CYBER ATTACK
Russia: The Godfather of state hacking?
Russia: The Godfather of state hacking? Once again, Russia is dubbed as the mastermind of hacking into other countries’ government bodies. Its latest accuser came from the German authorities, which traced a cyber-attack with “Russian origin” on its network.
Hans-Georg Maassen, head of Germany’s domestic intelligence agency told local media on Wednesday that there was “high likelihood” that the Russian government was behind the recent hack of many German foreign and defense ministries.
Maassen identified the cyber-attack as “advanced persistent threat” or (APT). Such cyberattack was considered to be very sophisticated in nature, often needing the concerted effort of a state to commence the operation. During the cyberattack, the hackers targeted the German IVBB computer network which was used to exchange documents labelled “for government use only,” but the spy chief clarified that the network did not carry highly classified documents.
However, the German spy chief cannot be 100% sure that the Russian government was involved the cyber-attack that hacked into network of German foreign and defense ministries on 28 February 2018.
Germany, a Hotbed for “state-sponsored” hackers?
Apparently, the hackers in the February cyber-attack were fishing for data related to EU-UK Brexit talks and negotiations of the European Union with Belarus and Ukraine. Thus, the outcome of the hack is hardly the usual for financial gains but portrayed a darker motive of obtaining information, probably for espionage purposes.
German’s intelligence agency reportedly gotten the wind of the cyber-attack by the time when the hackers started to steal some files. Then, the country’s spy agency believed that the group, Turla was behind the attack, but did not present any proof of the group doing. German investigators then linked the group Turla to the Russian government.
Flashback to a few years back, Germany’s lower house of parliament was a victim of cyber-attack in by the alleged APT28, a notorious Russian hacking group which was also believed to be behind the cyber-attack on U.S. Democratic National Committee ahead of the 2016 U.S. election.
Lesson from Estonia
Probably, Russia is no stranger to alleged state-sponsored attack. Its first victim may be the Baltic nation of Estonia back in 2007, where the country was in a political fight with Russia over proposed plan to remove a Soviet war memorial from a park in Tallinn.
The backlash of the moving a 6-foot-tall bronze statue then triggered a cyber-war on Estonia, where the Baltic nation was hit by three weeks of D-DoS (distributed denial of service) attacks.
At that time, Estonia was the one of the most wired nation on the planet, where virtual everything is done online from paying taxes to getting medical reports. Thus, the country’s government services and economic activity came almost to a standstill for one month.
Estonia then pointed the finger at Russia behind the cyberattack, only for Russia to deny the allegation. The full light of 2007 attack only came two years later in 2009, where a Kremlin-backed youth group Nashi, claimed responsibility for the attack.
Verdict
Cyber-attack is known for the anonymity and tracking the source of attack is sometime as hard as preventing the attack itself. Nowadays, most countries’ government services are made accessible online, therefore it is almost impossible not to suffer any cyber-attacks. The key here is on prevention, investment in cyber-security and stay to date with cyber-security trend.
BREAKING NEWS
Ransom attacks on high profile Instagram accounts
Ransom attacks on high profile Instagram accounts. There has been wave of attacks in which hackers demand bitcoin in order for the Instagram user to get their account back, they threaten to delete the account if the ransom isn’t paid.
There have been several victims of this attack, and they all claim to have received the same message from an attacker named “Pumpam”. The message lets the victim know that the hackers have possession of the account, and to email a particular address in order to start the recovery. It also mentions that the account will be deleted within 3 hours if there is no response.
Victims of the attack found that they could not recover the account through Instagram, as the account’s email address had been changed. This frustration and desperation to get possession of their accounts lead some users to pay the ransom. However, this wasn’t always successful, with some victims claiming that their account was still deleted.
Many of the victims feel let down by Instagram after they didn’t play an active role in helping them gain control of their accounts. Victims felt frustrated dealing with Instagram’s customer support when they only received generic responses to the issue, however this changed when vice’s tech arm Motherboard contacted Instagram about the issue and helped the users get possession back.
At present few details are known about the hacking campaign, including the hacker’s identities and where they are from. We urge Instagram users to be vigilant about their account security, make sure you have a secure password, that you back up your content in the event it is deleted, and don’t click on any nefarious looking links.
Photo by Katka Pavlickova on Unsplash
[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]
BREAKING NEWS
50 Million accounts exposed after Facebook security breach
50 Million accounts exposed after Facebook security breach. Facebook has revealed that almost 50 million of its users accounts were left exposed due to a security flaw. Facebook has more than two billion active monthly users, making security a high priority concern. The security breach has caused Facebook’s shares to drop by 3% on Friday, 28 September.
The breach was discovered this week, and is the latest controversy surrounding Facebook after British company Cambridge Analytica gained access to information of 87 million users, and the controversy surrounding disinformation in elections. However, this breach has been the largest in the company’s 14-year history.
Facebook has said the attackers exploited two bugs in the site’s “View as” feature. The feature, which was designed to give users a clearer view of their presence and more control over their privacy, allows users to check what information other people can see about them. The flaw allowed users to gain “access tokens” which allow access to accounts, through Facebook’s video-uploading program for birthday celebrations. Although it’s not yet known when the attack happened, it seems to occurred after the video-uploading program was introduced. Attacked attempted to harvest user’s personal identifiable information (PII). After the attack was discovered, Facebook forced 90 million users to log out. Facebook has not announced where in the world the 50 million users are.
There have been some major changes in Facebook’s security teams after its Chief Security Officer, Alex Stamos left in August this year for a teaching position at Stanford University. Facebook decided to split the team members so that security employees work within different teams across the company, in order to make security an innate part of Facebook.
Facebook’s data breach was a trending topic on Friday with users posting the breaking story as news outlets released it. User’s found that some of their posts were removed because Facebook’s algorithm saw them as suspicious activity or spam.
[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]
BREAKING NEWS
US Online Retail Company suffered a data breach affecting 6.5 million customers
US Online Retail Company suffered a data breach affecting 6.5 million customers. SHEIN debuted in 2008, and steadily grew to become one of the most acclaimed online women’s fashion stores. Their aim is to provide cutting edge fashion with an affordable price tag. The website primarily caters to women age 16-35, and is US based but ships to over 80 countries.
They recently discovered that their servers had been compromised by hackers in an attack that spanned from June 2018 until 22 August 2018 when the threat was recognised. Once SHEIN were away of the threat, they acted immediately, scanning the servers for weaknesses that were exploited and removed all possible back door entry points to the servers.
SHEIN have been selective with what information they have shared with the public; however we do know that email addresses and encrypted password information was obtained from the attack. We recommend that if you have an account with SHEIN, that you change your password as soon as possible, it is also good practise to use different passwords as often as you can, and make them complex, a password manager can help you keep track of your passwords.
The only promising news about this incident is that SHEIN don’t believe any payment card details were obtained by the hackers. However, SHEIN have enlisted an international forensic cyber security team to conduct a thorough investigation into the breach, and as a result will update users on their data if new information comes to light over the coming months.
If you do believe your payment card information has been compromised, the best thing to do is to contact your bank immediately, they will be able to issue a new card and enact any necessary security measures.
[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]
-
GAME REVIEW6 years ago
Top Hacking Simulator Games Every Aspiring Hacker Should Play: Part 1
-
DEALS6 years ago
Great Ethical Hacking Courses for Beginners
-
BREAKING NEWS6 years ago
US Online Retail Company suffered a data breach affecting 6.5 million customers
-
HACKING NEWS6 years ago
The APT attacks hitting East Asia
-
GAME REVIEW6 years ago
Hacknet Review
-
DEALS6 years ago
Music, Voice and Sound interface kits: What you need to know
-
GAME REVIEW6 years ago
Top Hacking Simulator Games Every Aspiring Hacker Should Play: Part 2
-
HOW TO7 years ago
How To Become an Ethical Hacker – Beginners Guide