Category Archives: Cybercrime

To fight global crime, Taiwan must be included in Interpol | Letters

Posted on by

Huang Chia-lu responds to the news that a Chinese official is seeking election to Interpol’s executive committee, and urges the international community to support Taiwan’s participation

You rightly point out the concerns of human rights activists and international politicians that China could misuse Interpol’s capabilities to track down overseas dissidents if Hu Binchen is elected as an executive committee member (Chinese official seeks Interpol role, sparking fears for dissidents, 15 November). One should also note that Taiwan is not included in Interpol, meaning there is a missing part in the global fight against international crime and cybercrime.

As cybercrime transcends borders, transnational cooperation is key to bringing international crime rings to justice. Taiwan’s police authorities have a hi-tech crime investigation unit and professional cybercrime investigators. Taiwan’s expertise will benefit global efforts to build a safer cyberspace.

Continue reading...

‘It’s feasible to start a war’: how dangerous are ransomware hackers?

Posted on by

Secretive gangs are hacking the computers of governments, firms, even hospitals, and demanding huge sums. But if we pay these ransoms, are we creating a ticking time bomb?

They have the sort of names that only teenage boys or aspiring Bond villains would dream up (REvil, Grief, Wizard Spider, Ragnar), they base themselves in countries that do not cooperate with international law enforcement and they don’t care whether they attack a hospital or a multinational corporation. Ransomware gangs are suddenly everywhere, seemingly unstoppable – and very successful.

In June, meat producer JBS, which supplies over a fifth of all the beef in the US, paid a £7.8m ransom to regain access to its computer systems. The same month, the US’s largest national fuel pipeline, Colonial Pipeline, paid £3.1m to ransomware hackers after they locked the company’s systems, causing days of fuel shortages and paralysing the east coast. “It was the hardest decision I’ve made in my 39 years in the energy industry,” said a deflated-looking Colonial CEO Joseph Blount in an evidence session before Congress. In July, hackers attacked software firm Kaseya, demanding £50m. As a result, hundreds of supermarkets had to close in Sweden, because their cash registers didn’t work.

Continue reading...

Tech firm hit by giant ransomware hack gets key to unlock victims’ data

Posted on by

Kaseya’s universal key can free the files of hundreds of organizations, ending the worst of the attack’s fallout

The software company at the center of a huge ransomware attack this month has obtained a universal key to unlock files of the hundreds of businesses and public organizations crippled by the hack.

Nineteen days after the initial attack over the Fourth of July weekend, the Florida-based IT management provider, Kaseya, has received the universal key that can unlock the scrambled data of all the attack’s victims, bringing the worst of the fallout to a close.

Continue reading...

‘Cyber-attack’ hits Iran’s transport ministry and railways

Posted on by

Message boards in train stations show cancellations though rail operator denies disruptions

Websites of Iran’s transport and urbanisation ministry went out of service on Saturday after a “cyber-disruption” in computer systems, the official IRNA news agency reported.

On Friday, Iran’s railways also appeared to come under cyber-attack, with messages about alleged train delays or cancellations posted on display boards at stations across the country. Electronic tracking of trains across Iran reportedly failed.

Continue reading...

‘We expect them to act’: Biden presses Putin on ransomware groups, hints at retaliation

Posted on by

Joe Biden’s hour-long phone call with the Russian leader suggests growing impatience over attacks disrupting US sectors

Joe Biden has increased pressure on Vladimir Putin to move against ransomware groups operating from Russia, warning the United States is prepared to respond if cyberhacks are not stopped.

The two leaders held an hour-long phone call on Friday, their first since they discussed ransomware attacks at a summit in Geneva on 16 June. Biden’s message to Putin in the call was direct, suggesting a growing impatience over attacks that have disrupted key US sectors.

Continue reading...

Biden announces investigation into international ransomware attack

Posted on by

President addresses hack of Kaseya software that has affected hundreds of US businesses and shut down Swedish shops

Joe Biden said on Saturday he had directed US intelligence agencies to investigate a sophisticated ransomware attack that hit hundreds of American businesses as the Fourth of July holiday weekend began and aroused suspicions of Russian gang involvement.

Related: Joe Biden cherry-picks audience to promote bipartisan infrastructure deal

Continue reading...

Dominic Raab’s mobile number freely available online for last decade

Posted on by

Exclusive: Finding raises questions for security services weeks after similar revelations about PM’s number

The private mobile number of Dominic Raab, the UK foreign secretary, has been online for at least 11 years, raising questions for the security services weeks after the prime minister’s number was also revealed to be accessible to anyone.

Raab’s number was discovered by a Guardian reader using a Google search. It appears to have been online since before he became an MP in 2010, and remained after he became foreign secretary and first secretary of state – de facto deputy prime minister – in 2019.

Continue reading...

Ransomware is biggest online threat to people in UK, spy agency chief to warn

Posted on by

GCHQ cybersecurity boss sounds alarm over extortion by hackers who are mostly based in former Soviet states

Ransomware represents the biggest threat to online security for most people and businesses in the UK, the head of GCHQ’s cybersecurity arm is to warn.

Lindy Cameron, chief executive of the National Cyber Security Centre, will say in a speech that the phenomenon, where hackers encrypt data and demand payment for it to be restored, is escalating and becoming increasingly professionalised.

Continue reading...

World’s biggest meat producer JBS pays $11m cybercrime ransom

Posted on by

Brazil-based giant paid ransom in bitcoin after ransomware attack shut down operations across world

JBS, the world’s biggest meat processor, has paid an $11m (£7.8m) ransom after a cyber attack shut down operations, including abattoirs in the US, Australia and Canada.

While most of its operations have been restored, the Brazilian-headquartered company said it hoped the payment would head off any further complications including data theft.

Continue reading...

China’s ‘splinternet’ will create a state-controlled alternative cyberspace

Posted on by

Beijing is using blockchain to build a new internet and many developing countries are likely to sign up – but at what cost?

Cyberspace is one huge, unregulated mess. A virtual wild west where sophisticated criminal gangs ply their trade alongside multinational companies, spy agencies, activists, celebrity influencers – and nation states. The question of who governs it is one of the biggest of our time.

Britain needs to be, if not quite ruling the waves, at least a global force for good in the expanding virtual world. The issue has never been so pressing. Six years ago, I acted for a coder in the biggest cyberfraud phishing case in the UK. The malware my client and others created was so sophisticated that the police could not decode it but were able to show it was used for fraud. The financial data harvested was stored on two servers, one in France and one in the US, and the lack of international cooperation meant law enforcement never got their hands on it.

Continue reading...

Cyber-attack targets world’s largest meat-processing company

Posted on by

Ransomware attack halts production at JBS, which supplies more than fifth of all beef in US

A cyber-attack on the world’s largest meat-processing company has forced it to halt all US operations while it scrambles to restore functionality.

JBS, which supplies more than a fifth of all beef in America, said all of its US beef plants were pushed offline on Sunday. The ransomware attack on the Brazilian-headquartered company’s networks also disrupted other operations across the US, as well as the company’s businesses in other countries, including Australia, but less severely.

Continue reading...

Russian SolarWinds hackers launch email attack on government agencies

Posted on by

Microsoft says group targeted more than 15o American and foreign organisations using USAid account

The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted phishing assault on US and foreign government agencies and thinktanks this week using an email marketing account of the US Agency for International Development (USAid), Microsoft has said.

The effort targeted about 3,000 email accounts at more than 150 different organisations, at least a quarter of them involved in international development, humanitarian and human rights work, the Microsoft vice-president Tom Burt wrote in a blog post late on Thursday.

Continue reading...

‘I can’t be that careless’: Australian Uyghur activist targeted online

Posted on by

Nurgul Sawut, who has been named on a Chinese blacklist, says she’s experienced online trolling, nasty messages and malware

A Uyghur activist in Australia who has been the target of cyber-attacks by hacker groups in China says the Australian government needs to do more to educate the Uyghur community in Australia to protect themselves online.

Uyghur activists outside of China are frequently the target of hackers based in China.

Continue reading...

Ransomware attack disrupts Irish health services

Posted on by

IT systems shut down and some medical appointments cancelled after attempt to access data

Ireland’s state health services provider has shut all its IT systems and cancelled some medical appointments after what it described as a “significant ransomware attack” overnight caused widespread disruption.

Paul Reid, the Health Service Executive chief executive, told RTÉ there had been a “human-operated” attempt to access data stored on central servers for a presumed ransom. “There has been no ransom demand at this stage. The key thing is to contain the issue. We are in the containment phase.”

Continue reading...

Suspected Russia-led cyber campaign targets Germany’s Green party leader

Posted on by

Annalena Baerbock faces social media onslaught after voicing opposition to Nord Stream 2 project

Fears are growing in Berlin of a Russian-led cyber campaign against the leader of Germany’s Green party after she pledged to block a gas pipeline project between Russia and Europe.

Annalena Baerbock, who is running to succeed Angela Merkel as chancellor in September’s election, has been targeted in recent days by an increasingly vicious campaign across social media.

Continue reading...

US invokes emergency powers after cyberattack shuts crucial fuel pipeline

Posted on by

Biden administration scrambles to avoid shortages after Colonial Pipeline targeted in worst-ever attack on US infrastructure

The Biden administration has invoked emergency powers as part of an “all-hands-on-deck” effort to avoid fuel shortages after the worst-ever cyber-attack on US infrastructure shut down a crucial pipeline supplying the east coast.

The federal transport department issued an emergency declaration on Sunday to relax regulations for drivers carrying gasoline, diesel, jet fuel and other refined petroleum products in 17 states and the District of Columbia. It lets them work extra or more flexible hours to make up for any fuel shortage related to the pipeline outage.

Continue reading...

Cyber-attack forces shutdown of one of the US’s largest pipelines

Posted on by

Colonial Pipeline said it shut down 5,500 miles of pipeline, which carries 45% of the east coast’s fuel supplies

One of the largest pipelines in the US has been shut down after an apparent cyber-attack, its operator has said.

Colonial Pipeline said it had shut down its 5,500 miles of pipeline, which carries 45% of the east coast’s fuel supplies and travels through 14 southern and eastern US states, after the breach of its computer networks.

Continue reading...

Ransomware hackers steal plans for upcoming Apple products

Posted on by

Group behind REvil ransomware claims stolen files include plans for two laptops and a new Apple Watch

Apple is facing a ransomware demand after a group of cybercriminals stole confidential plans for the company’s upcoming products from a supplier.

The “Sodin” group, which makes and runs a piece of ransomware called REvil, says it stole the plans from Quanta Computer, a Taiwanese company that assembles a number of Apple laptops.

Continue reading...

Natanz ‘sabotage’ highlights Iran’s vulnerability to cyber-attacks

Posted on by

Analysis: Apparent attack by Israel is a reminder of the weaknesses of industrial control systems

The apparent attack by Israel on Iran’s nuclear enrichment facility appears to be the latest episode in an increasing tit-for-tat cyberwar. Both sides have already targeted so-called industrial control systems [ICS], which have emerged as a key weakness for countries across the globe.

While Iran described the latest attack as “sabotage”, Israeli media called it a cyber-attack.

Continue reading...

The great opportunity: how Covid transformed global crime

Posted on by

2020 led to surges in everything from domestic abuse to black markets in fake vaccines

By the end of March, one week into the UK’s first lockdown, recorded crime in Lancashire had dropped by a startling 40% compared with the four-year average.

“At first there was some mild panic,” says DCI Eric Halford, of Lancashire Constabulary. “Most senior officers expected a surge in demand.”

Continue reading...