W.H.I.S Bite-Size #1

Disaster scams and The Internet Archive

Here’s a quick rundown of some of the more important stories you may have missed over the last couple of weeks. The bite-sized edition of What’s Happening in Security will be a smaller, bi-weekly newsletter to cover additional news that won’t make it into the regular issues.

Rapidfire

Unfortunately even as people have had their whole lives uprooted in the US as a result of Hurricanes Helene and Milton, scammers are still at it.

In these situations, both well meaning individuals and the victims of the disasters are prime targets. When we get emotional, we often don’t think straight and that makes for an ideal situation for attackers.

Several branches of the American government, including the FTC, have published statements warning of potential scams including:

  • Fraudulent Charities: Imitating the names of well known charities involved in the relief efforts, they will ask for donations

  • Impersonating Officials: Scammers will offer aide in exchange for personal information or money

Please lookout for yourselves and others you may know.

If you don’t know, the Internet Archive is a pillar of the internet. Founded by Brewster Kahle, the non-profit’s web archiver known as the “Wayback Machine” has been documenting the state of the web since 1996 and been available to the public since 2001 in its current form.

Kahle began this project as a way of preserving our history. Here’s a quote from the early days of the site:

“Most societies place importance on preserving artifacts of their culture and heritage. Without such artifacts, civilization has no memory and no mechanism to learn from its successes and failures. Our culture now produces more and more artifacts in digital form. The Archive's mission is to help preserve those artifacts and create an Internet library for researchers, historians, and scholars.”

While I haven’t browsed the website too much in the past, I believe the work they do is important and selfless. That’s what makes the recent attack on the website so saddening.

Pop-up from the Internet Archive

On Wednesday October 9th, the Internet Archive was hacked and users were met with a pop-up claiming 31 million users had their email and hashed passwords leaked. “HIBP” refers to the website Have I Been Pwned which lets people search their email and find out if they were a part of a data breach. Moreover, the website was also hit with a DDoS attack as well, believed to be independent of the breach.

Thankfully as of October 14th, the website is back up but in read-only mode as they try to stabilize and improve their security.