Category Archives: Cybercrime

Man jailed over involvement in identity theft syndicate that laundered millions of dollars

Posted on by

Detectives found Karthik Pappu’s fingerprints on a book containing information about 305 bank accounts and 68 compromised identities

A man who was part of a syndicate that stole identities before laundering millions of dollars through jewellers and a coffee shop has been sentenced to six years in jail.

Karthik Pappu, who pleaded guilty to one charge of money laundering, was identified by police investigating a cold calling scheme in which victims provided offenders with access to their computers before being tricked out of money, a Brisbane court was told on Wednesday.

Continue reading...

Australia news live: government asks Optus to pay for new passports after data breach; severe thunderstorm warning for Sydney

Posted on by

Prime minister says Labor believes ‘Optus should pay, not taxpayers’ after customer data compromised. Follow the day’s news

Election wash-up

As we reported yesterday, the AEC will be appearing at the electoral matters parliamentary committee hearing this morning.

Continue reading...

AFP investigates $1m ransom demand posted online for allegedly hacked Optus data

Posted on by

Attorney general Mark Dreyfus has been briefed by the privacy commissioner about hack and is seeking ‘urgent’ meeting with telco

The Australian federal police is investigating after the data of millions of Optus customers exposed during a recent hack was allegedly put up for sale online.

On Saturday morning a post appeared on a data market from a user claiming to be in possession of the information obtained from the breach with a demand for $1m in Monero cryptocurrency.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

Can I Tell You a Secret, episode 1: the beginning – podcast

Posted on by

In the first part of a new series, the Guardian journalist Sirin Kale takes us to a small town in the north of England to uncover how one man began a decade of cyberstalking

In this new six-episode podcast, the Guardian journalist Sirin Kale investigates the story of Matthew Hardy, a cyberstalker who terrified people in his hometown and beyond for more than a decade.

His harassment would often start in the same way, a fake profile posing as a young woman with a simple message: “Hey hun, can I tell you a secret?”. This series attempts to untangle his web of deception to find out how and why he wreaked havoc over so many people’s lives.

Continue reading...

Customers’ personal data stolen as Optus suffers massive cyber-attack

Posted on by

Personal information of potentially millions of customers exposed, including names, dates of birth, addresses, and contact details

Optus has suffered a massive cyber-attack, with the personal information of customers stolen, including names, dates of birth, addresses, and contact details.

The telco suffered the data breach when hackers, believed to be working for a criminal or state-sponsored organisation, accessed the sensitive information by breaking through the company’s firewall.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

Uber responding to ‘cybersecurity incident’ after hack

Posted on by

Ride-hailing company confirms attack after hacker compromises Slack app and messages employees

Uber has been hacked in an attack that appears to have breached the ride-hailing company’s internal systems.

The California-based company confirmed it was responding to a “cybersecurity incident”, after the New York Times reported that a hack had accessed the company’s network and forced it to take several internal communications and engineering systems offline. The hacker claimed to be 18 years old, according to the report.

Continue reading...

Insider cyber threats pose ‘significant’ risk to Australia’s defence force, brief warns

Posted on by

Incoming brief to Albanese government cites risk of malicious employees accessing and inappropriately using systems

Defence is at “significant risk” from cyber insider threats, the department’s incoming brief to the Albanese government says.

That could include malicious, disgruntled or merely duped employees accessing Defence’s systems and threatening their security.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

Ministers coordinate response after cyber-attack hits NHS 111

Posted on by

Outage that affected services across system may not be fully resolved until next week, says IT provider

Ministers are working to coordinate a “resilience response” after a cyber-attack caused a significant outage across the NHS computer system.

The outage affected services across the system such as patient referrals, ambulances being dispatched, out-of-hours appointment bookings, and emergency prescriptions.

Continue reading...

SMS scams: mobile companies could face fines of up to $250,000 under new Australian code

Posted on by

New regulations require scam messages to be traced, identified and blocked and for information to be shared with authorities

Mobile phone companies could face up to $250,000 in fines for failing to comply with a new code to block SMS scam messages.

The code, registered by the Australian Communications and Media Authority (Acma) on Tuesday, will require the companies to trace, identify and block SMS scam messages, and publish information for customers on how to identify and report scams.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

FBI and MI5 leaders give unprecedented joint warning on Chinese spying

Posted on by

Christopher Wray joins Ken McCallum in London, calling Beijing the ‘biggest long-term threat to economic security’

The head of the FBI and the leader of Britain’s domestic intelligence agency have delivered an unprecedented joint address raising fresh alarm about the Chinese government, warning business leaders that Beijing is determined to steal their technology for competitive gain.

In a speech at MI5’s London headquarters intended as a show of western solidarity, Christopher Wray, the FBI director, stood alongside the MI5 director general, Ken McCallum. Wray reaffirmed longstanding concerns about economic espionage and hacking operations by China, as well as the Chinese government’s efforts to stifle dissent abroad.

Continue reading...

Five Eyes must ramp up fight against rising organised crime, AFP commissioner warns

Posted on by

Pandemic has contributed to ‘destabilisation of world order’ leading to weaponisation of technology, Reece Kershaw says

The Australian federal police commissioner has urged his Five Eyes counterparts to ramp up the fight against organised crime, declaring the pandemic has fuelled “the destabilisation of the world order”.

Reece Kershaw issued a rallying call for closer coordination on law enforcement as he addressed colleagues from the US, Canada, the UK and New Zealand, who have been visiting Australia for talks since Monday.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

Security warnings at UK nuclear facilities hit 12-year high as inspections fall

Posted on by

Exclusive: Fears over regulator’s ability to cope with planned expansion in nuclear energy

The number of formal reports documenting security issues at the UK’s civil nuclear facilities has hit its highest level in at least 12 years amid a decline in inspections, the Guardian can reveal.

Experts said the news raised concerns about the regulator’s capacity to cope with planned expansion in the sector.

Continue reading...

Costa Rica declares national emergency amid ransomware attacks

Posted on by

President Rodrigo Chaves establishes emergency commission as one of his first acts amid attacks by Russian-speaking gang

After a month of crippling ransomware attacks, Costa Rica has declared a state of emergency invoking a measure usually reserved to deal with natural disasters or the Covid-19 pandemic to allow the government to react more nimbly to the crisis.

President Rodrigo Chaves, who was sworn in on Sunday, made the emergency declaration one of his first acts. It was published on Wednesday, but Chaves has not named the members of the National Emergency Commission.

Continue reading...

UK cybersecurity unit tackles record number of online scams in 2021

Posted on by

More than 2.7m attempted frauds interrupted, including fake celebrity endorsements and extortion emails

Britain’s cybersecurity unit has reported a record crackdown on internet scams after tackling more than 2.7m attempted frauds last year, a near-fourfold increase on the figure for 2020.

The National Cyber Security Centre (NCSC), an arm of the GCHQ spy agency, said the interrupted scams included fake celebrity endorsements and bogus extortion emails. It stressed, however, that the increase in detection reflected aggressive targeting by the unit rather than an increase in scams.

Continue reading...

Boris Johnson must pay attention to basic cybersecurity rules, says security adviser

Posted on by

Peter Ricketts’ warning comes as UAE accused of using Pegasus spyware to hack into mobile phone at Downing Street

Boris Johnson should “pay close attention” to basic rules of cybersecurity, a former national security adviser has said, after it emerged that the United Arab Emirates was accused of hacking into a mobile phone at Downing Street.

Peter Ricketts, who held the post between 2010 and 2012, said the cyber-attack demonstrated that “commercially made” Pegasus software from NSO Group allowed a “wide range of actors” to engage in sophisticated espionage.

Continue reading...

Internet scams to be included in UK online safety bill

Posted on by

Platforms to be required to protect users from pre-paid fraudulent adverts as well as user-generated scams

Measures to protect people from internet scams will now be included in proposed online safety laws, the government has said.

Under a previous draft of the online safety bill, platforms which host user-generated content would have a “duty of care” to protect users from fraud by other users.

Continue reading...

North Korean hackers stole $400m in digital assets last year, says report

Posted on by

The regime has launched at least seven cyber-attacks on cryptocurrency platforms, say blockchain experts

North Korea has launched at least seven attacks on cryptocurrency platforms that extracted nearly $400m worth of digital assets last year, one of its most successful years on record, according to a new analysis.

“From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” said the report by blockchain experts Chainalysis, which was released on Thursday.

Continue reading...

Cyber-attack on UK’s Defence Academy caused ‘significant’ damage

Posted on by

Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs

A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.

Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.

Continue reading...

Recently uncovered software flaw ‘most critical vulnerability of the last decade’

Posted on by

Log4Shell grants easy access to internal networks, making them susceptible to data loot and loss and malware attacks

A critical vulnerability in a widely used software tool – one quickly exploited in the online game Minecraft – is rapidly emerging as a major threat to organizations around the world.

“The internet’s on fire right now,” said Adam Meyers, senior vice-president of intelligence at the cybersecurity firm Crowdstrike. “People are scrambling to patch”, he said, “and all kinds of people scrambling to exploit it.” He said on Friday morning that in the 12 hours since the bug’s existence was disclosed, it had been “fully weaponized”, meaning malefactors had developed and distributed tools to exploit it.

Continue reading...

Britain and Israel to sign trade and defence deal

Posted on by

Pact covers Iran as well as cybersecurity, despite controversy over use of Israeli firm NSO Group’s Pegasus spyware in UK

Britain and Israel will sign a 10-year trade and defence pact in London on Monday, promising cooperation on issues such as cybersecurity and a joint commitment to prevent Iran from obtaining nuclear weapons.

The agreement was announced by Liz Truss, the foreign secretary, and her Israeli counterpart Yair Lapid, despite evidence that spyware made by Israeli company NSO Group had probably been used to spy on two British lawyers advising the ex-wife of the ruler of Dubai, Princess Haya.

Continue reading...