now browsing by tag


#infosec | UK Government Brexit App Riddled with Flaws

Source: National Cyber Security – Produced By Gregory Evans A Home Office app intended for EU citizens to apply for UK residency lacks basic security, potentially exposing the passport and biometric information of over one million users, according to experts. Norwegian security firm Promon tested the EU Exit: ID Document Check application against common attack […] View full post on

#infosec | UK Government Spends £2M on Anti-Drone Projects

Source: National Cyber Security – Produced By Gregory Evans

The UK government is set to spend £1.8m developing anti-drone capabilities, as threats from the skies increase.

The Ministry of Defence’s Defence and Security Accelerator (DASA) this week announced funding for 18 projects, which will each receive around £100,000. Successful organizations included University College London, Thales UK, QinetiQ, Northumbria University and BAE Systems Applied Intelligence.

Projects include developing methods to detect 4G and 5G-controlled drones, AI sensors to automatically identify aerial vehicles and low-risk ways of stopping drones through electronic interception.

The first, proof-of-concept, phase will run until summer 2020 and will be followed by a second phase focused on maturing these projects into integrated solutions.

“The introduction of Unmanned Air Systems (UAS), often referred to as drones, has been one of the most significant technological advances of recent years and represents a shift in capability of potential adversaries,” explained competition technical lead, David Lugton.

“The threat from UAS has evolved rapidly and we are seeing the use of hostile improvised UAS threats in overseas theatres of operation. There is a similar problem in the UK with the malicious or accidental use of drones becoming a security challenge at events, affecting critical infrastructure and public establishments; including prisons and major UK airports.”

Drones famously forced hundreds of flights to be cancelled at London’s Gatwick Airport last Christmas, with tens of thousands of passengers stranded. In fact, the number of near-misses involving UAS in the UK soared by over a third from 2017 to 2018.

However, drones could also represent a growing threat not just to physical safety but also network security.

Just this week, defense contractor Booz Allen Hamilton warned that 2020 could see hackers use UAS as rogue access points — landing them in concealed places on corporate property while they harvest credentials, perform man-in-the-middle attacks against employees and carry out network reconnaissance.


#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity

Source link

The post #infosec | UK Government Spends £2M on Anti-Drone Projects appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | Ransomware attack delays government services in Nunavut, Canada

Source: National Cyber Security – Produced By Gregory Evans

A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files.

The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be unaffected is the Qulliq Energy Corporation, Nunavut’s only power utility.

With an estimated population that’s approaching 40,000, Nunavut is Canada’s northernmost territory, which split off from the Northwest Territories in 1999. Many of its inhabitants are Inuit.

“I want to assure Nunavummiut that we are working non-stop to resolve this issue,” said Nunavut Premier Joe Savikataaq in a government press release. “Essential services will not be impacted and the GN will continue to operate while we work through this issue. There will likely be some delays as we get back online, and I thank everyone for their patience and understanding.”

In an attempt to mitigate the incident, the territory is prioritizing the restoration of data to key services related to health, family services, education, justice and finance, the press release continues. Government officials expect that most files will ultimately be restored, thanks to their use of back-up files. While services continue to operate, some are running contingency procedures and conducting business manually, resulting in significant delays.

An FAQ page published on Nunavut’s official government website offered updates on the statuses of its departments.

For instance, Department of Health workers are currently relying on a paper-based system, while the territory’s MediTech health care software system remains inoperational. Health care facilities continue to operate, and patients scheduled for visits can keep their appointments, though they are asked to bring their health care cards and medications. Telehealth services, however are down and must be rescheduled.

Additionally, the Finance Department may be delayed in sending government employees and vendors their scheduled paychecks. Medical or duty travel payments and reimbursements are also impacted. Distribution of driver’s licenses and ID cards — a responsibility of the Department of Economic Development and Transportation (EDT) — is also impacted.

Networked phone services in the capital of Iqaluit are functional, but using direct dial only.

“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorithm,” the states the ransom note, which was obtained by the Canadian Broadcasting Corporation (CBC). The note instructs the victim to install the Tor browser and visit a link to a payment site. The attackers warn that the link expires in 21 days, at which point the decryption key will be deleted.

Brett Callow, company spokesperson at cybersecurity company Emsisoft, told SC Media in emailed comments that the ransomware note matches that of a ransomware called DoppelPaymer, which is often distributed via the Dridex banking trojan. Victims are often infected with Dridex when they open a phishing email attachment, he added.

In the Nov. 4 press release, Nunavut officials said they responded to the attack by “isolating the network, notifying cybersecurity experts and working with our internet software providers.”

“It is difficult to estimate recovery timelines at this early stage,” the release continues.

“Ransomware attacks can have a much larger impact than temporarily denying access to systems in exchange for payment. The demanded ransom amounts often pale in comparison to the collateral damage and downtime costs they cause,” said Justin Des Lauriers, technical project manager at Exabeam, in emailed comments. His colleague, Barry Shteiman, VP of research and innovation, added that “for cybersecurity teams to detect ransomware early enough in the ransomware lifecycle to stop it, they need to understand the business models used by ransomware network operators, the kill chain of a ransomware attack and how to detect and disrupt ransomware in corporate environments. Armed with this information, analysts should be able to react faster in the event their organization is hit with a ransomware infection.”

Original Source link

The post #cybersecurity | hacker | Ransomware attack delays government services in Nunavut, Canada appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Government to include cybersecurity education in school curricular

Source: National Cyber Security – Produced By Gregory Evans

General News of Tuesday, 22 October 2019



Ursula Owusu Ekuful, Minister Of CommunicationsUrsula Owusu-Ekuful, the Minister of Communications

Government has said that it would incorporate cybersecurity education into the basic and senior secondary schools in Ghana as part of an agenda to build capacity of citizenry in tackling cybersecurity.

President Nana Addo Dankwa Akufo-Addo said this in a speech read on his behalf by Mr Ambrose Dery, the Minister of the Interior, at the opening of the National Cyber Security Awareness Month 2019.

The President said, including cybersecurity education in the curriculum of basic and senior secondary education would help in building the capacity of citizens from an early stage and take the efforts made during the awareness month a step further.

The National Cyber Security Awareness Month 2019 is being celebrated on the theme: “Demonstrating Ghana’s Cybersecurity Readiness” and spans from October 21 to 30 in Accra.

He said Ghana would continue to look up to other countries which had made great strides in cybersecurity to ensure regional and international collaboration in her journey towards achieving cybersecurity maturity, as part of the country’s digital strategy.

President Akufo-Addo said his government had undertaken a number of initiative that serve as testament to the fact that Ghana had made notable progress and development in the area of cybersecurity and that “We do not plan to rest in a state of complacency, but rather vow to do more”.

He said the Country had ratified the African Union Convention on Cyber Security and Personal Data Protection also known as the “Malabo Convention”, and the Council of Europe’s Convention on Cybercrime, popularly referred to as the “Budapest Convention”.

He said “these conventions would enhance our cooperation with other countries at the policy, technical and operational levels in dealing with cybercrime.”

The President said to secure the country’s digital journey, the government had tasked the National Cyber Security Centre, through the Ministry of Communications, to ensure the security of Ghana’s digital space.

“I am reliably informed that, Ghana’s National Cybersecurity Policy and Strategy (NCPS) have been reviewed to reflect current cybersecurity developments and are consistent with international best practices,” he said.

Mrs Ursula Owusu-Ekuful, the Minister of Communications, said the country was no exception to cyber-attacks, especially as government was poised at improving the digital space, adding that, everyone who used any electronic device was a potential victim of cyber attack.

She said digitalization held many opportunities for the nation, especially in the areas of job creation, hence the need for every government agency and the private sector to support the agenda of building a strong digital economy.

Mrs Owusu-Ekuful said as the country hosts the secretariat of the African Continental Free Area (AfCFTA) Agreement, there were numerous opportunies that would be presented to businesses and individual citizens.

She, however, said hosting the AfCFTA Secretariat was a wake-up call for all and sundry to support the agenda of securing the digital space to protect everyone from cyber attacks.

The Minister said by 2020, all government payments systems would be done electronically and that also called for securing the cyberspace.

Source link

The post #nationalcybersecuritymonth | Government to include cybersecurity education in school curricular appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Open database leaked 179GB in customer, US government, and military records

Source: National Cyber Security – Produced By Gregory Evans

Govt officials confirm Trump can block US companies from operating in China
The US president has not made an order as yet, only requesting for US companies to move out of China.

An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. 

On Monday, vpnMentor’s cybersecurity team, led by Noam Rotem and Ran Locar, said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group. 

Autoclerk is a reservations management system used by resorts to manage web bookings, revenue, loyalty programs, guest profiles, and payment processing. 

In a report shared with ZDNet, the researchers said the open Elasticsearch database was discovered through vpnMentor’s web mapping project. It was possible to access the database, given it had no encryption or security barriers whatsoever, and perform searches to examine the records contained within. 

The team says that “thousands” of individuals were impacted, although due to ethical reasons it was not possible to examine every record in the leaking database to come up with a specific number. 

Hundreds of thousands of booking reservations for guests were available to view and data including full names, dates of birth, home addresses, phone numbers, dates and travel costs, some check-in times and room numbers, and masked credit card details were also exposed. 

See also: Citizen Lab: WeChat’s real-time censorship system uses hash indexes to filter content

Data breaches are a common occurrence and can end up compromising information belonging to thousands or millions of us in single cases of a successful cyberattack. 

What is more uncommon, however, is that the US government and military figures have also been involved in this security incident. 
It appears that one of the platforms connected to Autoclerk exposed in the breach is a contractor of the US government that deals with travel arrangements. 

vpnMentor was able to view records relating to the travel arrangements of government and military personnel — both past and future — who are connected to the US government, military, and Department of Homeland Security (DHS).

Within the records, for example, were logs for US Army generals visiting Russia and Israel, among other countries.

CNET: California proposes regulations to enforce new privacy law

Autoclerk facilitates communication between different hospitality platforms, and it appears that a substantial portion of the data originated from external platforms. In total, the database — hosted by AWS — contained over 179GB of data.

At the time of writing it has not been possible to track the overall owner of the database due to the “number of external origin points and sheer size of the data exposed,” the team says.  

The United States Computer Emergency Readiness Team (CERT) was informed of the leak on September 13 but did not respond to the researcher’s findings. 

vpnMentor then reached out to the US Embassy in Tel Aviv, and seven days later, the team contacted a representative of the Pentagon who promised swift action. Access to the database was revoked on October 2. 

TechRepublic: Financial industry spends millions to deal with breaches

“The greatest risk posed by this leak is to the US government and military,” the team says. “Significant amounts of sensitive employee and military personnel data could now be in the public domain. This gives invaluable insight into the operations and activities of the US government and military personnel. The national security implications for the US government and military are wide-ranging and serious.”

ZDNet has reached out to US-CERT and affected parties and will update when we hear back.

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Source link

The post #hacking | Open database leaked 179GB in customer, US government, and military records appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Government hacking needs to b…

Source: National Cyber Security – Produced By Gregory Evans