Questions over how the PSNI deals with computer security have been raised after new figures revealed that the force recorded a data breach every two-and-a-half weeks on average last year.
It added: “We were subsequently made aware that some information available on the dark web could potentially be related to the incident and we immediately made a public announcement on [September 6] and contacted persons who may have been affected.”
Police said an investigation by the force’s cybersecurity and technology crime bureau was under way.
The Office of Privacy Commissioner for Personal Data on Tuesday said it had since received one inquiry from an affected individual. The privacy watchdog said it had launched a compliance investigation, but declined to go into further details.
The stolen data was available on the dark web, a hidden corner of the internet, but the tech hub did not mention the scale of the breach.
A ransomware group reportedly blackmailed Cyberport after hacking its computer system and stealing and encrypting the data. It demanded that a ransom of US$300,000 be paid by Tuesday to get back access to the data.
‘No system is invincible’: technology-related crimes in Hong Kong surge 47.3%
According to Cyberport, a sizeable amount of personal data was limited to individuals’ names and contact details, including phone numbers or email addresses.
Human resources-related data included identity card number, date of birth, social media accounts, and academic and bank account details, as well as health information.
Cyberport said it had engaged independent cybersecurity experts to investigate the incident and provide a remedy. The investigation and remediation were continuing.
The business park has 140 employees and is a base for 1,900 start-ups and tech companies.
The data breach was first disclosed earlier this month by cybersecurity information platform FalconFeedsio, which said on social media that ransomware group Trigona had added Cyberport to its victim list.
Hong Kong records sixfold rise in technology-based crimes in a decade
According to Palo Alto-based cyber-risk consultancy Unit 42, Trigona ransomware is relatively new and was first discovered by security researchers in late October 2022, with organisations involved in manufacturing, finance, construction, agriculture,…
Fraud Management & Cybercrime
,
Ransomware
Repeat Shakedown Tactic: Victims Told to Pay Up or Else They’ll Pay Massive Fines
Money is a great inducement to innovation. That includes – maybe especially so – ransomware groups whose attempts to squeeze dollars from data lead to no end of novel technical and business techniques.
See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense
Enter Ransomed, a group that only launched Aug. 15 but which has already made a name for itself by extorting victims with this threat: Pay us a ransom to stay quiet, or we’ll rat you out to your friendly neighborhood European privacy regulator. As a sweetener, the group tells victims that their ransom demand is only a fraction of the fines they’d pay for violating the EU’s General Data Protection Regulation for the data breach.
The group claims it targets large organization, demanding ransoms of between $53,000 to $215,000, which is far below what it says their GDPR penalty is likely to be, threat intelligence firm Flashpoint reported.
Whether or not any victims have chosen to take GDPR compliance or other legal advice from these stress-inducers remains unclear.
The same goes for victims of groups that have previously named-dropped GDPR in their ransom notes. Since 2022, that’s included post-Conti spinoff Alphv/BlackСat, joined this year by newcomers NoEscape and the Cloak extortion group, which has been tied to Good Day ransomware, reported threat intelligence firm Kela.
Like most ransomware groups, Alphv…
Malwarebytes launched WorldBytes, a next-generation mobile security application that takes the malware scanning technologies that customers know and love and applies them to the first frontier of human evolution: real life interactions.
Powered by Malwarebytes and AI technology, WorldBytes empowers users to use their mobile devices to scan the world around them and get real-time threat assessments of anything and everything – including questionable Tinder dates, the unlabeled sauce at the back of their fridge and their neighborhood cat. The responses, powered by ChatGPT, humorously explain the potential cyber risks lurking within.
“We’re proud of our powerful malware scanning engine and the peace of mind it gives users by stopping threats on their devices,” said Mark Beare, GM of Consumer, Malwarebytes. “We took that same idea and brought it to the physical world with WorldBytes. Users can reveal the hidden cyber threats around them in a humorous way, helping to make cybersecurity accessible and relevant for all.”
Malwarebytes believes that cybersecurity can be effective, yet simple and intuitive for users. A recently launched campaign, “Protection You Can Trust,” leverages humor again to make cybersecurity engaging and accessible for all.
The campaign’s first two films poke fun at some of the internet’s most notorious troublemakers and illustrate how — with just a few clicks in Malwarebytes — you can scan, clean and protect your device, shutting down cyber threats and scams.