The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.
In February, Homeland Security Investigations had a tip for the FBI. On YouTube, agents had found someone openly posting aerial footage of the U.S. Marine Corps base Camp Blaz that were shot with a drone. This was a serious concern, given that the airspace above the base was restricted due to national security reasons.
Investigators got data from Google’s YouTube, which helped them identify a suspect, Billy Cruz, who mostly posts videos on issues to do with life on the island via his PlanetGuam channel. Cruz has been indicted, though has pleaded not guilty to charges of violating national defense airspace and failing to register a drone with the Federal Aviation Administration.
It wasn’t the first time Cruz had allegedly used a drone to publish footage of a Defense Department facility, according to a search warrant reviewed by Forbes. He did the same when he flew a drone into restricted airspace over Andersen Air Force Base in Guam in January 2021, the FBI said. According to the warrant, which permitted the FBI to search the suspect’s residence and Harley Davidson motorcycle, Cruz was interviewed after that incident and agreed to not to take footage over a DOD base again.
Given both incidents, and the long held concern about unmanned aerial machines being used for surveillance, it’s perhaps a surprise that the Guam bases didn’t have better anti-drone measures in place. Both have strategic importance to American defense in the pacific region, especially in relation to China’s threat to Taiwan and North Korea. Andersen has long been a vital site for maintaining a presence near East Asia for over 50 years.
Camp Blaz, meanwhile, was only opened in 2023, and is currently being built up with substantial funds being provided by Japan. Earlier this week, the first batch of marines and sailors were welcomed into its barracks.
Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.
THE BIG STORY:
Coinbase Says Hackers Bribed Company Employees For User Data
In a letter to the SEC, Coinbase disclosed on Thursday that hackers bribed some of its overseas employees for customer data, and then demanded a $20 million ransom for it. The crypto exchange didn’t pay and is instead offering the same amount for information that leads to the arrest and conviction of the hackers.
As a result of this incident, Coinbase is now forecasting up to $400 million in “remediation costs and voluntary customer reimbursements.” Those employees caught handing over user data, which included passport images and addresses, were immediately fired, the company said.
Stories You Have To Read Today
FBI director Kash Patel has closed a watchdog that looked out for abuses of its national intelligence-focused work, sources tell the New York Times. That included oversight of the FBI’s use of a controversial surveillance power, known as Section 702 of the Foreign Intelligence Surveillance Act (FISA), which allows for snooping on Americans’ communications with individuals and organizations outside of the U.S.
The FBI is also warning about hackers impersonating senior U.S. officials in AI-generated voice messages, which first build some rapport with a target before trying to convince them to click on malicious links. In one series of attacks, the FBI said the hackers pretended to get the targets to move onto a new messaging platform, and used the process to try to get access to their legitimate accounts.
Winner of the Week
BreachRx, a startup hoping to challenge cyber incident response giants like Google’s Mandiant, has announced a $16 million Series A funding round led by Ballistic Ventures. Among its other high profile investors are Mandiant founder, Kevin Mandia, who is now on the BreachX board, while former New York Times lead cybersecurity reporter Nicole Perlroth has been named a board observer.
Loser of the Week
The U.K.’s Legal Aid Agency was hacked, affecting hundreds of thousands of people who applied to get free legal support for civil and criminal cases. Leaked data reportedly included applicants’ name, address, criminal history and some financial details.