Tag: cyber | Page 3

Russia behind cyber attacks on Western utilities, security firm says | Yle News

April 22, 2024/in Internet Security

“It’s kind of an escalation in that we’re seeing more than just data collection, surveillance and intelligence gathering,” Mikko Hyppönen says.

Portrait of a man with glasses, a mustache and dark hair combed back into a ponytail, wearing a blue blazer. — Withsecure’s research director Mikko Hyppönen Image: Jari Kovalainen / Yle

Russia has used malware in cyber attacks on targets in Eastern European countries since at least mid-2022, according to Finnish cyber security firm Withsecure.

More specifically, the company has reported that a Russian military intelligence effort led to the breach of databases belonging to an Estonian logistics company.

Finland’s eastern neighbour also appears to have tampered with water utility data systems in the US, France and Poland, according to Mandiant, a data security firm and subsidiary of Google.

So far, the cyberattacks do not appear to have caused significant disruptions. For example, the attack in the US caused a water tank at a facility in Texas to overflow until the system was brought under control, according to CNN.

But according to Withsecure’s research director, Mikko Hyppönen, it is a serious matter if Russia has started carrying out cyber attacks on Nato countries’ utilities.

“It’s kind of an escalation in that we’re seeing more than just data collection, surveillance and intelligence gathering,” Hyppönen told Yle.

Hyppönen: Russia attacked Estonian firm

At the end of 2022 malicious code dubbed “Kapeka” helped hackers to breach a database belonging to an Estonian logistics firm. A recent study at Withsecure revealed who was behind the attack, according to Hyppönen.

“Our research linked the Kapeka malware directly to Russia’s Sandworm group, the country’s military cyber intelligence unit,” he explained.

The Sandworm group is known for having carried out several destructive attacks in Ukraine, including temporarily knocking out the war-torn country’s electricity grid.

“Kapeka’s development and deployment likely follow the ongoing Russia-Ukraine conflict, with Kapeka being likely used in targeted attacks of firms across Central and Eastern Europe since the illegal invasion of Ukraine in 2022,” a Withsecure brief on the matter explained.

According to Hyppönen, the Sandworm-delivered malware in Estonia caused disruptions at the…

Source…

How Israel could strike Iran, from cyber attacks to assassinations

April 20, 2024/in Internet Security

The two states have been involved in a shadow war for decades, with Tehran funding terrorist groups around Israel and the latter responding with covert attacks

Published Apr 19, 2024 • 5 minute read

An Israeli flag flies on the Mount of Olives overlooking the city skyline in Jerusalem on April 19, 2024. Photo by AHMAD GHARABLI/AFP via Getty Images

For days, Iran was bracing for an Israeli retaliation.

On Thursday night, long-distance aircraft fired missiles on an Iranian airforce base, breaking the lull in the Islamic Republic’s Isfahan city, Israeli media reported. Two Israeli officials reportedly confirmed the country’s involvement in the attack.

Article content

Italian Foreign Minister Antonio Tajani said the U.S. told members of the G7 that it received “last minute” information from Israel about a drone strike in Iran, but added that the U.S. did not participate in the offensive.

Advertisement 2

Source…

Carpetright is latest British business to be hit by cyber attack as hackers target company HQ to affect hundreds of customer orders

April 20, 2024/in Computer Security

Hackers targeted the company HQ in Purfleet, Essex on Tuesday

Flooring chain Carpetright is the latest British business to be hit by a cyber attack affecting hundreds of customer orders.

Hackers targeted the company HQ in Purfleet, Essex on Tuesday, sending malware to gain unauthorised access.

Carpetright’s network was taken offline due to the cyber attack but bosses insist that the virus was isolated before any data was swiped.

However phone lines are still down with callers met with the automated message ‘Thank you for your patience while we work on a solution’.

Staff and hundreds of customers were affected by the malicious virus with employees reportedly unable access their payroll information.

Flooring chain Carpetright is the latest British business to be hit by a cyber attack affecting hundreds of customer orders (file pic)

Hackers targeted the company HQ in Purfleet, Essex on Tuesday, sending malware to gain unauthorised access (stock photo)

A source told The Sun: ‘Some staff networks were taken down including the portals that workers use to book time off and look at payslips.

‘It happened abruptly and was worrying because customers couldn’t get through to helplines.

READ MORE: Hackers publish NHS patients’ data after cyber attack including names, addresses and medical conditions – as they vow to post thousands more unless ransom is paid

‘Everything at HQ was taken offline as that was the best way to stop the attack spreading to customer data.’

A spokesperson for Carpetright said: ‘We would like to apologise for any inconvenience caused.

‘We are not aware of any customer or colleague data being impacted by this incident and are testing and resetting systems, with investigations ongoing.’

The cyber attack at the flooring chain comes after hackers managed to access a ‘small number’ of patients’ data last month.

Ransomware group – INC Ransom – targeted NHS Dumfries and Galloway and claimed it was in possession of three terabytes of data from NHS Scotland.

A post on its dark web blog included a ‘proof pack’ of some of the data, which was…

Source…

Cyber attack takes Frontier Communications systems offline, affecting millions of broadband customers

April 19, 2024/in Internet Security

US telecom provider Frontier Communications was forced to shut down a number of its internal systems after detecting an unauthorized third party in its IT environment, shuttering internet access for millions.

Frontier Communications said it first detected the unauthorized access on 14 April 2024, before reporting the incident to the SEC on 15 April. The company said it had taken its systems down as part of its incident response protocols in an effort to contain the breach.

Frontier reported it believes it has contained the incident, with its core IT environment already restored, adding that it has also begun efforts to restore normal business operations, but this process is still ongoing.

Frontier serves customers in 25 US states, with 3 million broadband subscribers and a fiber optic network consisting of 5.2 million locations, as threat actors continue to target critical national infrastructure organizations to maximize the impact of their attacks.

Frontier says the third party, which it believes was likely a cyber crime group, was able to gain access to personally identifiable information (PII), among other information.

The telecom provider was unable to provide any further information on the specific types of sensitive information accessed by the attackers, or whether the PII pertained to customers or employees.

Some customers took to social media to voice their concern after being without internet for three days since Frontier took its systems down, reporting they cannot access technical support through Frontier’s app, website chat, or their phone line.

Frontier announced it was experiencing technical issues with its internal support systems and provided a phone number for those who require assistance.

Hackers target telecoms industry as ISPs become increasingly viewed as critical-national infrastructure

This incident comes hot on the heels of a series of high-profile cyber incident affecting telecom companies.

A huge cache of AT&T customer data was published on the dark web on 30 March 2024, with the personal…

Source…

Tag Archive for: cyber

Hyppönen: Russia attacked Estonian firm

Article content