United Kingdom (U.K.) – Page 3

Iranian government-backed hackers target critical infrastructure with ransomware, US says

Posted on November 17, 2021 by Tim Starks

U.S., U.K. and Australian cyber agencies on Wednesday accused Iranian government-sponsored hacking groups of exploiting Microsoft and Fortinet vulnerabilities this year in a bid to deploy ransomware against critical infrastructure. The hackers are interested in taking advantage of known software flaws where they can, the agencies said. The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency in March, May and June saw Iranian “advanced persistent threat” groups capitalizing on Fortinet vulnerabilities, in one case for a server associated with a U.S. municipal government and in another involving networks associated with a U.S.-based hospital focused on children’s care. In October the hackers relied on a Microsoft Exchange ProxyShell vulnerability “to gain initial access to systems in advance of follow-on operations,” the subject of another recent CISA alert. “The Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including […]

The post Iranian government-backed hackers target critical infrastructure with ransomware, US says appeared first on CyberScoop.

Continue reading Iranian government-backed hackers target critical infrastructure with ransomware, US says→

Ransomware fueled record year for UK cyber response

Posted on November 17, 2021 by Tim Starks

The U.K. National Cyber Security Centre fought a record number of digital intrusions in the past year, the agency reported, driven by a surge in ransomware and hackers targeting the health care sector during the COVID-19 pandemic. Over a 12-month period ending in September, the agency responded to 777 incidents, a more than 7% increase, the center said in its Nov. 17 annual report. Ransomware kept the center busy, with officials handling the same number of incidents in the first four months of 2021 that it did in all of 2020, itself triple the number of incidents in 2019. That made ransomware the “most significant cyber threat facing the U.K. this year,” the report states. Still, businesses aren’t taking it seriously enough, National Cyber Security Centre CEO Lindy Cameron wrote. “In my view it is now the most immediate cyber security threat to U.K. businesses and one that I think […]

The post Ransomware fueled record year for UK cyber response appeared first on CyberScoop.

Continue reading Ransomware fueled record year for UK cyber response→

White House set to lead 30 nations in ransomware discussions, sans Russia

Posted on October 13, 2021 by Tim Starks

The White House on Wednesday and Thursday will convene meetings with representatives from more than 30 countries to discuss how to counter ransomware, leaving out the country the president most frequently criticizes for hosting gangs of hackers: Russia. “Participants will cover everything from efforts to improve national resilience, to experiences addressing the misuse of virtual currency to launder ransom payments, our respective efforts to disrupt and prosecute ransomware criminals and diplomacy as a tool to counter ransomware,” a senior administration official told reporters on Tuesday. The official didn’t specify why Russia didn’t get an invitation beyond unnamed “constraints.” The lack of an invitation this time “doesn’t preclude future opportunities for them to participate.” The U.S. also has other avenues for discussing ransomware with the Kremlin, the official said. The lack of an invitation for Russia exemplifies the tensions over when the U.S. might involve more adversarial nations in discussions over […]

The post White House set to lead 30 nations in ransomware discussions, sans Russia appeared first on CyberScoop.

Continue reading White House set to lead 30 nations in ransomware discussions, sans Russia→

Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront

Posted on September 27, 2021 by Tim Starks

A coalition of four nations — Australia, India, Japan and the U.S. — has committed to promoting cybersecurity standards and practices as one of their chief goals, in one of several recent moves from countries widely viewed as a counter to China in cyberspace and elsewhere. The group, which calls itself the Quad, held its first in-person gathering on Friday. when President Joe Biden hosted Prime Minister Scott Morrison of Australia, Prime Minister Narendra Modi of India and Prime Minister Yoshihide Suga of Japan at the White House. “Today, we begin new cooperation in cyberspace and pledge to work together to combat cyber threats, promote resilience and secure our critical infrastructure,” the group said in a joint statement. The group will hold more meetings between its leaders and collaborate with industry on improving in areas like the development of secure software, and building up cybersecurity workforces, according to a fact […]

The post Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront appeared first on CyberScoop.

Continue reading Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront→

UK government group that is relocating Afghan interpreters exposed their sensitive email addresses

Posted on September 22, 2021 by Jeff Stone

British government officials apologized after the U.K.’s Ministry of Defense exposed data about Afghan interpreters who worked with British troops in the Middle East, a slip that could have exposed the identities of people who are at risk of harassment and death. Email addresses belonging to more than 250 people who sought a move to the U.K. were exposed when a British defense official copied all the addresses in a single message, the BBC first reported. Email recipients could have opened the message to view the other names, and access profile pictures associated with interpreters. Afghan interpreters and their families have been the subject of intense focus for the Taliban, which has reportedly killed people who aided U.S. and British troops in the wake of the military pull out in August. The email in question was sent by the U.K.’s Afghan Relocations and Assistance Program team, the group leading an […]

The post UK government group that is relocating Afghan interpreters exposed their sensitive email addresses appeared first on CyberScoop.

Continue reading UK government group that is relocating Afghan interpreters exposed their sensitive email addresses→

European police hope Google ads will steer teenagers away from a life of hacking

Posted on April 27, 2021 by Shannon Vavra

European authorities are stepping up their efforts to intervene with teen hackers before they might break the law. In a series of programs launching this year, law enforcement officials are aiming to identify young people deemed at risk of committing crimes, and provide a metaphorical tap on the shoulder, Floor Jansen, a Dutch police officer involved in the creation of the programs, told CyberScoop. The program, called the Cyber Offender Prevention Squad (COPS), will target teenagers who exhibit behaviors that they may be flirting with the idea of criminal hacking with online warnings, said Jansen, the COPS team lead. To do so, COPS has since January been using Google AdWords to target teens with warnings that will pop up if they search for information on how to run a distributed denial-of-service attack, for instance, or how to conduct cybercrime, with the goal of informing kids that what they’re likely thinking […]

The post European police hope Google ads will steer teenagers away from a life of hacking appeared first on CyberScoop.

Continue reading European police hope Google ads will steer teenagers away from a life of hacking→

Rob Joyce named new NSA cybersecurity director

Posted on January 15, 2021 by Shannon Vavra

Rob Joyce, the National Security Agency’s special U.S. liaison officer at the U.S. Embassy in London, will replace Anne Neuberger as director in the agency’s Cybersecurity Directorate, the NSA announced Friday. The Biden transition team announced Wednesday that Neuberger will soon be joining the Biden administration as deputy national security adviser for cyber and emerging technology on the National Security Council (NSC). It was not immediately clear who would take on Joyce’s role as the NSA’s senior cryptologic representative in the U.K. Joyce has a long track record of working in cybersecurity leadership roles in the U.S. government. He previously served as senior advisor for cybersecurity strategy to the NSA director, and before that served as special assistant to the president and cybersecurity coordinator on the NSC at the White House. At the NSC Joyce was responsible for national and international cybersecurity strategy and policy for the government. His expertise in cyber-operations […]

The post Rob Joyce named new NSA cybersecurity director appeared first on CyberScoop.

Continue reading Rob Joyce named new NSA cybersecurity director→

UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached personal data

Posted on December 29, 2020 by Joe Warminsky

It’s been almost a year since an international sting took down WeLeakInfo, a site that marketed stolen personal data, but its alleged customers are still drawing the attention of law enforcement. The U.K.’s National Crime Agency says that 21 people have been arrested across the country recently for using data purchased on WeLeakInfo for criminal activity, including hacking and fraud. “Of those 21 arrested — all men aged between 18-38 — nine were detained on suspicion of Computer Misuse Act offences, nine for Fraud offences and three are under investigation for both,” the agency said in a Dec. 25 release. The operation began Nov. 16 and will continue into next year, the agency said. Some WeLeakInfo users are being threatened with legal action rather than arrested outright. “A further 69 individuals in England, Wales and Northern Ireland aged between 16-40 were visited by Cyber Prevent officers, warning them of their potentially […]

The post UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached personal data appeared first on CyberScoop.

Continue reading UK arrests suspects tied to WeLeakInfo, a site shuttered for selling breached personal data→

Manchester United attack illuminates the cyberthreats facing an overlooked sports sector

Posted on December 1, 2020 by Sean Lyngaas

Manchester United, one of the wealthiest and most decorated soccer clubs in the word, is still recovering from a disruption of its computer systems that it revealed 11 days ago. Beyond a statement blaming “organized cybercriminals” for the incident, the club has declined to comment on who was behind the breach or whether it involved ransomware. The club said it took “swift action to contain the attack” and worked with outside security experts to minimize disruption to its IT systems. But the incident speaks for itself in some ways. It’s a stark reminder that major sports franchises have a target on their backs from cybercriminals, even if regulators and the press don’t apply the same amount of scrutiny to data protection strategies in athletics as in other sectors, like energy and finance. “We’ve seen more and more football clubs and other high-profile sporting businesses targeted by things like ransomware,” said Ciaran Martin, who until August headed the […]

The post Manchester United attack illuminates the cyberthreats facing an overlooked sports sector appeared first on CyberScoop.

Continue reading Manchester United attack illuminates the cyberthreats facing an overlooked sports sector→

UK bill proposes stiff fines for companies that violate Huawei ban

Posted on November 24, 2020 by Joe Warminsky

The U.K. government is proposing big penalties for companies that fail to comply with telecommunications security requirements aimed at keeping technology from Huawei out of the country’s new high-speed networks. Legislation proposed Tuesday by Prime Minister Boris Johnson’s government would levy fines of as much as 100,000 pounds ($134,000) per day if companies don’t meet deadlines for new security requirements. The bill essentially would codify a decision by Johnson this summer to ban Huawei from the U.K.’s 5G and fiber optics networks because of security concerns. The U.S. had pressured Britain to block Huawei over its alleged ties to the Chinese state. The Trump administration has continued to expand restrictions on the company as the U.S. and China continue to battle over trade rules, internet policy and other tech issues. Huawei has denied it spies on customers at the behest of the Chinese government. The legislation clarifies what is expected […]

The post UK bill proposes stiff fines for companies that violate Huawei ban appeared first on CyberScoop.

Continue reading UK bill proposes stiff fines for companies that violate Huawei ban→