Tag Archive for: european

European Police, FBI Bust Up International Ransomware Crime Ring

/in


by D. Howard Kass • Mar 8, 2023

A coordinated international law enforcement operation has seriously dented a Russia-linked DoppelPaymer ransomware gang responsible for numerous digital hijackings and extortions worldwide since 2019, according to a Europol briefing.

Nations Team Up to Bust Gang

German and Ukrainian police, working in concert with Europol, the Dutch police and the FBI, last month raided a house belonging to a German national believed to be a major player in the crime syndicate, interrogated suspects and seized equipment for forensic analysis.

Investigators said they identified 11 individuals linked to the DoppelPaymer group that has operated in various iterations since at least 2010. The gang is said to have ties to a Russia-based outfit formerly engaged in online banking theft that pre-dated ransomware.

Despite the “current extremely difficult security situation that Ukraine is currently facing due to the invasion by Russia,” Ukrainian police officers interrogated a Ukrainian national who is also believed to be a member of the core DoppelPaymer group.

During the searches, they seized electronic equipment, which is currently under forensic examination, to determine the suspects’ roles and links to other co-conspirators, Europol said. The Ukrainian officers searched two locations, one in Kiev and one in Kharkiv.

German police have also issued arrest warrants for three additional suspects based in Russia: Igor Turashev, Igor Garshin and Irina Zemlyanikina. Turashev, who is also wanted by the FBI for his alleged role in the sanctioned Evil Corp hacking group, is accused of “having committed acts of blackmail and computer sabotage in particularly serious cases.”

On the days the law enforcement operation was carried out, Europol said it deployed three experts to Germany to cross-check operational information against Europol’s databases and to provide further operational analysis, crypto tracing and forensic support. The data and other related cases are expected to trigger further investigative activities.

Ransoms Reach $42 million

Dirk Kunze, who heads the cybercrime department with North Rhine-Westphalia state police, told the Associated Press…

Source…

Enea Secures Order for Signaling Security in Mobile Networks from European Operator

/in


Enea has received an order for signaling security in mobile networks from a European telecom operator. 

The agreement covers new business with an existing customer and includes software as well as services in multiple countries. Revenues of EUR 1 million are booked in the fourth quarter of 2022. 


The remaining part is recognized during a three-year period. The total order value is EUR 2.2 million.

Enea is a world leader in mobile network security, protecting more than 2.2 billion subscribers worldwide. Enea provides a unique combination of intelligence, expertise in defensive cybersecurity, and award-winning software solutions for advanced threat detection and response.

Jan Häglund, President and CEO of Enea
The geopolitical situation in Europe puts focus on cyber threats against mobile networks. Enea AdaptiveMobile Security products are market leading and play an important role in protecting against intrusion and sabotage attempts.

Source…

European Electricity Sector Lacks Cyber Experts as Ukraine War Raises Hacking Risks

/in


Europe’s power-grid operators say they are struggling to hire cybersecurity experts at a time when the sector is especially vulnerable to hacking threats related to the war in Ukraine. 

The staff shortage is alarming executives, particularly after Ukraine disconnected from Russia’s electric grid in February and linked to continental Europe’s grid, adding new risks that a potential cyberattack could ripple across countries.

“The worry is about cascading effects,” said Gregorz Bojar, chief information officer at

Polskie Sieci Elektroenergetyczne SA,

the operator of Poland’s electricity-transmission system. 

European electricity operators and providers are on alert. The Covid-19 pandemic and Russia’s invasion of Ukraine have heightened cyber threats in recent years. Hackers hit three German wind-energy companies in the early months of the war, taking down some remote-control systems that monitor turbines. In one case, an attack launched one hour before Russia invaded Ukraine on Feb. 24 on a

Viasat Inc.

satellite providing internet connections in Ukraine disrupted those systems and took down internet service for thousands of Ukrainians and people in other parts of Europe.

“We can talk about a weaponization of the energy sector,” said Aurélio Blanquet, secretary general of the European Energy Information Sharing and Analysis Center, speaking at a conference in Brussels last month. The center helps energy companies exchange information about cyber threats.

New European laws set to come into force over the next few years will also heighten regulators’ scrutiny of cybersecurity processes at critical infrastructure operators. This, in…

Source…

Chinese hacking groups target US and European governments

/in


Three separate Chinese state-sponsored advanced persistent threat groups have been observed targeting victims, including U.S. state governments, European diplomatic entities and Gmail accounts linked to the U.S. government.

The first group, APT41, also known as Wicked Panda and Winti, is believed by researchers at Mandiant Inc. to have successfully compromised at least six U.S. state government networks. The APT did so by exploiting vulnerable internet-facing web applications, including using zero-day or hitherto undiscovered vulnerabilities in the USAHerds application and Apache Log4j.

The campaign by APT41 ran between May 2021 and February 2022. Although Chinese state-sponsored actors targeting networks in the West is not new, the researchers note that one remarkable aspect is how quickly they act to exploit vulnerabilities when they become known.

In the case of the now-infamous Log4j vulnerability, the Chinese hackers were exploiting the vulnerability within hours of it being disclosed. The exploitation of the initial Log4j vulnerability — there ended up being multiple vulnerabilities — directly led to the compromise of two U.S. state government networks as well as other targets in insurance and telecoms. Having gained access, APT41 then undertook extensive credential collection.

APT41 was linked by the BlackBerry Ltd. Research & Intelligence team to a range of previous campaigns in October. The U.S. Department of Justice indicted five Chinese nationals and two Malaysians linked to the group in September.

“Based on my extensive experience in tracking nation-state adversaries, China is deeply concerned with knowing as much as they can at all times,” Aubrey Perin, lead nation-state threat intelligence analyst at information security and compliance firm Qualys Inc., told SiliconANGLE. “Their belief system around information being a public domain differs with the United States’ notion of intellectual property. As long as China is not spying for the sake of harming others, it is on brand for them to be poking about in ways that come to fruition in instances such as these.”

The second campaign, detailed by researchers at Proofpoint Inc., relates to the…

Source…