Category Archives: Cybercrime

SMS scams: mobile companies could face fines of up to $250,000 under new Australian code

Posted on by

New regulations require scam messages to be traced, identified and blocked and for information to be shared with authorities

Mobile phone companies could face up to $250,000 in fines for failing to comply with a new code to block SMS scam messages.

The code, registered by the Australian Communications and Media Authority (Acma) on Tuesday, will require the companies to trace, identify and block SMS scam messages, and publish information for customers on how to identify and report scams.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

FBI and MI5 leaders give unprecedented joint warning on Chinese spying

Posted on by

Christopher Wray joins Ken McCallum in London, calling Beijing the ‘biggest long-term threat to economic security’

The head of the FBI and the leader of Britain’s domestic intelligence agency have delivered an unprecedented joint address raising fresh alarm about the Chinese government, warning business leaders that Beijing is determined to steal their technology for competitive gain.

In a speech at MI5’s London headquarters intended as a show of western solidarity, Christopher Wray, the FBI director, stood alongside the MI5 director general, Ken McCallum. Wray reaffirmed longstanding concerns about economic espionage and hacking operations by China, as well as the Chinese government’s efforts to stifle dissent abroad.

Continue reading...

Five Eyes must ramp up fight against rising organised crime, AFP commissioner warns

Posted on by

Pandemic has contributed to ‘destabilisation of world order’ leading to weaponisation of technology, Reece Kershaw says

The Australian federal police commissioner has urged his Five Eyes counterparts to ramp up the fight against organised crime, declaring the pandemic has fuelled “the destabilisation of the world order”.

Reece Kershaw issued a rallying call for closer coordination on law enforcement as he addressed colleagues from the US, Canada, the UK and New Zealand, who have been visiting Australia for talks since Monday.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

Security warnings at UK nuclear facilities hit 12-year high as inspections fall

Posted on by

Exclusive: Fears over regulator’s ability to cope with planned expansion in nuclear energy

The number of formal reports documenting security issues at the UK’s civil nuclear facilities has hit its highest level in at least 12 years amid a decline in inspections, the Guardian can reveal.

Experts said the news raised concerns about the regulator’s capacity to cope with planned expansion in the sector.

Continue reading...

Costa Rica declares national emergency amid ransomware attacks

Posted on by

President Rodrigo Chaves establishes emergency commission as one of his first acts amid attacks by Russian-speaking gang

After a month of crippling ransomware attacks, Costa Rica has declared a state of emergency invoking a measure usually reserved to deal with natural disasters or the Covid-19 pandemic to allow the government to react more nimbly to the crisis.

President Rodrigo Chaves, who was sworn in on Sunday, made the emergency declaration one of his first acts. It was published on Wednesday, but Chaves has not named the members of the National Emergency Commission.

Continue reading...

UK cybersecurity unit tackles record number of online scams in 2021

Posted on by

More than 2.7m attempted frauds interrupted, including fake celebrity endorsements and extortion emails

Britain’s cybersecurity unit has reported a record crackdown on internet scams after tackling more than 2.7m attempted frauds last year, a near-fourfold increase on the figure for 2020.

The National Cyber Security Centre (NCSC), an arm of the GCHQ spy agency, said the interrupted scams included fake celebrity endorsements and bogus extortion emails. It stressed, however, that the increase in detection reflected aggressive targeting by the unit rather than an increase in scams.

Continue reading...

Boris Johnson must pay attention to basic cybersecurity rules, says security adviser

Posted on by

Peter Ricketts’ warning comes as UAE accused of using Pegasus spyware to hack into mobile phone at Downing Street

Boris Johnson should “pay close attention” to basic rules of cybersecurity, a former national security adviser has said, after it emerged that the United Arab Emirates was accused of hacking into a mobile phone at Downing Street.

Peter Ricketts, who held the post between 2010 and 2012, said the cyber-attack demonstrated that “commercially made” Pegasus software from NSO Group allowed a “wide range of actors” to engage in sophisticated espionage.

Continue reading...

Internet scams to be included in UK online safety bill

Posted on by

Platforms to be required to protect users from pre-paid fraudulent adverts as well as user-generated scams

Measures to protect people from internet scams will now be included in proposed online safety laws, the government has said.

Under a previous draft of the online safety bill, platforms which host user-generated content would have a “duty of care” to protect users from fraud by other users.

Continue reading...

North Korean hackers stole $400m in digital assets last year, says report

Posted on by

The regime has launched at least seven cyber-attacks on cryptocurrency platforms, say blockchain experts

North Korea has launched at least seven attacks on cryptocurrency platforms that extracted nearly $400m worth of digital assets last year, one of its most successful years on record, according to a new analysis.

“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” said the report by blockchain experts Chainalysis, which was released on Thursday.

Continue reading...

Cyber-attack on UK’s Defence Academy caused ‘significant’ damage

Posted on by

Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs

A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.

Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.

Continue reading...

Recently uncovered software flaw ‘most critical vulnerability of the last decade’

Posted on by

Log4Shell grants easy access to internal networks, making them susceptible to data loot and loss and malware attacks

A critical vulnerability in a widely used software tool – one quickly exploited in the online game Minecraft – is rapidly emerging as a major threat to organizations around the world.

“The internet’s on fire right now,” said Adam Meyers, senior vice-president of intelligence at the cybersecurity firm Crowdstrike. “People are scrambling to patch”, he said, “and all kinds of people scrambling to exploit it.” He said on Friday morning that in the 12 hours since the bug’s existence was disclosed, it had been “fully weaponized”, meaning malefactors had developed and distributed tools to exploit it.

Continue reading...

Britain and Israel to sign trade and defence deal

Posted on by

Pact covers Iran as well as cybersecurity, despite controversy over use of Israeli firm NSO Group’s Pegasus spyware in UK

Britain and Israel will sign a 10-year trade and defence pact in London on Monday, promising cooperation on issues such as cybersecurity and a joint commitment to prevent Iran from obtaining nuclear weapons.

The agreement was announced by Liz Truss, the foreign secretary, and her Israeli counterpart Yair Lapid, despite evidence that spyware made by Israeli company NSO Group had probably been used to spy on two British lawyers advising the ex-wife of the ruler of Dubai, Princess Haya.

Continue reading...

To fight global crime, Taiwan must be included in Interpol | Letters

Posted on by

Huang Chia-lu responds to the news that a Chinese official is seeking election to Interpol’s executive committee, and urges the international community to support Taiwan’s participation

You rightly point out the concerns of human rights activists and international politicians that China could misuse Interpol’s capabilities to track down overseas dissidents if Hu Binchen is elected as an executive committee member (Chinese official seeks Interpol role, sparking fears for dissidents, 15 November). One should also note that Taiwan is not included in Interpol, meaning there is a missing part in the global fight against international crime and cybercrime.

As cybercrime transcends borders, transnational cooperation is key to bringing international crime rings to justice. Taiwan’s police authorities have a hi-tech crime investigation unit and professional cybercrime investigators. Taiwan’s expertise will benefit global efforts to build a safer cyberspace.

Continue reading...

‘It’s feasible to start a war’: how dangerous are ransomware hackers?

Posted on by

Secretive gangs are hacking the computers of governments, firms, even hospitals, and demanding huge sums. But if we pay these ransoms, are we creating a ticking time bomb?

They have the sort of names that only teenage boys or aspiring Bond villains would dream up (REvil, Grief, Wizard Spider, Ragnar), they base themselves in countries that do not cooperate with international law enforcement and they don’t care whether they attack a hospital or a multinational corporation. Ransomware gangs are suddenly everywhere, seemingly unstoppable – and very successful.

In June, meat producer JBS, which supplies over a fifth of all the beef in the US, paid a £7.8m ransom to regain access to its computer systems. The same month, the US’s largest national fuel pipeline, Colonial Pipeline, paid £3.1m to ransomware hackers after they locked the company’s systems, causing days of fuel shortages and paralysing the east coast. “It was the hardest decision I’ve made in my 39 years in the energy industry,” said a deflated-looking Colonial CEO Joseph Blount in an evidence session before Congress. In July, hackers attacked software firm Kaseya, demanding £50m. As a result, hundreds of supermarkets had to close in Sweden, because their cash registers didn’t work.

Continue reading...

Tech firm hit by giant ransomware hack gets key to unlock victims’ data

Posted on by

Kaseya’s universal key can free the files of hundreds of organizations, ending the worst of the attack’s fallout

The software company at the center of a huge ransomware attack this month has obtained a universal key to unlock files of the hundreds of businesses and public organizations crippled by the hack.

Nineteen days after the initial attack over the Fourth of July weekend, the Florida-based IT management provider, Kaseya, has received the universal key that can unlock the scrambled data of all the attack’s victims, bringing the worst of the fallout to a close.

Continue reading...

‘Cyber-attack’ hits Iran’s transport ministry and railways

Posted on by

Message boards in train stations show cancellations though rail operator denies disruptions

Websites of Iran’s transport and urbanisation ministry went out of service on Saturday after a “cyber-disruption” in computer systems, the official IRNA news agency reported.

On Friday, Iran’s railways also appeared to come under cyber-attack, with messages about alleged train delays or cancellations posted on display boards at stations across the country. Electronic tracking of trains across Iran reportedly failed.

Continue reading...

‘We expect them to act’: Biden presses Putin on ransomware groups, hints at retaliation

Posted on by

Joe Biden’s hour-long phone call with the Russian leader suggests growing impatience over attacks disrupting US sectors

Joe Biden has increased pressure on Vladimir Putin to move against ransomware groups operating from Russia, warning the United States is prepared to respond if cyberhacks are not stopped.

The two leaders held an hour-long phone call on Friday, their first since they discussed ransomware attacks at a summit in Geneva on 16 June. Biden’s message to Putin in the call was direct, suggesting a growing impatience over attacks that have disrupted key US sectors.

Continue reading...

Biden announces investigation into international ransomware attack

Posted on by

President addresses hack of Kaseya software that has affected hundreds of US businesses and shut down Swedish shops

Joe Biden said on Saturday he had directed US intelligence agencies to investigate a sophisticated ransomware attack that hit hundreds of American businesses as the Fourth of July holiday weekend began and aroused suspicions of Russian gang involvement.

Related: Joe Biden cherry-picks audience to promote bipartisan infrastructure deal

Continue reading...

Dominic Raab’s mobile number freely available online for last decade

Posted on by

Exclusive: Finding raises questions for security services weeks after similar revelations about PM’s number

The private mobile number of Dominic Raab, the UK foreign secretary, has been online for at least 11 years, raising questions for the security services weeks after the prime minister’s number was also revealed to be accessible to anyone.

Raab’s number was discovered by a Guardian reader using a Google search. It appears to have been online since before he became an MP in 2010, and remained after he became foreign secretary and first secretary of state – de facto deputy prime minister – in 2019.

Continue reading...

Ransomware is biggest online threat to people in UK, spy agency chief to warn

Posted on by

GCHQ cybersecurity boss sounds alarm over extortion by hackers who are mostly based in former Soviet states

Ransomware represents the biggest threat to online security for most people and businesses in the UK, the head of GCHQ’s cybersecurity arm is to warn.

Lindy Cameron, chief executive of the National Cyber Security Centre, will say in a speech that the phenomenon, where hackers encrypt data and demand payment for it to be restored, is escalating and becoming increasingly professionalised.

Continue reading...