Tag Archive for: jones

EV Charger Hacking Could Imperil the Security of the Power Grid – Mother Jones


A man wearing shorts and a t-shirt eating a burrito walks past a white Tesla plugged in to a public charging station

Alexi Rosenfeld/Getty Images/Grist

This story was originally published by Grist and is reproduced here as part of the Climate Desk collaboration. It was co-published with Climate Desk partner Wired

With his electric Kia EV6 running low on power, Sky Malcolm pulled into a bank of fast-chargers near Terre Haute, Indiana, to plug in. As his car powered up, he peeked at nearby chargers. One in particular stood out.

Instead of the businesslike welcome screen displayed on the other Electrify America units, this one featured a picture of President Biden pointing his finger, with an “I did that!” caption. It was the same meme the president’s critics started slapping on gas pumps as prices soared last year, cloned 20 times across the screen. 

“It was, unfortunately, not terribly surprising,” Malcolm said of the hack, which he stumbled upon last fall. Such shenanigans are increasingly common. At the beginning of the war in Ukraine, hackers tweaked charging stations along the Moscow–Saint Petersburg motorway in Russia to greet users with anti-Putin messages. Around the same time, cyber vandals in England programmed public chargers to broadcast pornography. Just this year, the hosts of YouTube channel The Kilowatts tweeted a video showing it was possible to take control of an Electrify America station’s operating system. 

While such breaches have so far remained relatively innocuous, cybersecurity experts say the consequences would be far more severe at the hands of truly nefarious miscreants. As companies, governments and consumers sprint to install more chargers, the risks could only grow.

In recent years, security researchers and white-hat hackers have identified sprawling vulnerabilities in internet-connected home and public charging hardware that could expose customer data, compromise Wi-Fi networks, and, in a worst-case scenario, bring down power grids. Given the dangers, everyone from device manufacturers to the Biden administration is rushing to fortify these increasingly common machines and establish security standards.

“This is a major problem,”…

Source…

Scott Jones | Prime Minister of Canada


Education

Master of Business Administration, University of Ottawa
Bachelor of Science, Computer Science, University of Regina
Bachelor of Applied Science, Electronic Systems Engineering, University of Regina

Professional Experience

Since October 2018
Deputy Chief, Canadian Centre for Cyber Security, Communications Security Establishment Canada

2016 – 2018
Deputy Chief, IT Security, Communications Security Establishment Canada

2015 – 2016
Deputy Chief, Corporate Services, Communications Security Establishment Canada

2011 – 2015
Director General, Cyber Defence, Communications Security Establishment Canada

2011
Director, Cyber Defence Operations and Capability Development, Communications Security Establishment Canada

2008 – 2011
Director, Signals Intelligence Systems Development, Communications Security Establishment Canada

Related Product

Source…

Ransomware Attacks are Hitting Small Business. And Some of Them are Military Subcontractors – Mother Jones


A general view of the U.S. Department of Energy in Washington, D.C.Graeme Sloan/Sipa USA)(Sipa via AP Images)

Let our journalists help you make sense of the noise: Subscribe to the Mother Jones Daily newsletter and get a recap of news that matters.

On June 3—sandwiched between snippets of data from a US technology testing firm and a Brazilian maritime logistics company—internal information from an Albuquerque-based small business was posted to the dark web blog of an established ransomware group. Though this would be unwelcome news for any business of any size, this one especially caught the attention of Brett Callow, a ransomware expert at cybersecurity firm Emsisoft.

That’s because the company, Sol Oriens, LLC, is a Department of Energy National Nuclear Security Administration subcontractor. Its employees work on sensitive matters related to nuclear weapons and energy.

The National Nuclear Security Administration is the government agency responsible for maintaining and securing the nation’s nuclear weapons stockpile. It works on nuclear applications for the US military, along with other highly sensitive missions.

The attack was the work of REvil, a ransomware group that’s been in the headlines in recent weeks. It was accused by the FBI of hacking JBS, the world’s largest meatpacker, just ahead of Memorial Day weekend. The gang’s blog is full of victim data. In some ways, Sol Oriens, LLC is just one name among many. There’s no indication yet that the company was targeted because of the work it does, rather than just being another potential pay day for hackers.

But the sensitive nature of its work, and the connections between its employees and some of the most tightly guarded organizations in the US, has people like Callow worried.

Sol Oriens, LLC, may not be a major contractor, but its employees have connections to key strategic national security entities, such as Sandia National Laboratories, and Los Alamos National Laboratory.

“Ransomware represents a significant risk to national security,” he says. “While the actors may simply be financially motivated, there is no way of knowing where the information they steal may end up.”

For now, the…

Source…

Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day


A hacker claims to have stolen files belonging to the global law firm Jones Day and posted many of them on the dark web.

Jones Day has many prominent clients, including former President Donald Trump and major corporations.

Jones Day, in a statement, disputed that its network has been breached. The statement said that a file-sharing company that it has used was recently compromised and had information taken. Jones Day said it continues to investigate the breach and will continue to be in discussion with affected clients and appropriate authorities.

The posting by a person who self-identified as the hacker, which goes by the name Clop, includes a few individual documents that are easily reviewed by the public, including by The Wall Street Journal. One memo is to a judge and is marked “confidential mediation brief,” another is a cover letter for enclosed “confidential documents.” The Journal couldn’t immediately confirm their authenticity.

The Journal was able to see the existence of many more files—mammoth in size—also purported to belong to Jones Day, posted by the hacker on the so-called dark web. Hackers typically post such stolen information after the hacked entity fails to pay a ransom. The Journal was able to contact the hacker using an email on its blog.

Source…