Category Archives: Hacking

US and UK unveil sanctions against Chinese state-backed hackers over alleged ‘malicious’ attacks

Posted on by

The US alleges the individuals were working as a front for Beijing in an indictment and sanctions announcement

Hackers backed by China’s government spy agency have been accused by the US and UK of conducting a years-long cyber-attack campaign, targeting politicians, journalists and businesses.

The operation saw political dissidents and critics of China targeted by sophisticated phishing campaigns, according to the US, which resulted in some emails systems and networks being compromised.

Continue reading...

Tory MPs urge tougher action on China after cyber-attacks

Posted on by

Senior Tories say ministers not holding China to account after Beijing targeted elections watchdog and politicians

Tory MPs have urged ministers to take a tougher approach towards China after the security services confirmed Beijing-backed hackers were responsible for a cyber-attack targeting the UK elections watchdog and a surveillance operation on British politicians.

The Chinese ambassador will be summoned to explain his country’s actions, which resulted in Beijing allegedly accessing the personal details of about 40 million voters, held by the Electoral Commission.

Continue reading...

Labour tells China it will act on interference in UK democracy

Posted on by

Exclusive: Warning came at party’s first public meeting with Chinese government since Keir Starmer became Labour leader

Labour has warned China that it will respond to any interference in UK democracy after the government announced fresh sanctions against hackers linked to Beijing.

The warning came at the party’s first public meeting with the Chinese government since Keir Starmer became Labour leader.

Continue reading...

Details of millions of UK voters accessed by Chinese state, ministers will say

Posted on by

Deputy prime minister Oliver Dowden to update MPs on cyber-attacks by Beijing, some of whom may also have been targets

The personal details of millions of voters are believed to have been accessed in an attack by China on Britain’s democratic process, ministers will say.

MPs and peers are thought to be among 43 people who the government looks set to confirm have been targeted by cyber-attacks backed by the Chinese state. The UK could impose sanctions on individuals believed to be involved in these acts of state-backed interference, one of which was a separate attack on the Electoral Commission in which Beijing accessed the personal details of about 40 million voters.

Continue reading...

Huge cybersecurity leak lifts lid on world of China’s hackers for hire

Posted on by

Leaked files shows range of services offered and bought, with data harvested from targets worldwide

A big leak of data from a Chinese cybersecurity firm has revealed state security agents paying tens of thousands of pounds to harvest data on targets, including foreign governments, while hackers hoover up huge amounts of information on any person or institution who might be of interest to their prospective clients.

The cache of more than 500 leaked files from the Chinese firm I-Soon was posted on the developer website Github and is thought by cybersecurity experts to be genuine. Some of the targets discussed include Nato and the UK Foreign Office.

Continue reading...

Iran-backed hackers interrupt UAE TV streaming services with deepfake news

Posted on by

Microsoft analysts cite reports saying disruption by group known as Cotton Sandstorm also reached audiences in UK and Canada

Iranian state-backed hackers interrupted TV streaming services in the United Arab Emirates to broadcast a deepfake newsreader delivering a report on the war in Gaza, according to analysts at Microsoft.

The tech company said a hacking operation run by the Islamic Revolutionary Guards, a key branch of the Iranian armed forces, had disrupted streaming platforms in the UAE with an AI-generated news broadcast branded “For Humanity”.

Continue reading...

China hacking threatens US infrastructure, FBI director warns, as Volt Typhoon botnet foiled

Posted on by

Chris Wray tells House committee there has been been far too little public focus on a sleeper cyber threat that affects ‘every American’

US officials say they have disrupted a state-backed Chinese effort to plant malware that could damage civilian infrastructure, as the head of the FBI warned that Beijing was positioning itself to disrupt daily life in America were the US and China ever to go to war.

The operation disrupted a botnet of hundreds of small office and home routers based in the US that were owned by private citizens and companies that had been hijacked by the Chinese hackers to cover their tracks as they sowed malware.

Continue reading...

Georgia’s Fulton county hacked, but DA says Trump election case is unaffected

Posted on by

Many county systems are inoperative, but the district attorney’s office says the racketeering case against the ex-president is secure

Officials said court and other systems in Georgia’s most populous county were hacked over the weekend, interrupting routine operations, but the district attorney’s office said the racketeering case against former president Donald Trump was unaffected.

Fulton county, which includes most of Atlanta, was experiencing a “widespread system outage” from a “cybersecurity incident”, the chair of the county commission, Robb Pitts, said on Monday in a video posted on social media. Notably, he said, the outage is affecting the county’s phone, court and tax systems.

Continue reading...

Australia sanctions Russian citizen Aleksandr Ermakov over 2022 Medibank cyber-attack

Posted on by

Government uses cyber sanctions powers under Magnitsky laws for first time to target Aleksandr Gennadievich Ermakov, alleged to be responsible for hack

Australia has used its new cyber sanctions powers for the first time against a Russian citizen, Aleksandr Ermakov, in connection with the Medibank Private data breach.

Magnitsky-style sanctions laws that were introduced in Australia in late 2021 include a world-leading measure to allow the imposition of Australian travel bans and asset freezes on those allegedly involved in “significant” cyber-attacks.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

‘Perilous and chaotic’: why officials are nervy before a likely UK election in 2024

Posted on by

Paper ballots may act as barrier to cyber attacks, but introduction of voter ID could lead to a host of complications

While the date of the next UK general election itself remains in the hands of the prime minister, Rishi Sunak, one thing is certain: when the campaign begins it has the potential to be one of the most perilous and chaotic in the country’s history, for a variety of reasons.

One point is worth noting immediately: although the UK is often lumped in with the long list of countries holding elections in 2024, Sunak could theoretically hold it as late as January 2025, maximising the Conservatives’ full five-year term.

Continue reading...

Hackers steal customer data from Europe’s largest parking app operator

Posted on by

Owner of RingGo and ParkMobile says data including parts of credit card numbers taken in cyber-attack

Europe’s largest parking app operator has reported itself to information regulators in the EU and UK after hackers stole customer data.

EasyPark Group, the owner of brands including RingGo and ParkMobile, said customer names, phone numbers, addresses, email addresses and parts of credit card numbers had been taken but said parking data had not been compromised in the cyber-attack.

Continue reading...

No 10 urged to investigate targeting of MPs and others by Russian spies

Posted on by

Cyber-attacks on parliamentarians, civil servants and journalists aimed at meddling in UK politics have been going on for eight years

Downing Street is facing calls for an inquiry after it revealed Russian state spies have targeted British MPs, peers, civil servants and journalists with cyber-attacks for the last eight years and were behind a hack that influenced the 2019 election.

The government summoned the Russian ambassador on Thursday to admonish Moscow over “sustained” attempts to meddle in UK politics since 2015. As a result, the Foreign Office imposed sanctions on two members of a hacking group called Star Blizzard, one of whom is named as a federal security services (FSB) officer.

Continue reading...

Ransomware attack on China’s biggest bank disrupts US Treasury market

Posted on by

American arm of ICBC is latest victim of hackers and is investigating

The Industrial and Commercial Bank of China’s US arm was hit by a ransomware attack that disrupted trades in the US Treasury market on Thursday, the latest in a string of victims ransom-demanding hackers have claimed this year.

ICBC Financial Services, the US unit of China’s largest commercial lender by assets, said it was investigating the attack that disrupted some of its systems, and making progress towards recovering from it.

Continue reading...

Australian federal police officers’ details leaked on dark web after law firm hack

Posted on by

The AFP is the latest organisation revealed to have been caught up in the HWL Ebsworth hack, perpetrated by a Russian ransomware group in April

The personal details of Australian federal police officers have been leaked on the dark web, according to the police association, as part of a wide-ranging data breach that could threaten other high-profile agencies.

The AFP is a client of the law firm HWL Ebsworth, which was hacked by a Russian-linked ransomware group in April, sparking fears that highly sensitive information would be widely distributed.

Continue reading...

UK cybersecurity agency warns of chatbot ‘prompt injection’ attacks

Posted on by

Scams and data thefts could be caused by individuals overriding chatbot scripts, NCSC says

The UK’s cybersecurity agency has warned that chatbots can be manipulated by hackers to cause scary real-world consequences.

The National Cyber Security Centre (NCSC) has said there are growing cybersecurity risks of individuals manipulating the prompts through “prompt injection” attacks.

Continue reading...

Hacked UK voter data could be used to target disinformation, warn experts

Posted on by

Data from Electoral Commission breach could allow rogue actors to create AI-generated messages in effort to manipulate elections

Data accessed in the Electoral Commission hack could help state-backed actors target voters with AI-generated disinformation, experts have warned.

The UK elections watchdog revealed on Tuesday that a hostile cyber-attack had been able to access the names and addresses of all voters registered between 2014 and 2022.

Continue reading...

US ambassador to Beijing targeted in Chinese cyber-attack – report

Posted on by

Nicholas Burns’ emails reportedly accessed in hack that exploited flaw in Microsoft system and took Washington by surprise

The US ambassador to Beijing, Nicholas Burns, was reportedly one of the American officials whose emails were accessed in a recent Chinese hacking attack which took Washington by surprise with its sophistication.

Another target was Daniel Kritenbrink, the assistant secretary of state for east Asia, the Wall Street Journal reported on Thursday. When the attack was first disclosed last week, the administration admitted the email account of the commerce secretary, Gina Raimondo, had also been compromised. US officials were quoted as saying those were the three most senior targets but that in total, hundreds of thousands of government email accounts could have been breached.

Continue reading...

HWL Ebsworth hack: Queensland says its files were taken after criminals release Victorian documents

Posted on by

State’s chief information security officer says information from Victorian departments and agencies was accessed

Highly sensitive legal documents from the Victorian government have been published on the dark web by cybercriminals, with Queensland also confirming files from at least one of its departments are included in the breach.

The breach is connected to data that was stolen from the law firm HWL Ebsworth in April by a Russian-linked ransomware gang, known as ALPHV/Blackcat, and posted online.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

NSW cashless gambling trial to focus on data security after hack of smaller pilot program

Posted on by

A major Newcastle venue had to be shut down after it was targeted by a ransomware attack

Cybersecurity will be a key focus for the yet-to-be-appointed independent panel to oversee the New South Wales government’s cashless gambling trial, after a smaller pilot program was hit by hackers.

The state’s gaming minister, David Harris, made the assurances after a trial at a major Newcastle venue had to be shut down after it was targeted by a ransomware attack.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...