Tag Archive for: Responsible

Russia responsible for satellite hack causing chaos across Europe

/in


Russia was behind a cyber attack which caused chaos across Europe hours before it invaded Ukraine, British officials have confirmed.

Kremlin cyber spies hacked a Viasat communication satellite intending to target the Ukrainian military but also knocking thousands of users offline including a wind farm in Germany.

The attack was the first digital salvo fired by Russia and triggered fears of an all-out online war.

Information pointing to Russian agents was previously released by the satellite’s operator Viasat. The Foreign Office has now said that the Kremlin’s military intelligence bureau, the GRU, was behind the attack.

Liz Truss, the Foreign Secretary, said: “This is clear and shocking evidence of a deliberate and malicious attack by Russia against Ukraine which had significant consequences on ordinary people and businesses in Ukraine and across Europe.”

Viktor Zhora, a senior official at Ukraine’s cybersecurity agency, said in the immediate aftermath of the hack that it was “a really huge loss in communications in the very beginning of war”.

The European Union joined Ms Truss in condemning Russia for the hack, which affected member states across the east of Europe and shut down 5,800 German wind turbines operated by power company Enercon.

The attack consisted of a malicious software update sent by Russian military intelligence to customer terminals for Viasat’s KA-SAT satellite.

Tens of thousands of terminals were damaged by the Russians’ efforts to force the satellite offline, the Foreign Office said. It is understood the terminals need to be returned to Viasat to be reprogrammed for normal use.

Viasat’s satellite service is used by businesses for general internet connectivity and for monitoring internet-connected industrial systems.

Cyber security company SentinelOne said in a March analysis that 5,800 turbines in Germany all vanished offline at the same time in late February, the first indication that something was amiss.

The UK has sanctioned the GRU after its appalling actions in Salisbury.

Previous UK sanctions froze around £940bn worth of bank assets and £117bn in personal net worth of oligarchs and their family members, whom the Government says…

Source…

Tech brands sign on to HackerOne responsible security drive

/in


Technology brands including GitLab, Starling Bank, TikTok and Wix have signed on to support a new corporate security responsibility pledge drive initiated by penetration testing and bug bounty specialist HackerOne.

The aim of the pledge is to encourage an industry-wide call to action for more transparency and a positive culture around cyber security best practice, as well as ultimately to build a safer internet for all. It focuses on four key areas:

  • Encouraging transparency to share cyber intelligence and build trust.
  • Fostering a culture of collaboration that makes the tools needed to reduce risk in the hands of everybody.
  • Promoting innovation by inspiring developers to work with security in mind.
  • Holding pledges and their suppliers accountable to following best practice to develop security as a point of differentiation.

Starling Bank’s head of cyber security, Mark Rampton, said: “At Starling, we assume that everything has the potential to be vulnerable, and believe that hyper-vigilance is the best way to stay ahead of threats.

“Security isn’t something we can do in isolation. We work with every member of our staff – and the wider security community, including HackerOne – to ensure we continually fulfil our mission of keeping customer funds and data protected.”

TikTok’s global chief security officer, Roland Cloutier, added: “Transparency is core to TikTok’s business and brand. We deliver transparency on everything from content moderation to our bug bounty programme, so our users are free to innovate and fulfil our mission of inspiring creativity, and bringing joy.

“We know the best way to keep our global TikTok community safe and secure is by inviting the disclosure of potential vulnerabilities, so we can quickly eliminate them.”

HackerOne’s pledge drive comes off the back of a new research report, The corporate security trap: shifting security culture from secrecy to transparency, which found that 64% of organisations maintain a culture of “security through obscurity” and 38% are opaque about how they “do” security.

A majority of security professionals also tended to feel they struggled to build a positive security culture within…

Source…

Russia Arrests REvil Ransomware Gang Responsible for High-Profile Cyber Attacks

/in


REvil Ransomware

In an unprecedented move, Russia’s Federal Security Service (FSB), the country’s principal security agency, on Friday disclosed that it arrested several members belonging to the notorious REvil ransomware gang and neutralized its operations.

The surprise operation, which it said was carried out at the request of the U.S. authorities, saw the law enforcement agency conduct raids at 25 addresses in the cities of Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk regions that belonged to 14 suspected members of the organized cybercrime syndicate.

“In order to implement the criminal plan, these persons developed malicious software, organized the theft of funds from the bank accounts of foreign citizens and their cashing, including through the purchase of expensive goods on the Internet,” the FSB said in a statement.

Automatic GitHub Backups

In addition, the FSB seized over 426 million rubles, including in cryptocurrency, $600,000, €500,000, as well as computer equipment, crypto wallets used to commit crimes, and 20 luxury cars that were purchased with money obtained by illicit means.

One of the most active ransomware crews last year, REvil took responsibility for high-profile attacks against JBS and Kaseya, among a string of several others. The U.S. government told Reuters that one of the arrested individuals was also behind the ransomware attack on Colonial Pipeline in May 2021, once again confirming REvil’s connections to another group called DarkSide.

REvil Ransomware

The group formally closed shop in October 2021 after the U.S. intervened to take its network of dark web servers offline. The next month, Romanian law enforcement authorities announced the arrest of two individuals for their roles as affiliates of the REvil ransomware family, even as the U.S. charged a 22-year-old Ukrainian citizen linked to the ransomware gang for orchestrating the Kaseya ransomware attack.

All those detained have been charged with “illegal circulation of means of payment,” a criminal offense punishable by up to six years in prison. The suspects weren’t named, but Reuters noted that a Moscow court identified two of the men as Roman Muromsky and Andrei Bessonov.

Prevent Data Breaches

The crackdown also comes as threat actors likely affiliated with…

Source…

US bans iPhone hacking firm NSO Group responsible for Pegasus attacks

/in




iPhone Hacking

© Provided by BGR
iPhone Hacking

The NSO Group is an Israel-based security firm dealing in hacking tools that law enforcement agencies use to hack smartphones. The company came under fire earlier this year. Security researchers found that attackers used the Pegasus family of hacking programs to target individuals. The Pegasus hack allowed nation-states to spy on iPhones without user knowledge via sophisticated attacks that leave no trace. A New York Times journalist recently detailed his experience with the hack. He explained that he had no way of knowing who hacked him or what they had stolen. All he knew was that they got into his iPhone. The NSO Group denied the reports every step of the way.

NSO’s denials apparently weren’t enough to convince the US government, though. The US has now placed the Israeli company on the infamous entity list. As a result, the NSO Group can’t do any business with American companies, whether on the hardware or software side.

More Amazon Deals from BGR

The US ban

The US announced on Wednesday that it added four companies to the entity list, including NSO Group. Israeli surveillance company Candiru is also on the list. Russia’s Positive Technologies and Singapore’s Computer Security Initiative Consultancy are the others. Both trafficked in hacking tools that threaten “the privacy and security of individuals and organizations worldwide.”

The commerce department said the new additions to the entity list are part of the Biden administration’s “efforts to put human rights at the center of US foreign policy, including by working to stem the proliferation of digital tools used for repression.” Here’s the part that concerns the NSO Group:

NSO Group and Candiru (Israel) were added to the Entity List based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers. These tools have also enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists outside of their sovereign…

Source…