Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs
A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.
Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.
Continue reading...Opposition leader Donald Tusk calls for inquiry after watchdog says government’s rivals were targeted by Pegasus spyware
Polish opposition leader Donald Tusk said on Tuesday reports that the government spied on its opponents represented the country’s biggest “crisis for democracy” since the end of communism.
A cybersecurity watchdog last week said the Pegasus spyware had been used to target prominent opposition figures, with Polish media dubbing the scandal a “Polish Watergate”.
Continue reading...Exclusive: Analysis of Kamel Jendoubi’s mobile phone reveals he was targeted in August 2019
The mobile phone of a UN-backed investigator who was examining possible war crimes in Yemen was targeted with spyware made by Israel’s NSO Group, a new forensic analysis of the device has revealed.
Kamel Jendoubi, a Tunisian who served as the chairman of the now defunct Group of Eminent Experts in Yemen (GEE)– a panel mandated by the UN to investigate possible war crimes – was targeted in August 2019, according to an analysis of his mobile phone by experts at Amnesty International and the Citizen Lab at the University of Toronto.
Continue reading...Israeli spyware firm goes from bad to worse as scathing Apple lawsuit follows US blacklisting
Shalev Hulio, the co-founder of Israel’s NSO Group, was in Washington DC on a mission to try to resuscitate the surveillance company’s battered reputation on Capitol Hill shortly before the news broke that he had probably arrived too late to make a difference.
With little advance warning to its allies in Israel, the Biden administration announced on 3 November that it was putting the spyware maker – one of the most sophisticated cyber-weapons companies in the world – on a US blacklist, citing use of the company’s software by regimes around the world for “transnational repression”.
Continue reading...Analysis: while identity of hackers is not known in this case, Palestinians have long been spied on by Israeli military
The disclosure that Palestinian human rights defenders were reportedly hacked using NSO’s Pegasus spyware will come as little surprise to two groups of people: Palestinians themselves and the Israeli military and intelligence cyber operatives who have long spied on Palestinians.
While it is not known who was responsible for the hacking in this instance, what is very well documented is the role of the Israeli military’s 8200 cyberwarfare unit – known in Hebrew as the Yehida Shmoneh-Matayim – in the widespread spying on Palestinian society.
Continue reading...LightBasin hackers were able to obtain subscriber information and call metadata, says CrowdStrike
At least 13 phone companies around the world have been compromised since 2019 by sophisticated hackers who are believed to come from China, a cybersecurity expert group has said.
The roaming hackers – known as LightBasin – were able to “search and find” individual mobile phones and “target accordingly”, according to CrowdStrike, a group regularly cited by western intelligence.
Continue reading...Sheikh Mohammed used spyware on Princess Haya and five associates in unlawful abuse of power, judge rules
The ruler of Dubai hacked the phone of his ex-wife Princess Haya using NSO Group’s controversial Pegasus spyware in an unlawful abuse of power and trust, a senior high court judge has ruled.
The president of the family division found that agents acting on behalf of Sheikh Mohammed bin Rashid al-Maktoum, who is also prime minister of the United Arab Emirates, a close Gulf ally of Britain, hacked Haya and five of her associates while the couple were locked in court proceedings in London concerning the welfare of their two children.
Continue reading...Culture secretary says move could lead to an end to irritating cookie popups and consent requests online
Britain will attempt to move away from European data protection regulations as it overhauls its privacy rules after Brexit, the government has announced.
The freedom to chart its own course could lead to an end to irritating cookie popups and consent requests online, said the culture secretary, Oliver Dowden, as he called for rules based on “common sense, not box-ticking”.
Continue reading...Will Cathcart claims government officials around the world among 1,400 WhatsApp users targeted in 2019
Senior government officials around the world – including individuals in high national security positions who are “allies of the US” – were targeted by governments with NSO Group spyware in a 2019 attack against 1,400 WhatsApp users, according to the messaging app’s chief executive.
Will Cathcart disclosed the new details about individuals who were targeted in the attack after revelations this week by the Pegasus project, a collaboration of 17 media organisations which investigated NSO, the Israeli company that sells its powerful surveillance software to government clients around the world.
Continue reading...Exclusive: Finding raises questions for security services weeks after similar revelations about PM’s number
The private mobile number of Dominic Raab, the UK foreign secretary, has been online for at least 11 years, raising questions for the security services weeks after the prime minister’s number was also revealed to be accessible to anyone.
Raab’s number was discovered by a Guardian reader using a Google search. It appears to have been online since before he became an MP in 2010, and remained after he became foreign secretary and first secretary of state – de facto deputy prime minister – in 2019.
Continue reading...UK surveillance agency says it has long valued neuro-diverse analysts – including Alan Turing
Apprentices on GCHQ’s scheme are four times more likely to have dyslexia than those on other organisations’ programmes, the agency has said, the result of a drive to recruit those whose brains process information differently.
GCHQ says those with dyslexia have valuable skills spotting patterns that others miss – a key area the spy agency wants to encourage as it pivots away from dead letter drops and bugging towards high-tech cybersecurity and data analysis.
Continue reading...Streaming service tests feature that asks viewers if they share household with subscriber
Netflix has begun testing a feature that asks viewers whether they share a household with a subscriber, in a move that could lead to crackdown on the widespread practice of sharing passwords among friends and family.
Some Netflix users are reported to have received a message asking them to confirm they live with the account owner by entering a code included in a text message or email sent to the subscriber.
Continue reading...Analysis: trade in stolen data is a boon for investigators and a headache for Kremlin
In early 2019, the journalist Andrei Zakharov managed to buy his own phone and banking records in a groundbreaking investigation into Russia’s thriving markets in stolen personal data, in which law enforcement and telecoms employees can be contracted anonymously to dip into their systems and pull out sensitive details on anyone.
A year and a half later, investigators from Bellingcat and the Insider used some of the same tools and clever analysis to out a secret FSB team that had been tasked with killing Alexei Navalny using a novichok nerve agent.
Continue reading...The controversial app’s users are ignoring geopolitical battle over its digital security, says Richard Waterworth
TikTok’s UK chief has strenuously denied the video-sharing app, which Donald Trump has threatened to ban, shares data with China.
Richard Waterworth told the Observer that the UK and European arm of TikTok was growing quickly, despite the “turbulent” geopolitical battle in which the Chinese-born app has found itself.
Continue reading...Russian cybercrime gang is believed to be responsible for taking Garmin services offline
A ransomware attack that took the GPS and smartwatch business Garmin entirely offline for more than three days is believed to have been carried out by a Russian cybercriminal gang which calls itself “Evil Corp”.
Garmin began to restore services to customers on Monday morning, after being held hostage for a reported ransom of $10m, although some services were still operating with limited functionality.
Continue reading...US company forced to shut down call centres, website and some other online services
Garmin has been forced to shut down its call centres, website and some other online services after a ransomware attack encrypted the smartwatch maker’s internal network and some production systems.
The US company shut down services including the official Garmin website and all customer services, including phone lines, online chat and email.
Continue reading...Airline apologises after credit card details of about 2,200 passengers were stolen
EasyJet has revealed that the personal information of 9 million customers was accessed in a “highly sophisticated” cyber-attack on the airline.
The company said on Tuesday that email addresses and travel details were accessed and it would contact the customers affected.
Continue reading...Controls on the ‘online information content ecosystem’ bring heightened concern about freedom of speech
Sweeping new internet censorship rules have gone into effect in China, prompting concerns that authorities will further control information and online debate as the country reels from the coronavirus outbreak.
China’s cybersecurity administration has since Saturday implemented a set of new regulations on the governance of the “online information content ecosystem” that encourage “positive” content while barring material deemed “negative” or illegal.
Continue reading...Amazon founder interviewed as FBI conducts inquiry into Israeli firm linked to malware
Jeff Bezos met federal investigators in April 2019 after they received information about the alleged hack of the billionaire’s mobile phone by Saudi Arabia, the Guardian has been told.
Bezos was interviewed by investigators at a time when the FBI was conducting an investigation into the Israeli technology company NSO Group, according to a person who was present at the meeting.
Continue reading...Exclusive: former Microsoft contractor says he was emailed login after minimal vetting
A Microsoft programme to transcribe and vet audio from Skype and Cortana, its voice assistant, ran for years with “no security measures”, according to a former contractor who says he reviewed thousands of potentially sensitive recordings on his personal laptop from his home in Beijing over the two years he worked for the company.
The recordings, both deliberate and accidentally invoked activations of the voice assistant, as well as some Skype phone calls, were simply accessed by Microsoft workers through a web app running in Google’s Chrome browser, on their personal laptops, over the Chinese internet, according to the contractor.
Continue reading...