Hackers launched “a sustained and determined attack” on the UK Parliament’s computer network to breach parliamentary emails protected by weak passwords, joining the list of hacked governments.
Approximately 90 accounts were affected. The victims will be contacted and further investigations will reveal if any data has been lost.
“On 24 June we discovered unauthorized attempts to access accounts of parliamentary networks users and are investigating this ongoing incident, working closely with the National Cyber Security Centre,” reads the release.
“Investigations are ongoing, but it has become clear that significantly fewer than 1% of the 9,000 accounts on the parliamentary network have been compromised as a result of the use of weak passwords that did not conform to guidance issued by the Parliamentary Digital Service.”
After attacks on Germany, France, Norway and the US, over 10,000 MPs, parliamentary staff and members of the House of Lords were warned they may receive blackmail threats and were advised to immediately change passwords to their email accounts. Once the attack was detected, all email accounts were briefly blocked and users couldn’t access emails outside Westminster.
“Sorry no parliamentary email access today – we’re under cyberattack from Kim Jong Un, (Vladimir) Putin or a kid in his mom’s basement or something…,” wrote on Twitter Conservative MP Henry Smith.
Although the identity of the attackers is unknown, inside sources said in interviews with The Times that “It was a brute force attack. It appears to have been state-sponsored.”
Koler ransomware is masquerading as fake adult-themed apps to infect unsuspecting Android users based in the United States.An infection begins when a user visits a suspicious adult-themed website. The attack campaign says the user must download an app for a popular adult site to view their desired content. But the app is a fake.Catalin Cimpanu of Bleeping Computer explains the nefarious deeds of the app:“Here, the fake… app would ask the user to allow the continuation of the installation process but would hijack the user’s tap and grant itself admin rights. This method, known as clickjacking, is quite common in today’s Android malware landscape.”With its newfound administrator rights, the app activates Koler, an Android-based threat which first appeared in 2014. Koler is known for displaying a police-themed message on infected devices that tells victims they must pay a fee for viewing pornographic content.Detected by ESET security researcher Lukas Stefanko, this campaign is no different.
Koler’s fake police notice. (Source: Bleeping Computer)Koler’s incorporation of the FBI into its notice means this offensive is likely targeting U.S. users. As seen in the image above, it demands US$500 from its victims.To protect themselves against this campaign, Android users should follow some basic mobile security principles. First, they should think carefully about which sites they want to visit. Second, they should exercise caution around downloading any type of file from an unknown source found on the web. Third, they should never allow app installations from unknown sources; they should only download programs from trusted developers on Google’s Play Store.In the event they suffer a ransomware infection, users should do everything in their power to not pay the ransom. That includes looking up ways to decrypt their files for free. For instance, victims in this campaign can remove the Android ransomware by booting their device into Safe Mode, removing the fake app’s administrator rights, and deleting the app.Android users should also back up their devices’ data on a regular basis and follow some of these ransomware prevention tips.
Today, the major threats facing every nation in the world are digital in nature. In response, most – if not all – countries implement serious measures to counter these threats and enhance the overall security of their networks.As such, securing cyberspace is a high priority today for every country’s administration, but not all of them. Some are more interested in jump-starting their economic efforts by stealing commercial intellectual property or subjecting a competitor to downtime from within the digital realm.These countries sometimes lack in technical expertise but they make up for it in malice. Shamoon’s use of Disttrack in November 2016 to destroy nearly 30,000 computers at an oil production company in Saudi Arabia is just one example of this. Alternatively, when they don’t wipe a computer, attackers oftentimes steal terabytes of confidential data and release it to the public.To deal with this growing threat, every country must leverage the forces of the market by motivating the private sector to make the sort of dynamic and continual investment required to secure companies’ diverse networks.Below are some recommendations I feel countries should incorporate into their cybersecurity strategies.RecommendationsEvery nation should pursue a cybersecurity policy that avoids an expensive and cumbersome regulatory approach. Instead, they should incorporate the key elements that will produce dynamic cybersecurity defenses. The key elements include the following:Undertaking Powerful International Cybersecurity EngagementA nation needs a comprehensive set of policies if it wants to take an active role in combating espionage and cybercrime. It must increase and continue coordination and cooperation with its friends and allies. Taking it one step further, it should lead the international efforts to persuade nations that utilizing cyberspace for malicious purposes either against their own people or other nations to change their policies is wrong.It must also respond to other nations’ aggressive cyber campaigns with economic and diplomatic measures designed to discourage cyber-aggression. State-sponsored, large scale cyber-espionage must be prevented by making the cost to bad actors unacceptably frustrating or large. The response should also include subjecting those that stole intellectual property and other information to criminal charges and other legal actions, curtailing visas for guilty parties and ceasing naive cooperation.Encourage and Allow the Development of an Effective and Valid Cyber-Insurance BusinessThe government must support the development of accountability standards – doing so could prove to be difficult but it could enhance the security activities and awareness if done with industry cooperation. As the liabilities and risks are better understood, the cybersecurity insurers could take the lead in building “actuary tables.”From these tables, they could vend the insurance on a risk-based model. The finer the security of a company, the lower it pays in premiums. The private sector would be pushed by market-driven solutions to invest in accurate levels of cybersecurity, thereby avoiding onerous and outdated government regulations.Protect the Cyber-Supply ChainAs the components of smartphones, tablets and computers are almost the same and other gadgets are made worldwide, it’s important to evaluate supply-chain operations, practices, and security methods. Perhaps a non-governmental organization could be established, one that could make its evaluations public and give grades to the supply-chain operation of a technology company.An organization could charge more for its products if it receives a very high grade. A buyer could take a chance with potentially less secure and less expensive items if he wanted to economize. Customers would be able to make informed decisions based on risk.Consider a Controlled and Specified Cyber Self-Defense AuthorityNowadays, an organization doesn’t know what its rights to self-protection against hackers really entail. What does an organization do if it is attacked? Call the local police or the FBI? Can an organization with strong capabilities fight back if it is attacked?No one wants the vigilantes rampaging about with no parameters or controls. In order to avoid that, legislation should create basic and restricted rules for self-defense only.Expand the Push for Training, Education, and Real AwarenessThis of greater security awareness effort must seek to end both hype and ignorance. Let people know the truth about cyber threats and provide them the tools they need to protect their businesses, their homes and, more importantly, themselves.This effort should reach every community in the country at all levels. Regular training should also occur regularly in every government entity and organization.Employ and Develop a Strong Cyber-WorkforceAnything we do in military, business and government can get affected by cybersecurity. Every nation needs to adjust certification and visa practices and promote science, technology, engineering and mathematics (STEM) to ensure that the brightest and best can utilize their skills to advance its security.This effort should also update the security clearances process and utilize the pools of talent the nation has in its hacker communities, businesses and military. Any law must enable this effort and encourage it by all possible means.
About the Author: Savaram Ravindra was born and raised in Hyderabad, popularly known as the ‘City of Pearls.’ He is presently working as a Senior Security Engineer at Tekslate.com and Mindmajix.com. His previous professional experience includes Security Engineer at Cognizant Technology Solutions. He holds a Masters degree in Nanotechnology from VIT University. He enjoys spending time with his friends. He can be contacted at [email protected]. Connect with him also on LinkedIn and Twitter.