Hack attributed to criminal gang hit MOVEit software used by third-party payroll provider Zellis
British Airways, Boots and the BBC are investigating the potential theft of personal details of staff after the companies were hit by a cyber-attack attributed to a Russia-linked criminal gang.
BA confirmed it was one of the companies affected by the hack, which targeted software called MOVEit used by Zellis, a payroll provider.
Continue reading...National Cyber Security Centre urges operators of critical national infrastructure to prevent hacks
The UK’s cybersecurity agency has urged operators of critical national infrastructure, including energy and telecommunications networks, to prevent Chinese state-sponsored hackers from hiding on their systems.
The National Cyber Security Centre, part of GCHQ, issued the warning after it emerged that a Chinese hacking group known as Volt Typhoon had targeted a US military outpost in the Pacific Ocean.
Continue reading...At least a dozen victims were found to have been hacked by Pegasus during clashes in the region in 2021
Researchers have documented the first known case of NSO Group’s spyware being used in a military conflict after they discovered that journalists, human rights advocates, a United Nations official, and members of civil society in Armenia were hacked by a government using the spyware.
The hacking campaign, which targeted at least a dozen victims from October 2020 to December 2022, appears closely linked to events in the long running military conflict between Armenia and Azerbaijan over the contested Nagorno-Karabakh region.
Continue reading...Targets include US military facilities on Guam that would be key in an Asia-Pacific conflict, say Microsoft and western spy agencies
A state-sponsored Chinese hacking group has been spying on a wide range of US critical infrastructure organisations and similar activities could be occurring globally, western intelligence agencies and Microsoft have warned.
“The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon,” said a statement released by authorities in the US, Australia, Canada, New Zealand and the UK – countries that make up the Five Eyes intelligence network.
Continue reading...Cabinet Office secretary, Oliver Dowden, to issue national alert and urge companies to boost cybersecurity
Russian hackers organised along the lines of the paramilitary Wagner group are seeking “to disrupt or destroy” parts of the UK’s critical national infrastructure, a cabinet minister will warn at a cyber conference in Belfast on Wednesday.
Oliver Dowden, the Cabinet Office minister, will issue a national alert to key businesses amid growing international concern that as Russia struggles in Ukraine, an under-pressure Kremlin is searching for new ways to threaten the west.
Continue reading...Citizen Lab says victims’ phones infected after being sent a iCloud calendar invitation in a ‘zero-click’ attack
Security experts have warned about the emergence of previously unknown spyware with hacking capabilities comparable to NSO Group’s Pegasus that has already been used by clients to target journalists, political opposition figures and an employee of an NGO.
Researchers at the Citizen Lab at the University of Toronto’s Munk School said the spyware, which is made by an Israeli company called QuaDream, infected some victims’ phones by sending an iCloud calendar invitation to mobile users from operators of the spyware, who are likely to be government clients. Victims were not notified of the calendar invitations because they were sent for events logged in the past, making them invisible to the targets of the hacking. Such attacks are known as “zero-click” because users of the mobile phone do not have to click on any malicious link or take any action in order to be infected.
Continue reading...Federal agency best known for tracking down fugitives suffered security breach on 17 February
The US Marshals service fell victim to a ransomware security breach this month that compromised sensitive law enforcement information, a spokesperson said on Monday.
The federal agency which is perhaps best known for its work in tracking down and capturing fugitives wanted by law enforcement notified the US government of the breach, and agents there began a forensic investigation, the chief of the Marshals’ public affairs office, Drew Wade, told Reuters in a statement.
Continue reading...Nancy Faeser says Ukraine war has exacerbated German cybersecurity concerns
Germany’s interior minister has warned of a “massive danger” facing Germany from Russian sabotage, disinformation and spying attacks.
Nancy Faeser said Vladimir Putin was putting huge resources into cyber-attacks as a key part of his war of aggression. “The cybersecurity concerns have been exacerbated by the war. The attacks of pro-Russia hackers have increased,” she said in an interview with the news network Funke Mediengruppe published on Sunday.
Continue reading...Strategist says he noticed ‘increased activity’, after revelations about activities of a disinformation unit
A senior strategist with close links to Kenya’s president, William Ruto, has publicly acknowledged that his Telegram account was infiltrated in the lead-up to last year’s election.
Dennis Itumbi told the Star newspaper that he had noticed “increased activity” on his Telegram last year but called it “inconsequential”.
Continue reading...SNP MP for Glasgow South says he is victim of ‘sophisticated and targeted spear phishing’ attack
An SNP MP whose emails were hacked has spoken out because he fears they were stolen by a group linked to Russia and will be published.
Stewart McDonald’s emails were compromised last month after he clicked on a message from a member of his staff on his private MP’s account.
Continue reading...Postal service has been unable to send letters and parcels overseas since Wednesday due to hacking
Royal Mail has been hit by a ransomware attack by a criminal group, which has threatened to publish the stolen information online.
The postal service has received a ransom note purporting to be from LockBit, a hacker group widely thought to have close links to Russia.
Continue reading...EU-funded survey of people aged 16-19 finds one in four have trolled someone – while UK least ‘cyberdeviant’ of nine countries
Risky and criminal online behaviour is in danger of becoming normalised among a generation of young people across Europe, according to EU-funded research that found one in four 16- to 19-year-olds have trolled someone online and one in three have engaged in digital piracy.
An EU-funded study found evidence of widespread criminal, risky and delinquent behaviour among the 16-19 age group in nine European countries including the UK.
Continue reading...European parliament is investigating powerful surveillance tool used by governments around the world
Victims of spyware and a group of security experts have privately warned that a European parliament investigatory committee risks being thrown off course by an alleged “disinformation campaign”.
The warning, contained in a letter to MEPs signed by the victims, academics and some of the world’s most renowned surveillance experts, followed news last week that two individuals accused of trying to discredit widely accepted evidence in spyware cases in Spain had been invited to appear before the committee investigating abuse of hacking software.
Continue reading...Mark Spencer spoke of possibility ‘some little man in China’ could be listening in to his conversations
A UK government minister has been criticised for using a “crass and archaic” trope when talking about Chinese people during a broadcast interview.
The environment minister Mark Spencer referred to the possibility that “some little man in China” could be listening in to his conversations when discussing reports a device belonging to the former prime minister and foreign secretary Liz Truss had been compromised by foreign agents.
Continue reading...Unsecured mobiles, email accounts and WhatsApp chats could pose national security risk, intelligence experts warn
Ministers risk creating “wild west” conditions in matters of national security by the increased use of personal email and phones to conduct confidential business, intelligence experts and former officials have warned.
After a week tainted by a row over the use of a personal email account by the home secretary, it was revealed on Sunday that Liz Truss’s mobile is alleged to have been hacked by overseas agents.
Continue reading...We may never know just what happened with Liz Truss’s mobile, but it’s clear that ministers need to up their security game
It is no longer news to point out that a mobile phone, if hacked, can be the ultimate tool for surveillance. But the question is whether it is a surprise to British politicians – and whether they are using their devices sensibly or carelessly.
We will almost certainly never know precisely what happened to Liz Truss’s phone. The then foreign secretary had to abruptly drop her main number and take up a new, government-issued handset in the summer, just as it emerged she was likely to be the next prime minister after Boris Johnson.
Continue reading...Some sites that mediate the sale of hacked data use Reddit-style upvoting systems to weed out scammers and law enforcement
When personal data is stolen in a breach, such as the recent high-profile attacks on Optus and Medibank, it often begins a journey through a shadowy criminal marketplace which follows surprisingly traditional models of supply and demand.
Passwords, personal information, copies of identity documents and contact details of victims may pass through a web of transactions, mediated in online forums or hidden on the dark web, and denominated in cryptocurrency, before ending up in the hands of those who plan to exploit them.
Continue reading...Experts say the recent prominence of data breaches is just companies being more forthcoming and the media more focused on reporting them
It might seem like data breaches are occurring more frequently than ever in the wake of the Optus cyber-attack, but while cybercrime incidents are constantly on the rise, Australia isn’t really a hot new target.
Since Optus first disclosed its massive data breach at the end of September, breaches or attacks have been reported by Medibank, Woolworths’ MyDeal, EnergyAustralia, Vinomofo and Medlab.
Continue reading...Shorten: ‘Optus hasn’t done enough’
Over on the Nine network Bill Shorten had a chat about Optus and the robodebt royal commission (Shorten has found his media niche in commercial tv, particularly breakfast shows).
Well, first of all, we want Optus to look after its customers. Based on what I’ve been told, Optus hasn’t done enough. They have done not enough to protect its customers and their follow up needs to be much more diligent. Clare O’Neil, our Minister for Home Affairs, is coordinating our response. I think it’s time for a giant overhaul- or not a giant overhaul, but a big overhaul of how data’s kept by our large corporations. So we’re doing everything we can to try and apprehend the hackers. But there’s no doubt that the defences of the company were, as I’ve been informed, inadequate, and they’ve got to reach out and support their customers. That’s what we want to do.
Continue reading...Ride-hailing company confirms attack after hacker compromises Slack app and messages employees
Uber has been hacked in an attack that appears to have breached the ride-hailing company’s internal systems.
The California-based company confirmed it was responding to a “cybersecurity incident”, after the New York Times reported that a hack had accessed the company’s network and forced it to take several internal communications and engineering systems offline. The hacker claimed to be 18 years old, according to the report.
Continue reading...