to and/or watch the wittiest and smartest takes on business news?

Morning Brew Daily hosts Neal Freyman and Toby Howell have you covered on everything you need to know before your cup of coffee, from the latest headlines on the economy to explanations of viral TikTok trends.

You’ll look so smart in front of your friends.

New episodes are released every weekday at 7am ET. Check ’em out on YouTube or wherever you get your podcasts.

CYBERSECURITY

Spy games

A state-sponsored hacking group from China known as Volt Typhoon hijacked hundreds of small office and home office routers in the US. The FBI shut down the operation in January, but it’s not exactly game over for the group—their schemes have continued to brew in the background. IT Brew spoke with analysts to better understand the impact of these attacks and what that means for infrastructure in the US.

First, the TL;DR. The hackers used privately-owned small office/home office (SOHO) routers infected with the “KV-botnet” malware to further their attacks against US victims as well as victims outside of the US—while hiding their Chinese origins, according to the Department of Justice (DOJ). With these router attacks, Volt Typhoon gave leverage to the PRC by giving them access to critical US infrastructure, something they’ve managed to maintain “within some victim IT environments for at least five years,” US agency CISA also reported.

“Attacking critical infrastructure for civilian use, and only to impact civilians is a doctrinal difference between the rest of the world and the Chinese military,” Dakota Cary, a nonresident fellow at the Atlantic Council’s Global China Hub and China-focused consultant at SentinelOne, told IT Brew.

Read more here.—AF

Do you work in IT or have information about your IT department you want to share? Email [email protected].

IT OPERATIONS

Dude, you’re going to Dell

Dell has announced a return to office (RTO) policy that will reclassify most of its workforce as hybrid workers required to work out of a company office at least three days a week.

The Register first reported the change in policy, which follows a prior shift last year when Dell required staff living within an hour’s commute of an office to comply with the same minimum attendance requirements. The most recent change will affect those living farther away, who will need to choose between longer commutes, relocation, or consequences at work.

Dell will give some workers below a “certain pay grade” the choice to continue working from home at the cost of “career advancement opportunities,” The Register reported. Amazon, Apple, AT&T, Google, and other tech firms have all announced RTO policies with varying degrees of enforcement and consequences for noncompliance; IBM recently informed managers to work out of offices three days a week or face termination.

In 2020, Dell had committed to work from home policies that would allow 60% of its workforce to only attend in person once or twice a week. At the time, COO Jeff Clarke said that “after all of this investment” in technological upgrades, the majority of Dell’s employees would continue working remotely or hybrid.

Keep reading here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.

TOGETHER WITH GRAMMARLY

Productive communic(A)t(I)on. 52% of professionals don’t know how to use AI, so their businesses aren’t seeing the benefits…yet. Join Grammarly’s webinar on Feb. 21 to dive into their 2024 State of Business Communication report and the transformational benefits of effective communication in the generative AI realm. Can’t attend? Sign up to get the recording + report.

PATCH NOTES

JOBS