Tag: fbi
Teenage super-hackers attack airlines
The US Federal Bureau of Investigation (FBI) last week issued a warning on X that the cybercriminals responsible for the recent devastating cyber-attacks on the UK retail sector are now targeting the airline sector on both sides of the Atlantic. Hard on the heels of the FBI’s warning came the news that the Qantas airline has suffered a major cyber-attack, affecting more than six million customers and likely resulting in the “significant” theft of personal information. Qantas confirmed the data breach Wednesday morning, alerting customers to a cyber incident affecting a third-party platform used by an airline contact center.
Bogus IT workers are defrauding US businesses
The US government has seized over $7.74 million in illegal funds, allegedly siphoned off by illegitimate North Korean Information Technology (IT) workers for the benefit of the North Korean government. The US Department of Justice (DOJ) has filed a civil forfeiture complaint alleging that the IT workers secured employment in the US illegally, racking up millions of dollars in cryptocurrency and bypassing US sanctions placed against North Korea. According to the US Federal Bureau of Investigation (FBI), the use of North Korean IT workers to defraud the US is now taking place on a massive scale.
Russian Authorities Arrest FBI’s Most Wanted Hacker
The FBI’s most wanted hacker, Mikhail Pavlovich Matveev, dubbed the “Moriarty” of cybercrime, has finally been arrested by Russian authorities. Described by the FBI as a “prolific” cybercriminal, Matveev has had a $10 million bounty on his head for any information leading to his arrest since 2023. The arrest is a turning point on the part of the Russian authorities, as cybercriminals have long seen Russia as a safe haven. According to intelligence sources, this could either represent an attempt to try and legitimize the Russian economy or an indication that the state is taking back control of cyber-attacks on Western economies.
Cybercriminals pose as law enforcement agencies
The US Federal Bureau of Investigation (FBI) has issued an urgent warning to business and law enforcement agencies that cybercriminals are using genuine stolen US and foreign government email addresses to hack into companies. As of August this year, the FBI has observed an increase in posts on criminal forums relating to fraudulent emergency data requests. In August 2024, a cyber-criminal known to the FBI offered for sale, “High Quality .gov emails for espionage/social engineering/data extortion requests, etc”, that included official US credentials. The cyber-criminals also offered to guide buyers through emergency data requests and to sell real stolen subpoena documents to allow the buyer(s) to pose as law enforcement officers.
German Intelligence warns of Russian cyber-attacks
The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020. Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.
Feds bust $100m online drugs market ‘Pharoah’
On Saturday, US authorities arrested a 23-year-old Taiwanese man alleged to have operated and owned the infamous ‘Incognito’ dark web drug-dealing website. “Drug traffickers who think they can operate outside the law on the dark web are wrong,” said Attorney General Merrick B. Garland. “As alleged, Rui-Siang Lin was the architect of Incognito, a $100 million dark web scheme to traffic deadly drugs to the United States and around the world. The long arm of the law extends to the dark web, and we will bring to justice those who try to hide their crimes there,” commented Attorney General Merrick B. Garland yesterday.
91% of Orgs Report Use of Gen AI for Cybersecurity – May 1st
Splunk reported that 91% of organizations reported the use of Generative AI for specific cybersecurity usage. The report “State of Security 2024: The Race to Harness AI” also disclosed that 93% of security leaders said public Gen AI was in use across their respective organizations, among other insightful statistics on Gen AI's impact on cybersecurity.
UK Government Launches Updated Cyber Regulations – April 29th
As a testament to the UK's £2.6 billion National Cyber Strategy, the UK Government has proactively launched regulations to safeguard UK consumers and businesses from cyber-attacks. The updated regulations now mandate that manufacturers of consumer electronics adhere to minimum security standards. Additionally, consumers are prohibited from using easily guessable default passwords, a measure aimed at bolstering their personal cyber security.
CISA Warns of “Volt Typhoon” Group Targeting Critical Infrastructure – March 21st
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the Chinese-linked "Volt Typhoon" group, which is targeting critical infrastructure. The CISA warning, issued in collaboration with the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), confirmed the recent critical infrastructure attacks initiated by “Volt Typhoon” and the group's tactics and motives.
Ransomware is evolving into protection rackets
There is growing evidence that ransomware gangs are rapidly evolving into full-scale protection rackets. Ransomware gangs are increasingly returning to fleece their victims multiple times, even after the ransom has been paid. “Despite most victims agreeing to pay the ransom, less than half who did get their systems and data back uncorrupted. And most were breached again within a year,” says security company Cybereason’s report Ransomware: the true cost to business 2024. All of the 1008 enterprise IT professionals surveyed had been breached at least once in the past 24 months. While 84 percent paid the ‘ransom’, only 47 percent got their data and services back intact. But this new generation of ransomware attacks frequently do not stop – even once the ransom is paid. An astonishing 78 percent were breached again and 63 percent were asked to pay more the second time. In 36 percent of the cases, the second attack was carried out by the same gang that conducted the first.
Cyber-gangs to launch media offensive in 2024
Cybercrime, which has become a multi-trillion-dollar industry over recent decades, became increasingly sophisticated during 2023, with criminal groups now adopting many of the business practices used by legitimate enterprises. According to a new report from cybersecurity firm, Sophos, leading ransomware gangs now increasingly employ their own internal HR and PR departments. Far from shying away from the media, as criminals always have in the past, some ransomware gangs have been swift to seize the opportunities it affords them. Some regularly issue press releases and take great pains to forge relationships with individual journalists using the same PR methods as those employed by legitimate corporations. Threat actors also offer Frequently Asked Questions (FAQs) and answers for journalists visiting their leak sites, encouraging reporters to get in touch, give in-depth interviews, and recruit writers, reports Sophos.
EU Cybersecurity Drill Tests Readiness for 2024 Elections – November 22nd
In preparation for the 2024 elections, the European Parliament's services, the European Commission, and the EU Agency for Cybersecurity conducted a cybersecurity exercise. The drill, held in the European Parliament, involved national and EU partners testing crisis plans and responses to potential cybersecurity incidents. Representatives from electoral and cybersecurity authorities participated, aiming to enhance their capacity to address cybersecurity issues and update protocols for securing election technology. The exercise addressed risks such as information manipulation and cyber-attacks, crucial for safeguarding the integrity of the upcoming European Parliament election scheduled for June 6-9, 2024.