From an army of volunteers to EU and Nato teams, the variety of online actors working for the cause is unprecedented

As the conflict in Ukraine escalates, expert cyber-watchers have been speculating about the kind of cyber-attacks that Russia might conduct. Will the Kremlin turn off Ukraine’s power grid, dismantle Ukraine’s transport system, cut off the water supply or target the health system? Or would cybercriminals operating from Russia, who could act as proxies for the Russian regime, conduct these activities?

Over the past decade, Ukraine has experienced many major cyber-attacks, most of which have been attributed to Russia. From election interference in 2014, which compromised the central electoral system and jeopardised the integrity of the democratic process; to a hack and blackout attack in a first-of-its-kind fully remote cyber-attack on a power grid in 2015, resulting in countrywide power outages; to one of the costliest malicious software attacks, NotPetya, in 2017, which significantly disrupted access to banking and government services in Ukraine and, subsequently, spilled over to France, Germany, Italy, Poland, Russia, the UK, the US and Australia.

Joyce Hakmeh is a senior research fellow for the International Security Programme at Chatham House. Esther Naylor is a research analyst at the International Security Programme

Continue reading…

from Data and computer security | The Guardian https://ift.tt/d5sit6U
via IFTTT

UK government and banks on alert for new form of malware said to have infected hundreds of machines

• Russia-Ukraine crisis: live news

Cyber experts have identified a new strain of computer-disabling malware unleashed on Ukrainian targets as part of Russia’s offensive, as the UK government and banks said they were on alert for online attacks.

Russia has been widely expected to launch a cyber assault alongside its military campaign and the run-up to theinvasion of Ukraine was marked by the deployment of a “wiper” virus. A distributed denial-of-service (DDoS) attack, which paralyses websites by bombarding them with spurious information requests, also hit Ukrainian government sites.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/dIoKDNQ
via IFTTT

Police have been accused of spying on at least 26 individuals who are not criminal suspects

An inquiry into allegations that Israel’s police force systematically hacked into the mobile phones of Israeli citizens has found that while the police did use NSO Group’s controversial Pegasus malware, there is no evidence suggesting illegality.

In a series of explosive reports over the last two months, the local financial daily newspaper Calcalist accused the police of spying on at least 26 individuals who were not criminal suspects. Those named included politicians, protesters, and members of the former prime minister Benjamin Netanyahu’s inner circle – claims Netanyahu used to delay proceedings in his corruption trial.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/i6Cly1b
via IFTTT

Britain, the US and Australia point to growth in ‘sophisticated, high-impact ransomware incidents’

There have been further increases in “sophisticated, high-impact ransomware incidents” coming from Russia and other former Soviet states during 2021, Britain, the US and Australia said in a joint review of cyber-extortion trends.

Universities and schools were one of the top sectors targeted in the UK last year, the National Cyber Security Centre (NCSC) said, as well as businesses, charities, law firms plus councils and the NHS. Hackers are increasingly offering services or exploits “for hire”.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/y5bqAkx
via IFTTT

With KP Snacks the latest cyber-attack victim, firms must learn to defend themselves against a mounting menace

The January snow lay thick on the Moscow ground, as masked officers of the FSB – Russia’s fearsome security agency – prepared to smash down the doors at one of 25 addresses they would raid that day.

Their target was REvil, a shadowy conclave of hackers that claimed to have stolen more than $100m (£74m) a year through “ransomware” attacks, before suddenly disappearing.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/xesf04S
via IFTTT

Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs

A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.

Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/31hwiQG
via IFTTT

Opposition leader Donald Tusk calls for inquiry after watchdog says rivals were targeted by Pegasus spyware

Polish opposition leader Donald Tusk said on Tuesday reports that the government spied on its opponents represented the country’s biggest “crisis for democracy” since the end of communism.

A cybersecurity watchdog last week said the Pegasus spyware had been used to target prominent opposition figures, with Polish media dubbing the scandal a “Polish Watergate”.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3z76Zxt
via IFTTT

Analysis of Kamel Jendoubi’s mobile phone reveals he was targeted in August 2019

The mobile phone of a UN-backed investigator who was examining possible war crimes in Yemen was targeted with spyware made by Israel’s NSO Group, a new forensic analysis of the device has revealed.

Kamel Jendoubi, a Tunisian who served as the chairman of the now defunct Group of Eminent Experts in Yemen (GEE)– a panel mandated by the UN to investigate possible war crimes – was targeted in August 2019, according to an analysis of his mobile phone by experts at Amnesty International and the Citizen Lab at the University of Toronto.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3EdCVkD
via IFTTT

Analysis of Kamel Jendoubi’s mobile phone reveals he was targeted in August 2019

The mobile phone of a UN-backed investigator who was examining possible war crimes in Yemen was targeted with spyware made by Israel’s NSO Group, a new forensic analysis of the device has revealed.

Kamel Jendoubi, a Tunisian who served as the chairman of the now defunct Group of Eminent Experts in Yemen (GEE)– a panel mandated by the UN to investigate possible war crimes – was targeted in August 2019, according to an analysis of his mobile phone by experts at Amnesty International and the Citizen Lab at the University of Toronto.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3EdCVkD
via IFTTT

A vulnerability has been exposed in Minecraft, the bestselling video game of all time – and the security implications outside the world of gaming are vast

In one of those delicious coincidences that warm the cockles of every tech columnist’s heart, in the same week that the entire internet community was scrambling to patch a glaring vulnerability that affects countless millions of web servers across the world, the UK government announced a grand new National Cyber Security Strategy that, even if actually implemented, would have been largely irrelevant to the crisis at hand.

Initially, it looked like a prank in the amazingly popular Minecraft game. If someone inserted an apparently meaningless string of characters into a conversation in the game’s chat, it would have the effect of taking over the server on which it was running and download some malware that could then have the capacity to do all kinds of nefarious things. Since Minecraft (now owned by Microsoft) is the best-selling video game of all time (more than 238m copies sold and 140 million monthly active users), this vulnerability was obviously worrying, but hey, it’s only a video game…

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3GWcjpQ
via IFTTT