Category Archives: Hacking

Australia sanctions Russian citizen Aleksandr Ermakov over 2022 Medibank cyber-attack

Posted on by

Government uses cyber sanctions powers under Magnitsky laws for first time to target Aleksandr Gennadievich Ermakov, alleged to be responsible for hack

Australia has used its new cyber sanctions powers for the first time against a Russian citizen, Aleksandr Ermakov, in connection with the Medibank Private data breach.

Magnitsky-style sanctions laws that were introduced in Australia in late 2021 include a world-leading measure to allow the imposition of Australian travel bans and asset freezes on those allegedly involved in “significant” cyber-attacks.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

‘Perilous and chaotic’: why officials are nervy before a likely UK election in 2024

Posted on by

Paper ballots may act as barrier to cyber attacks, but introduction of voter ID could lead to a host of complications

While the date of the next UK general election itself remains in the hands of the prime minister, Rishi Sunak, one thing is certain: when the campaign begins it has the potential to be one of the most perilous and chaotic in the country’s history, for a variety of reasons.

One point is worth noting immediately: although the UK is often lumped in with the long list of countries holding elections in 2024, Sunak could theoretically hold it as late as January 2025, maximising the Conservatives’ full five-year term.

Continue reading...

Hackers steal customer data from Europe’s largest parking app operator

Posted on by

Owner of RingGo and ParkMobile says data including parts of credit card numbers taken in cyber-attack

Europe’s largest parking app operator has reported itself to information regulators in the EU and UK after hackers stole customer data.

EasyPark Group, the owner of brands including RingGo and ParkMobile, said customer names, phone numbers, addresses, email addresses and parts of credit card numbers had been taken but said parking data had not been compromised in the cyber-attack.

Continue reading...

No 10 urged to investigate targeting of MPs and others by Russian spies

Posted on by

Cyber-attacks on parliamentarians, civil servants and journalists aimed at meddling in UK politics have been going on for eight years

Downing Street is facing calls for an inquiry after it revealed Russian state spies have targeted British MPs, peers, civil servants and journalists with cyber-attacks for the last eight years and were behind a hack that influenced the 2019 election.

The government summoned the Russian ambassador on Thursday to admonish Moscow over “sustained” attempts to meddle in UK politics since 2015. As a result, the Foreign Office imposed sanctions on two members of a hacking group called Star Blizzard, one of whom is named as a federal security services (FSB) officer.

Continue reading...

Ransomware attack on China’s biggest bank disrupts US Treasury market

Posted on by

American arm of ICBC is latest victim of hackers and is investigating

The Industrial and Commercial Bank of China’s US arm was hit by a ransomware attack that disrupted trades in the US Treasury market on Thursday, the latest in a string of victims ransom-demanding hackers have claimed this year.

ICBC Financial Services, the US unit of China’s largest commercial lender by assets, said it was investigating the attack that disrupted some of its systems, and making progress towards recovering from it.

Continue reading...

Australian federal police officers’ details leaked on dark web after law firm hack

Posted on by

The AFP is the latest organisation revealed to have been caught up in the HWL Ebsworth hack, perpetrated by a Russian ransomware group in April

The personal details of Australian federal police officers have been leaked on the dark web, according to the police association, as part of a wide-ranging data breach that could threaten other high-profile agencies.

The AFP is a client of the law firm HWL Ebsworth, which was hacked by a Russian-linked ransomware group in April, sparking fears that highly sensitive information would be widely distributed.

Continue reading...

UK cybersecurity agency warns of chatbot ‘prompt injection’ attacks

Posted on by

Scams and data thefts could be caused by individuals overriding chatbot scripts, NCSC says

The UK’s cybersecurity agency has warned that chatbots can be manipulated by hackers to cause scary real-world consequences.

The National Cyber Security Centre (NCSC) has said there are growing cybersecurity risks of individuals manipulating the prompts through “prompt injection” attacks.

Continue reading...

Hacked UK voter data could be used to target disinformation, warn experts

Posted on by

Data from Electoral Commission breach could allow rogue actors to create AI-generated messages in effort to manipulate elections

Data accessed in the Electoral Commission hack could help state-backed actors target voters with AI-generated disinformation, experts have warned.

The UK elections watchdog revealed on Tuesday that a hostile cyber-attack had been able to access the names and addresses of all voters registered between 2014 and 2022.

Continue reading...

US ambassador to Beijing targeted in Chinese cyber-attack – report

Posted on by

Nicholas Burns’ emails reportedly accessed in hack that exploited flaw in Microsoft system and took Washington by surprise

The US ambassador to Beijing, Nicholas Burns, was reportedly one of the American officials whose emails were accessed in a recent Chinese hacking attack which took Washington by surprise with its sophistication.

Another target was Daniel Kritenbrink, the assistant secretary of state for east Asia, the Wall Street Journal reported on Thursday. When the attack was first disclosed last week, the administration admitted the email account of the commerce secretary, Gina Raimondo, had also been compromised. US officials were quoted as saying those were the three most senior targets but that in total, hundreds of thousands of government email accounts could have been breached.

Continue reading...

HWL Ebsworth hack: Queensland says its files were taken after criminals release Victorian documents

Posted on by

State’s chief information security officer says information from Victorian departments and agencies was accessed

Highly sensitive legal documents from the Victorian government have been published on the dark web by cybercriminals, with Queensland also confirming files from at least one of its departments are included in the breach.

The breach is connected to data that was stolen from the law firm HWL Ebsworth in April by a Russian-linked ransomware gang, known as ALPHV/Blackcat, and posted online.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

NSW cashless gambling trial to focus on data security after hack of smaller pilot program

Posted on by

A major Newcastle venue had to be shut down after it was targeted by a ransomware attack

Cybersecurity will be a key focus for the yet-to-be-appointed independent panel to oversee the New South Wales government’s cashless gambling trial, after a smaller pilot program was hit by hackers.

The state’s gaming minister, David Harris, made the assurances after a trial at a major Newcastle venue had to be shut down after it was targeted by a ransomware attack.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

BA, Boots and BBC staff details targeted in Russia-linked cyber-attack

Posted on by

Hack attributed to criminal gang hit MOVEit software used by third-party payroll provider Zellis

British Airways, Boots and the BBC are investigating the potential theft of personal details of staff after the companies were hit by a cyber-attack attributed to a Russia-linked criminal gang.

BA confirmed it was one of the companies affected by the hack, which targeted software called MOVEit used by Zellis, a payroll provider.

Continue reading...

GCHQ warns of fresh threat from Chinese state-sponsored hackers

Posted on by

National Cyber Security Centre urges operators of critical national infrastructure to prevent hacks

The UK’s cybersecurity agency has urged operators of critical national infrastructure, including energy and telecommunications networks, to prevent Chinese state-sponsored hackers from hiding on their systems.

The National Cyber Security Centre, part of GCHQ, issued the warning after it emerged that a Chinese hacking group known as Volt Typhoon had targeted a US military outpost in the Pacific Ocean.

Continue reading...

United Nations official and others in Armenia hacked by NSO Group spyware

Posted on by

At least a dozen victims were found to have been hacked by Pegasus during clashes in the region in 2021

Researchers have documented the first known case of NSO Group’s spyware being used in a military conflict after they discovered that journalists, human rights advocates, a United Nations official, and members of civil society in Armenia were hacked by a government using the spyware.

The hacking campaign, which targeted at least a dozen victims from October 2020 to December 2022, appears closely linked to events in the long running military conflict between Armenia and Azerbaijan over the contested Nagorno-Karabakh region.

Continue reading...

China-backed hackers spying on US critical infrastructure, says Five Eyes

Posted on by

Targets include US military facilities on Guam that would be key in an Asia-Pacific conflict, say Microsoft and western spy agencies

A state-sponsored Chinese hacking group has been spying on a wide range of US critical infrastructure organisations and similar activities could be occurring globally, western intelligence agencies and Microsoft have warned.

“The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon,” said a statement released by authorities in the US, Australia, Canada, New Zealand and the UK – countries that make up the Five Eyes intelligence network.

Continue reading...

Russian hackers want to ‘disrupt or destroy’ UK infrastructure, minister warns

Posted on by

Cabinet Office secretary, Oliver Dowden, to issue national alert and urge companies to boost cybersecurity

Russian hackers organised along the lines of the paramilitary Wagner group are seeking “to disrupt or destroy” parts of the UK’s critical national infrastructure, a cabinet minister will warn at a cyber conference in Belfast on Wednesday.

Oliver Dowden, the Cabinet Office minister, will issue a national alert to key businesses amid growing international concern that as Russia struggles in Ukraine, an under-pressure Kremlin is searching for new ways to threaten the west.

Continue reading...

Experts warn of new spyware threat targeting journalists and political figures

Posted on by

Citizen Lab says victims’ phones infected after being sent a iCloud calendar invitation in a ‘zero-click’ attack

Security experts have warned about the emergence of previously unknown spyware with hacking capabilities comparable to NSO Group’s Pegasus that has already been used by clients to target journalists, political opposition figures and an employee of an NGO.

Researchers at the Citizen Lab at the University of Toronto’s Munk School said the spyware, which is made by an Israeli company called QuaDream, infected some victims’ phones by sending an iCloud calendar invitation to mobile users from operators of the spyware, who are likely to be government clients. Victims were not notified of the calendar invitations because they were sent for events logged in the past, making them invisible to the targets of the hacking. Such attacks are known as “zero-click” because users of the mobile phone do not have to click on any malicious link or take any action in order to be infected.

Continue reading...

Ransomware attack on US Marshals compromises sensitive information

Posted on by

Federal agency best known for tracking down fugitives suffered security breach on 17 February

The US Marshals service fell victim to a ransomware security breach this month that compromised sensitive law enforcement information, a spokesperson said on Monday.

The federal agency which is perhaps best known for its work in tracking down and capturing fugitives wanted by law enforcement notified the US government of the breach, and agents there began a forensic investigation, the chief of the Marshals’ public affairs office, Drew Wade, told Reuters in a statement.

Continue reading...

German minister warns of ‘massive’ danger from Russian hackers

Posted on by

Nancy Faeser says Ukraine war has exacerbated German cybersecurity concerns

Germany’s interior minister has warned of a “massive danger” facing Germany from Russian sabotage, disinformation and spying attacks.

Nancy Faeser said Vladimir Putin was putting huge resources into cyber-attacks as a key part of his war of aggression. “The cybersecurity concerns have been exacerbated by the war. The attacks of pro-Russia hackers have increased,” she said in an interview with the news network Funke Mediengruppe published on Sunday.

Continue reading...

Ruto ally says Telegram account was hacked before Kenyan election

Posted on by

Strategist says he noticed ‘increased activity’, after revelations about activities of a disinformation unit

A senior strategist with close links to Kenya’s president, William Ruto, has publicly acknowledged that his Telegram account was infiltrated in the lead-up to last year’s election.

Dennis Itumbi told the Star newspaper that he had noticed “increased activity” on his Telegram last year but called it “inconsequential”.

Continue reading...