The Register reports that former U.S. Organisation for Economic Co-operation and Development Ambassador and Federal Communications Commission Executive Karen Kornbluh has warned about the national security risk concerning the massive proliferation of Americans' data.
Data collection and retention policy loopholes could enable threat actors to engage in the trade of data, which could then be leveraged for ransomware attacks, espionage efforts, and voter manipulation campaigns, among others, said Kornbluh, who currently leads the German Marshall Fund's Digital Innovation and Democracy Initiative, at a Federal Trade Commission hearing last week.
"Data brokers market data on current or former military personnel including their web searches, family members, home addresses, and even GPS coordinates. It's difficult to trace where these data go or what they're used for," noted Kornbluh.
Kornbluh added that such threats should prompt the FTC to mandate due diligence for corporations before engaging in the trade of personal data.
Aside from featuring over 40 million signals from the DNS Research Federation's data platform and the Global Anti-Scam Alliance's comprehensive stakeholder network, the Global Signal Exchange will also contain more than 100,000 bad merchant URLs and one million scam signals from Google.
While some threat actors established fraudulent disaster relief websites as part of phishing attacks aimed at exfiltrating financial details and Social Security numbers from individuals seeking aid, others impersonated Federal Emergency Management Agency assistance providers to create fake claims that enabled relief fund and personal data theft.
Malicious GitHub pages and YouTube videos containing links for purported cracked office software, automated trading bots, and game cheats, have been leveraged to facilitate the download of self-extracting password-protected archives.