Tag: united kingdom
Cybercriminals are now grooming US and UK teens
By adopting such Nineteenth-Century criminal grooming methods to the online world of the Twenty-First Century, today’s threat actors are effectively criminalizing an entire generation not to pick pockets but to rifle fat online crypto wallets instead. When the media reports that a nineteen-year-old hacker has been arrested at his parent’s house for a major hack, such as the one that recently occurred at Transport for London (TfL), the sinister cybercriminals who may have orchestrated the cyber-attack doubtless breathe a sigh of relief. “What the police should be asking in a case like is who has been grooming the teenage hacker and for how many years?” says Fraser Hay, CEO and co-founder of one-year-old UK start-up The Hacking Games, whose aim is to use online gaming, TV and other media to encourage teenagers away from a life of online crime and towards careers in ethical hacking.
Cyber gets physical at Expo ‘24
Chief executives frequently vie with one another for the spotlight when delivering key speeches at major conferences. But the most-talked-about address of the day, given to a packed auditorium at the International Cyber Expo in London’s Olympia showground, forbade any recording or photographing of his talk. He also insisted he be referred to only as “Paul F”. “Paul F”’s bashfulness became understandable when he explained that the UK’s National Protective Security Authority (NPSA), where he is head of physical security, is now part of Britain’s secret intelligence service MI5. His talk neatly summed up the central theme of the show by providing evidence that the difference between cybercrime and physical crime has become blurred to the point of invisibility. He asked the very relevant question of whether a small drone spying into a City office using a telescopic lens and an 8k camera to read the staff’s log-in details through the window is a physical or a cyber-crime.
London’s transport cyber-breach is spreading fast
A cyber-attack on the London transport system earlier this month was far more serious than initially reported and is rapidly spreading across the UK. It is also now ringing loud alarm bells on both sides of the Atlantic, particularly in light of the upcoming US elections in November. Transport for London (TfL) has now admitted that over 5,000 customers’ personal details and, in many cases, their financial details have been stolen. TfL added that the breach is also rapidly starting to affect services outside London. The London Underground, the UK capital’s vast underground rail network, like most European metros, has a touchpad automatic electronic payment system using prepaid plastic cards. London also allows travelers simply to use their visa or MasterCard on the touchpads at the London underground barriers. This means that organizations such as TfL have become repositories of millions of commuters’ financial details, making them a tempting target for small-time cyber crooks.
German Intelligence warns of Russian cyber-attacks
The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020. Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.
EU AI Act to act as a template for other regions
The European Union (EU) Artificial Intelligence (AI) Act, which came into effect earlier this month, is now set to act as a template for other regions, such as the US. The American government has already drafted an AI Bill of Rights, which aims to create a similar framework regulating AI. However, while governments are rightly concerned about the personal privacy aspect of the universal adoption of AI, some have a dangerously bullish view of the new technology’s potential. Despite a deluge of hilarious howlers, such as Google’s AI-driven images of African Vikings and American founding fathers, politicians anxious not to be left behind in the tech race swallowed Silicon Valley’s AI hype hook, line, and sinker.
Game over for European criminal botnet networks
An international operation coordinated by Europol has resulted in several arrests and the takedown of numerous cybercriminal networks. The operation focused on tackling the growing problem of the weaponization of botnets, which are strings of connected computers. Cybercriminal gangs use botnets to install droppers, a type of malicious software designed to install other malware, such as ransomware, onto a targeted system. Between 27 and 29 May of this year, Europol’s “Operation Endgame” targeted droppers, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and Trickbot. The actions focused on disrupting criminal services, making arrests, taking down criminal infrastructures, and freezing illegal proceeds.
New cyber threat from North Korea
Microsoft has identified a new North Korean threat actor, Moonstone Sleet. Also known as Storm-1789, Moonstone Sleet has set up fake companies and job opportunities to engage with potential targets and has even created a fully functioning computer game designed to trap the unwary. The potentially hostile nation-state of North Korea has long been suspected of resorting to cybercrime, targeting the West to fund its military build-up and commit ongoing cyber espionage against countries such as the US and the UK. But Moonstone Sleet is taking cyber-attacks on the West to new levels of sophistication, posing a threat to all organizations. Microsoft says Moonstone Sleet “uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives.”
Chinese Hackers Using ORB Networks to Evade Detection – May 23rd
Mandiant revealed that Chinese-linked state-backed hackers rely on operational relay box (ORBs) network proxy meshes to avoid detection for cyber espionage campaigns. For example, Mandiant pointed out that these advanced persistent threat actors (APTs) used ORBs for the 'SPACEHOP' critical vulnerability campaign earlier this year.
FBI takes down BreachForums -again!
The US Federal Bureau of Investigation (FBI) is investigating the criminal hacking forum BreachForums after taking down its website last week. This follows the announcement in February of the seizure of the LockBit ransomware gang’s extortion website. “From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc and run by ShinyHunters) was operating as a clear-net marketplace for cybercriminals to buy, sell, and trade contraband, including stolen access devices, means of identification, hacking tools, breached databases, and other illegal services,” says an FBI advisory.
US and UK call time on Silicon Valley
A clarion call has gone out on both sides of the Atlantic for digital technologies to be made secure by design rather than by default. At San Francisco’s RSA cyber conference earlier this month, Jen Easterly, the director of CISA, the US Cyber Defense Agency, called for software to be made far more secure. This week, Ollie Whitehouse, the CTO of the NCSC, the UK’s National Cyber Security Centre, also echoed her thoughts, demanding that the technology industry make its products more cyber-secure from the start.
SSCL named as breached MoD contractor
UK-based Shared Services Connected Limited (SSCL) has been named as the Ministry of Defence (MoD) contractor hacked by, according to senior government sources, China. British defense minister Grant Shapps has admitted that the personal and financial details of 272,000 service personnel were hacked by “a malign actor.” However, the breach is now being widely attributed to China, despite China’s dismissal of the allegations as “absurd”. But while the compromised payment system has now been taken offline, there are growing fears that the breach may not merely be confined to the MoD, as SSCL handle a number of UK government contracts. “We’re the largest provider of critical business support services for the Government, the UK Military & Veterans (MoD), Metropolitan Police Service, and the Construction Industry Training Board (CITB),” boasts SSCL on its website.
UK Government Launches Updated Cyber Regulations – April 29th
As a testament to the UK's £2.6 billion National Cyber Strategy, the UK Government has proactively launched regulations to safeguard UK consumers and businesses from cyber-attacks. The updated regulations now mandate that manufacturers of consumer electronics adhere to minimum security standards. Additionally, consumers are prohibited from using easily guessable default passwords, a measure aimed at bolstering their personal cyber security.