Author Archives: Tonya Riley

Major German fuel storage provider hit with cyberattack, working under limited operations

Posted on by

A cyberattack struck major German oil storage company Oiltanking GmbH Group on Sunday, the company confirmed to CyberScoop in a statement. The cyberattack affected the IT systems of Oiltanking as well as the mineral oil trade company Mabanaft, German news outlet Handelsblatt first reported. Both companies belong to the Hamburg-based Marquard & Bahls group, one of the world’s largest energy supply companies. The attack shut down the oil tank company’s IT systems, according to a statement by the company’s head of corporate communications, Claudia Wagner. Oiltanking’s German subsidiary which operates all terminals in Germany is operating at limited capacity. Oiltanking’s global operations were not affected. “We are working to solve this issue according to our contingency plans, as well as to understand the full scope of the incident,” Wagner wrote to CyberScoop in an email. “We are undertaking a thorough investigation, together with external specialists and are collaborating closely with […]

The post Major German fuel storage provider hit with cyberattack, working under limited operations appeared first on CyberScoop.

Continue reading Major German fuel storage provider hit with cyberattack, working under limited operations

FTC says Americans are losing more money to social media fraud than ever before

Posted on by

Losses from fraud originating on social media skyrocketed in 2021, according to data the Federal Trade Commission released Thursday. More than 95,000 individuals reported losses totaling $770 million as a result of fraud initiated on social media. That number is up from $258 million in 2020 and just $42 million in 2017. Part of that growth has been driven by record losses to cryptocurrency scams. Investment scams made up 37% of all reported fraud losses originating on social media in 2021, according to Thursday’s report. Scammers have found a wide range of ways to dupe cryptocurrency investors, such as so-called “giveaway” scams where victims are told to send in money for a large investment return that never appears. Those scams have popped up quickly after surges in popularity of a new coin and even with focused efforts, social media platforms have struggled to stop them. The FTC in March 2021 […]

The post FTC says Americans are losing more money to social media fraud than ever before appeared first on CyberScoop.

Continue reading FTC says Americans are losing more money to social media fraud than ever before

ID.me CEO backtracks on claims company doesn’t use powerful facial recognition tech

Posted on by

Identity verification company ID.me uses a type of powerful facial recognition that searches for individuals out of mass databases of photos, CEO Blake Hall explained in a LinkedIn post on Wednesday. The post follows a news release from the company last week stating directly that: “Our 1:1 face match is comparable to taking a selfie to unlock a smartphone. ID.me does not use 1:many facial recognition, which is more complex and problematic.” Privacy advocates say that both versions of facial recognition pose a threat to consumers. In addition to numerous studies demonstrating the technology is less effective on non-White skin tones, amassing biometric data can prove a huge security risk. “Governments and companies are amassing these databases of your personal biometric information, which unlike databases, of credit cards, cannot be replaced,” explained Caitlin Seeley-George, campaign director at nonprofit Fight for the Future. “And these are databases that are highly targeted […]

The post ID.me CEO backtracks on claims company doesn’t use powerful facial recognition tech appeared first on CyberScoop.

Continue reading ID.me CEO backtracks on claims company doesn’t use powerful facial recognition tech

APTs quiet ahead of Beijing games, but financially motivated hackers are still lurking, research says

Posted on by

State-sponsored hacking groups have been uncharacteristically quiet leading up to the Olympic Games next month in Beijing. Researchers say there’s one big reason why: No one wants to get on the bad side of China. “Disruptive Russian, Iranian, and North Korean state-sponsored cyberattacks targeting the 2022 Winter Olympics are unlikely to manifest due to the close relationships those countries maintain with the host nation, China,” Recorded Future researchers write in a report on potential cybersecurity threats to the games released Wednesday. Although high-level attacks are unlikely, the Winter Games still present a target-rich environment for nation-state groups that focus on cyber-espionage, researchers say. And — as is typical for any large international event — cybercriminals also will be looking for opportunities to scam athletes, organizers, volunteers and fans during the Winter Games. Beware of SIM cards Advanced persistent threat (APT) groups from Iran and Russia, while unlikely to attack China […]

The post APTs quiet ahead of Beijing games, but financially motivated hackers are still lurking, research says appeared first on CyberScoop.

Continue reading APTs quiet ahead of Beijing games, but financially motivated hackers are still lurking, research says

Security fears over antitrust legislation raise looming questions about a federal privacy law

Posted on by

A bill designed to break up America’s largest tech companies could come with an inadvertent side effect, its critics are arguing: weakening Americans’ privacy and data security. Detractors of the “American Innovation and Choice Online Act,” including Apple and Google, are campaigning against the legislation, contending that it would limit how companies are able to protect users’ privacy and security. “These bills may compel us to share the sensitive data you store with us with unknown companies in ways that could compromise your privacy,” Google’s president of global affairs Kent Walker wrote in a blog post Tuesday. Allowing users to download apps straight from the internet means “millions of Americans will likely suffer malware attacks on their phones that would otherwise have been stopped,” Apple’s senior director of government affairs Timothy Powderly wrote in a letter to the Senate Judiciary Committee. The critiques are just a small part of the storm […]

The post Security fears over antitrust legislation raise looming questions about a federal privacy law appeared first on CyberScoop.

Continue reading Security fears over antitrust legislation raise looming questions about a federal privacy law

Large scale cyberattack halts Red Cross work reuniting families, exposes confidential data

Posted on by

A cyberattack compromised personal and confidential data on more than half a million people helped by at least 60 Red Cross and Red Crescent organizations around the world, the International Committee of the Red Cross announced Wednesday. The organization said the exposed information belonged to highly vulnerable groups, including families separated by conflict. “An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said Robert Mardini, ICRC’s director general. “This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.” International human rights organizations and nonprofits are popular targets for attackers. The United Nations confirmed in September it was hit earlier in the year by attackers that breached its infrastructure and accessed. The Red Cross has been a strong […]

The post Large scale cyberattack halts Red Cross work reuniting families, exposes confidential data appeared first on CyberScoop.

Continue reading Large scale cyberattack halts Red Cross work reuniting families, exposes confidential data

FCC wants to revamp data breach laws for telecom carriers

Posted on by

The FCC is exploring updating data breach laws for telecom carriers, the agency announced Wednesday. “Current law already requires telecommunications carriers to protect the privacy and security of sensitive customer information,” said FCC Chairwoman Jessica Rosenworcel. “But these rules need updating to fully reflect the evolving nature of data breaches and the real-time threat they pose to affected consumers.” One key change suggested in the proposal is eliminating the seven-business-day waiting period required of businesses before notifying customers of a breach. The proposed rule would also require carriers to report breaches to the FCC in addition to the FBI and U.S. Secret Service. Current FCC rules require that carriers over 5,000 or more customers notify the FCC of a data breach within seven days of discovery, while breaches affecting fewer than 5,000 customers must be reported no later than 30 days. The FCC proposal aims to “align the Commission’s rules […]

The post FCC wants to revamp data breach laws for telecom carriers appeared first on CyberScoop.

Continue reading FCC wants to revamp data breach laws for telecom carriers

CISA issues advisory on state-sponsored hacking amid Russia, Ukraine tension

Posted on by

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Tuesday advised cybersecurity professionals to be on alert for attacks from Russian state-sponsored hackers. The DHS warning, issued alongside the National Security Agency and the Federal Bureau of Investigation, singled out critical infrastructure as being especially at risk. Russian state-sponsored hackers have in the past been able to gain access to energy networks in the U.S. and abroad. Most notably, in 2015 and 2016, suspected Russian hackers launched cyberattacks against Ukrainian power sources, leading to severe outages. The advisory coincides with ongoing tension between the United States and Russia over Russia’s military buildup in Ukraine. The White House warned that the U.S. will take action if Russian troops enter the country. (The Kremlin has denied any plans to attack Ukraine.) Russian hackers previously went after state and local governments and aviation networks in early 2020, compromising networks and stealing data […]

The post CISA issues advisory on state-sponsored hacking amid Russia, Ukraine tension appeared first on CyberScoop.

Continue reading CISA issues advisory on state-sponsored hacking amid Russia, Ukraine tension

Feds’ spending on facial recognition tech continues unmitigated, despite privacy concerns

Posted on by

The FBI on Dec. 30 signed a deal with Clearview AI for an $18,000 subscription license to the company’s facial recognition technology. While the value of the contract might seem just a drop in the bucket for the agency’s nearly $10 billion budget, the contract was significant in that it cemented the agency’s relationship with the controversial firm. The FBI previously acknowledged using Clearview AI to the Government Accountability Office but did not specify if it had a contract with the company. The FBI didn’t respond to a request for comment, but it isn’t the only federal law enforcement agency to ramp up its procurement of privately-owned facial recognition technologies in recent months. In September, U.S. Immigration and Customs Enforcement spent almost $4 million on facial recognition technology from a company called Trust Stamp, as Business Insider first reported. The same month agency purchased a contract with Clearview AI starting at […]

The post Feds’ spending on facial recognition tech continues unmitigated, despite privacy concerns appeared first on CyberScoop.

Continue reading Feds’ spending on facial recognition tech continues unmitigated, despite privacy concerns

Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds

Posted on by

Cryptocurrency-based crime hit a new all-time high in 2021, researchers at Chainalysis said in a report published Thursday. According to the report, illicit addresses tracked by Chainalysis received $14 billion in deposits over the course of 2021, almost double the amount they collected in 2020. Rather than digital extortion, though, Chainalysis found it was actually cryptocurrency-related scams, namely investment-related fraud, and straight theft that saw the biggest jumps in 2021. Illicit revenue from scams rose by 82% in 2021 to $7.8 billion worth of cryptocurrency. Researchers attribute a large part of the growth to a boom in so-called “rug pulls,” a fraud scheme in which developers set up seemingly legitimate cryptocurrency projects with the intent to steal investors’ money and disappear. Of the over $2.8 billion lost to rug pull scams, roughly 90% can be attributed to an Istanbul-based exchange Thodex, whose CEO disappeared with users’ funds. But there are […]

The post Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds appeared first on CyberScoop.

Continue reading Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds