enforcement

“Federal Agency Breaches LockBit, but LockBit Prevails: What’s Next?”

Ransomware
Just five days on, LockBit announced that its operations had resumed, claiming to have restored from backups unaffected by the government takedown. Law enforcement claiming overwhelming victory while the apparent LockBit ringleader remains at large, threatening retaliation, and targeting new victims puts the two at odds — for now. With the apparent administrator LockBitSupp still in action — the last remaining piece of the LockBit puzzle — it’s unlikely LockBit is going away. Ransomware gangs are known to quickly regroup and rebrand even after law enforcement disruption claims to have taken them down for good. At the time of writing, ALPHV’s leak site remains up and running — and continues to add new victims almost daily.

US and UK Officials Report Capture of Dark Web Leak Site Linked to LockBit Ransomware Group

Lockbit Takedown
A coalition of international law enforcement agencies, including the FBI and the U.K.’s National Crime Agency, have disrupted the operations of the prolific LockBit ransomware gang. LockBit’s dark-web leak site — where the group publicly lists its victims and threatens to leak their stolen data unless a ransom demand is paid — was replaced with a law enforcement notice on Monday. “This site is now under the control of the National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, ‘Operation Cronos,’ the message reads. The group last year claimed responsibility for attacks against aerospace giant Boeing, chipmaker TSMC, and U.K. postal giant Royal Mail. Monday’s takedown is the latest in a series of law enforcement actions targeting ransomware gangs.

Typos in Geofence Warrant Result in Two-Mile Location Dragnet Across San Francisco

Geofence Warrant San Francisco Aclu
But errors in the geofence warrant applications that go before a judge can violate the privacy of vastly more people — in one case almost two miles away. It’s not known which law enforcement agency requested the nearly two-mile-long geofence warrant, or for how long the warrant was in effect. The ACLU attorneys reviewed thousands of geofence warrants filed in San Francisco Criminal Court that were issued over three years between 2018 and mid-2021, which they say was likely only a fraction of geofence warrants used in San Francisco during that time. The attorneys’ findings also showed the geofence warrants disproportionately targeted certain San Francisco neighborhoods more than others, particularly immigrant-heavy areas like Portola. Other tech companies that store troves of users’ location data — like Uber, Microsoft and Yahoo (which owns TechCrunch) — are known to receive geofence warrants.

Massachusetts Legislators Consider Legislation Regarding ‘Lethal Automatons’

Gettyimages 167263495
More recently, the potential use of weaponized robots by law enforcement has been a political lightning rod in places like Oakland and San Francisco. Earlier this week, I spoke about the bill with Massachusetts state representative Lindsay Sabadosa, who filed it alongside Massachusetts state senator Michael Moore. Does the bill apply to law enforcement as well? And what we’ve heard from law enforcement repeatedly is that they’re often used to deescalate situations. We haven’t had law enforcement weaponize robots, and no one has said, “We’d like to attach a gun to a robot” from law enforcement in Massachusetts.

“Dark Web Leak Site of Notorious ALPHV Ransomware Gang Seized by Authorities”

Seized Alphv Blackhat Ransomware
An international group of law enforcement agencies have seized the dark web leak site of the notorious ransomware gang known as ALPHV, or BlackCat. “The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against ALPHV Blackcat Ransomware,” a message on the gang’s dark web leak site now reads, seen by TechCrunch. According to the splash, the takedown operation also involved law enforcement agencies from the United Kingdom, Germany and Australia. Spokespeople for the FBI and the U.K.’s National Crime Agency did not immediately respond to TechCrunch’s requests for comment. The ALPHV/BlackCat ransomware gang has been one of the most active and destructive in recent years.

Google Takes Action to Eliminate the Use of Geofence Warrants, A Key Surveillance Issue it Helped to Create

Cityscape Location Data
Even the courts cannot agree on whether geofence warrants are legal, likely setting up an eventual challenge at the U.S. Supreme Court. While Google is not the only company subject to geofence warrants, Google has been far the biggest collector of sensitive location data, and the first to be tapped for it. Although the companies have said little about how many geofence warrants they receive, Google, Microsoft and Yahoo last year backed a New York state bill that would have banned the use of geofence warrants across the state. The data showed Google received 982 geofence warrants in 2018, then 8,396 geofence warrants in 2019, and 11,554 geofence warrants in 2020 — or about one-quarter of all the legal demands that Google received. But there is hope that Google shutting the door on geofence warrants — at least going forward — could significantly curtail this surveillance loophole.

Apple to Cease Providing Police Access to User Push Notification Data Without Warrant

Notifications Apple Google Warrant Wyden
Apple said it will no longer give over records of users’ push notifications to law enforcement unless the company receives a valid judge’s order. For its part, Google requires a court-issued order before it will hand over push notification data. Apple did not respond to a request for comment, or say for what reason it previously allowed law enforcement to obtain users’ push notification data without a warrant. Push notifications appear as pop-up messages on a phone alerting the user to new messages, breaking news, and other app-based updates. Wyden said unnamed foreign governments are also demanding Apple and Google turn over users’ push notification data.