Tag: national | Page 6

Russian hackers send emails with malware, taking advantage of national mobile operator Kyivstar’s outage

December 24, 2023/in Computer Security

Russian hackers are taking advantage of the outage at Kyivstar, one of Ukraine’s national mobile operators, to send out emails containing malware to Ukrainians using archive files named “Amount owed by subscriber”, “Request”, “Documents”, etc., the State Service of Special Communications has warned.

Source: State Service of Special Communications and Information Protection of Ukraine (SSSCIP) and the Government Computer Emergency Response Team (CERT-UA)

Quote from SSSCIP: “Hackers persist in exploiting issues that are bothering thousands of Ukrainians to spread malware. This time, experts from CERT-UA, the Governmental Computer Emergency Response Team of Ukraine, have uncovered a massive email campaign with the subject line ‘Amount owed under your Kyivstar contract’ and an attachment named ‘Amount owed by subscriber.zip’.

Ukrainians have received emails regarding ‘Amount owed under your Kyivstar contract’, which contained attachments in the form of an archive named ‘Amount owed by subscriber.zip’ with attached password-protected RAR archives.

Moreover, CERT-UA has detected the spreading of emails with the subject heading ‘Security Service of Ukraine (SSU) request” with an attachment named ‘Documents.zip’. It includes a password-protected RAR archive ‘Request.rar’ followed by an executable file, ‘Request.exe’. As in the previous case, opening the archive and running the file leads to exposure to a RemcosRAT remote access programme.”

Details: The mobile operator Kyivstar experienced a large-scale outage on the morning of 12 December.

The CERT-UA team detected a massive email distribution with the subject line “Amount owed under your Kyivstar contract” and the attachment “Amount owed by subscriber.zip” on 21 December.

The ZIP archive contains a two-part RAR-archive “Amount owed by subscriber.rar”, containing a password-protected archive bearing the same name. The latter includes a document with the macro “Customer debt.doc”.

Once activated, the macro code will download the file “GB.exe” to the computer and run it using the SMB protocol via the file explorer (explorer.exe).

On its part, this file is an SFX archive containing a BATCH script to download the executable file “wsuscr.exe” from…

Source…

Government must urgently awaken to threat ransomware poses to UK national security

December 13, 2023/in Internet Security

In May 2021, president Joe Biden declared a national state of emergency after a ransomware attack by Russian DarkSide forced one of the United States’ largest and most vital oil lines to shut down for six days.

Today in the UK we are at high risk of a catastrophic cyber-attack at any moment. Ransomware is a type of malicious software — ‘malware’ — designed to damage and destroy computer systems, usually to facilitate extortion.

It can cause severe disruption to the delivery of core government services, including healthcare and child protection, as well as ongoing economic losses. Swathes of UK critical national infrastructure (CNI) – much of which is operated by the private sector — remain vulnerable to ransomware, especially where sectors still rely on legacy IT systems.

Victims have described going ‘back to a pre-computer era of the 1950s in mere minutes’ as they were locked out of digital systems and forced to resort to pen and paper. A coordinated and targeted attack has the real potential to bring the country to a standstill.

Featured

MDU and Red Whale come together to support healthcare professionals’ educational needs

Featured

Wales Humanists launches report on 100 years of disestablishment

Tag Archive for: national