Security News This Week: Hackers Hit NASA Before the Holidays

Loren Elliott/Getty Images

The week started with bombshell Senate reports on the Russian campaign to influence the 2016 presidential election. We dived deep to explain how Russians used meme warfare to divide America, why Instagram was the Internet Research Agency’s go-to social media platform for spreading misinformation, and how Russians specifically targeted black Americans in an effort to exploit racial wounds.

Garrett Graff then broke down everything you need to know about all 17 (known) investigations into Trump and Russia. Yes, there are 17 of them.

Not to be outdone, China made headlines, after the US indicted members of China’s elite hacking group APT10 with a massive campaign to infiltrate the IT infrastructure of the world. It also came out that China likely is behind the hack of diplomatic cables from the European Union, among other sensitive diplomatic communications. Despite all this, one China expert argued in an op-ed in WIRED Opinion that the US must engage China in tech.

Iran also made news this week, after experts suggested that the country may have ramped up its hacking efforts against the US after president Donald Trump abandoned the nuclear treaty, as feared.

Another devious phishing scam targeted Apple customers. Amnesty International revealed just how toxic Twitter is for women, especially women of color. Research reveals what people do when YouTube and Facebook go down.

And finally, we took you inside the Pentagon’s plan to win over Silicon Valley’s artificial intelligence experts.

And there's more! As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.

Astronaut Data Taken in NASA Data Breach

An unknown hacker got into a NASA server in October 2018, the agency revealed this week, and stole the personal information of current and former employees. That information included Social Security numbers, reports ZDNet. Mission information appears unaffected. NASA leadership sent an email to staff alerting them of the breach this week, but also making it clear they have no idea yet who was behind it or how widespread the hack was, despite it having occurred more than two months ago. Nor do they know exactly what the hackers were looking for. They aren’t in any way suggesting it was aliens the hackers were after, and we’re not suggesting that either. But you never know.

Amazon Sent Private Echo Voice Recordings to the Wrong Person

As he's entitled to under the European Union's General Data Protection Regulation, a German man asked Amazon to send him all of the recordings of his interactions with his Amazon Echo device. Amazon complied, sending out more than 1,000 WAV files, but ended up delivering someone else's voice recordings altogether. Alarmed, the recipient of the stranger's Alexa history sent the files to a German magazine called c’t . The magazine was able to easily identify the Amazon customer in question, as well as a female friend who was apparently also in the recordings. Amazon told the magazine that the mistake was caused by human error. Three days after the magazine contacted Amazon, the company reached out to the customer whose private information had been erroneously shared with a stranger and explained that a staff member had made a “one-time error” that breached his privacy. Yikes.

Anonymous Social Media Site ‘Blind’ Revealed Silicon Valley Secrets

Russians Tried to Get Secret Treasury Records During 2016 Election

It’s nearly 2019, and yet the 2016 election is still not really over. It feels like every week we learn more about how that fateful race was messed up. This time the news comes from Buzzfeed, which reported that whistleblowers within the US Treasury department admitted to using a secret, unencrypted back channel to talk to Russian agents during the election. The Russian spies were looking for classified information on Clinton donors, which they hoped to weaponize against the candidate as part of the widespread influence campaign to elect president Trump. Despite some in Treasury warning that the Russians were up to no good, others in the department continued exchanging information with them over insecure Gmail and Hotmail accounts. They did so until 2017.

PewDiePie Fans Deface Wall Street Journal Website

In an apparent response to the *Wall Street Journal’*s reporting on PewDiePie’s anti-semitic rhetoric, the controversial YouTube stars fans took over part of WSJ 's website on Monday. The hackers placed a fake message on the site that pretended to be the newspaper apologizing to PewDiePie, and claiming the newspaper fired journalists who had reported on him. After that, they asked people to share their credit card numbers, because of course they did. By the time PewDiePie himself tweeted a link to the defaced page, it had been taken down.

Facebook Tracks You Even If You Turn Off Location Tracking

Why does this story sound so familiar? Oh, right, because the same thing came to light a few months ago about Google. But now, Gizmodo reports that Facebook, too, keeps tracking you even after you explicitly turn off your location tracking services in your account. It does this by tracking the location of your IP address, and any check-ins people do, as well as their current city information in their Facebook profile, according to a Facebook spokesperson. The company denies tracking the location of people’s Wi-Fi after they have opted out of location tracking, but Gizmodo suggests that option would be available to Facebook, too.

  • The “future book” is here, but it's not what we expected
  • Alexa grew up this year, mostly because we talked to it
  • The mad scramble for the world's most coveted meteorite
  • Galileo, krypton, and how the true meter came to be
  • The engine that powered the CGI revolution
  • 👀 Looking for the latest gadgets? Check out our picks, gift guides, and best deals all year round
  • 📩 Get even more of our inside scoops with our weekly Backchannel newsletter