Tag Archive for: unit

Russian GRU unit Solntsepek responsible for Kyivstar hack, says Ukrainian intelligence

/in


Kyivstar, SBU cyber experts, government agencies and IT companies continue to restore network

Kyivstar, SBU cyber experts, government agencies and IT companies continue to restore network

The Solntsepek hacking group, which has claimed responsibility for hacking Kyivstar’s mobile network, is part of the Russian military intelligence agency the GRU, the Ukrainian Security Service (SBU) reported on Telegram on Dec. 13.

“We attacked Kyivstar because the company provides communications for the Ukrainian Armed Forces, as well as the government and law enforcement agencies of Ukraine,” Solntsepek claimed on one of its social media channels.

In its message, the group claimed it had destroyed 10,000 computers, more than 4 thousand servers, and all cloud storage and backup systems belonging to Ukraine’s largest mobile operator.

Kyivstar, SBU cyber experts, other government agencies, and IT companies are continuing to restore the network after the attack which left 24 million subscribers without mobile connection.

Read also: Overwhelming cyber-attack took out Ukraine’s largest mobile operator – Kyivstar Pres. explains how

Preliminary estimates suggest that landline internet may be restored today, the SBU said.

The SBU has opened a criminal investigation into the cyber-attack on Kyivstar.

Ukraine’s largest mobile operator Kyivstar experienced a major outage on the morning of Dec. 12, bringing the network down across the entire country. More than 12 hours later, company engineers are still unable to bring it back online.

Initially attributing the disruption to a technical glitch, Kyivstar later confirmed the outage was the result of a hacker attack.

Read also: Major banking platform Monobank experiences massive DDoS attacks following Kyivstar network outage

The Ministry of Digital Transformation subsequently stated that the malfunction had disrupted national roaming services but had not affected the national air raid alert system or the Kyiv metro.

“Kyivstar will definitely provide compensation to subscribers who were unable to use the operator’s services or had no connection,” the company stated. Kyivstar also apologized to subscribers for the temporary inconvenience and thanked them for their understanding.

Restoration efforts for Kyivstar subscribers are underway…

Source…

ICBC pumps funds into US unit after ransomware attack to pay US$9 billion for unsettled trades, hires cybersecurity firm

/in


ICBC’s US unit told market participants on Friday it was hoping to finish the cyber review over the weekend, but the sources said they expected it would spill into next week. Meanwhile, the bank is using manual processes to trade, they said.

The details, including the cash injection for unsettled trades, have not been previously reported.

The ransomware attack was claimed by cybercrime gang LockBit, a widely deployed ransomware first seen on Russian-language-based cybercrime forums in January 2020. It is the latest in a string of ransom demands by hackers this year.

Ransomware attack on ICBC unit disrupts US Treasury market trades

The cyberattack sent ripples through the US Treasuries market, where ICBC acts as a broker for hedge funds and other market participants, helping them trade in the securities. While the extent of disruption to market was limited, it brought into focus the resilience of a market that underpins global finance.

When the hack happened earlier this week, ICBC was unable to access its systems, leaving it temporarily owing BNY US$9 billion for unsettled trades, two of the sources said. The custody bank is the sole settlement agent for Treasuries.

The Chinese parent then injected capital into the US unit, allowing it to settle the trades and pay back BNY Mellon, the sources said. That has now happened, they said.

ICBC did not respond to a request for comment. ICBC Financial Services, the bank’s US unit, has said it was investigating the attack that disrupted some of its systems, and making progress toward recovering from it.

Industrial and Commercial Bank of China near Pudong South Road, Shanghai. ICBC says it hopes to complete the assessment of its systems as soon as this weekend after a ransomware attack. Photo: Future Publishing via Getty Images

ICBC’s representatives told market participants on a call organised by the Securities Industry and Financial Markets Association (SIFMA), a trade group, on Friday afternoon that they had hired a cybersecurity firm to do an assessment to ensure that its systems are safe, three sources familiar with the matter said.

ICBC said it hopes to be done as soon as this weekend, the sources said, noting that it could take longer,…

Source…

Infosys US unit reportedly affected by ransomware

/in


Ransomware attackers have reportedly targeted India-based IT consulting firm Infosys’ U.S.-based subsidiary McCamish Systems, The Times of India reports.

Infosys McCamish Systems, which provides platform-based life insurance, annuity, and retirement services, was confirmed by Infosys in a stock exchange filing to have had some of its applications and systems disrupted by a cybersecurity event, which online publication Cybersecurity Insiders noted to be a ransomware intrusion. Such an attack has been humorously suggested by some individuals over on Reddit to be conducted following former Infosys CEO Narayan Murthy’s statements calling for a 70-hour work week among the Indian youth, according to Cybersecurity Insiders. However, Infosys has yet to provide more details regarding the incident.

“Infosys McCamish Systems, an advocate for robust data protection and security, is actively implementing measures to mitigate the risks stemming from this incident,” said Cybersecurity Insiders. Such an attack comes after ransomware and phishing intrusions against IT firms Cognizant and Wipro in 2020 and 2019, respectively.

Source…

Is government’s anti-disinformation unit protecting or persecuting citizens? – PublicTechnology

/in


Government claims the Counter Disinformation Unit – accused of effectively spying on its own citizens – has played a key role in tackling Kremlin narratives, and will be important in election preparations

“The CDU uses publicly available data, including material shared on social media platforms, to develop an understanding of disinformation narratives and trends. It does not, and has never, monitored individuals and all data is anonymised wherever possible.”

This is how the government summarises the work and methods of its Counter Disinformation Unit (CDU). The unit is based in the Department for Science, Innovation and Technology and, in its current form, was “stood up” in the early weeks of the coronavirus crisis in spring 2020, with a remit to tackle false information about the pandemic circulating online.

Others have a different, and darker take on how the CDU goes about its business. Some of the fiercest recent criticism of the unit has come from close to the heart of government itself.

“To the best of our knowledge, the CDU undertakes its work in the absence of effective transparency, oversight, accountability mechanisms or due process,” said a letter sent last month to DSIT secretary Michelle Donelan by David Davis – the MP who formerly served as Brexit secretary and Conservative party chair.

As reported by the Telegraph, the missive, co-signed by Labour MP Bell-Ribeiro Addy and the Green party’s Caroline Lucas, added: “We call on you to suspend the CDU immediately and commission an independent review of its work, in order to ensure that the rights to freedom of expression and privacy are sufficiently protected.”

According to a report published earlier this year by the Daily Mail and campaign group Big Brother Watch, the MPs are just three among many citizens whose online posts have been flagged by government and military disinformation units – despite the posts, in some cases, containing no factual inaccuracies, but merely being critical of government policy.

The MPs’ concerns about the CDU’s lack of transparency, at least, seem difficult to refute. Government has repeatedly failed to provide basic operational…

Source…