• chevron_right

      Sellafield apologises after guilty plea over string of cybersecurity failings

      news.movim.eu / TheGuardian · Thursday, 8 August - 18:19

    Nuclear site awaits sentencing over breaches that it admitted could have threatened national security

    Sellafield has apologised after pleading guilty to criminal charges relating to a string of cybersecurity failings at Britain’s most hazardous nuclear site, which it admitted could have threatened national security.

    Among the failings at the vast nuclear waste dump in Cumbria was the discovery that 75% of its computer servers were vulnerable to cyber-attacks, Westminster magistrates court in London heard.

    Continue reading...
    • chevron_right

      Microsoft Issues Report of Russian Cyberattacks against Ukraine

      news.movim.eu / Schneier · Thursday, 28 April, 2022 - 14:15

    Microsoft has a comprehensive report on the dozens of cyberattacks — and even more espionage operations — Russia has conducted against Ukraine as part of this war:

    At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set of priorities or actively coordinating. However, collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military functions and undermine the public’s trust in those same institutions.

    […]

    Threat groups with known or suspected ties to the GRU have continuously developed and used destructive wiper malware or similarly destructive tools on targeted Ukrainian networks at a pace of two to three incidents a week since the eve of invasion. From February 23 to April 8, we saw evidence of nearly 40 discrete destructive attacks that permanently destroyed files in hundreds of systems across dozens of organizations in Ukraine.

    • chevron_right

      Russian Cyberattack against Ukrainian Power Grid Prevented

      Bruce Schneier · news.movim.eu / Schneier · Wednesday, 13 April, 2022 - 16:27

    A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used.

    Key points:

    • ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company
    • The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks
    • The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems
    • We assess with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine
    • We assess with high confidence that the APT group Sandworm is responsible for this new attack

    News article .

    EDITED TO ADD: Better news coverage from Wired .

    • chevron_right

      White House Warns of Possible Russian Cyberattacks

      Bruce Schneier · news.movim.eu / Schneier · Tuesday, 22 March, 2022 - 14:57 · 1 minute

    News :

    The White House has issued its starkest warning that Russia may be planning cyberattacks against critical-sector U.S. companies amid the Ukraine invasion.

    […]

    Context: The alert comes after Russia has lobbed a series of digital attacks at the Ukrainian government and critical industry sectors. But there’s been no sign so far of major disruptive hacks against U.S. targets even as the government has imposed increasingly harsh sanctions that have battered the Russian economy.

    • The public alert followed classified briefings government officials conducted last week for more than 100 companies in sectors at the highest risk of Russian hacks, Neuberger said. The briefing was prompted by “preparatory activity” by Russian hackers, she said.
    • U.S. analysts have detected scanning of some critical sectors’ computers by Russian government actors and other preparatory work, one U.S. official told my colleague Ellen Nakashima on the condition of anonymity because of the matter’s sensitivity. But whether that is a signal that there will be a cyberattack on a critical system is not clear, Neuberger said.
    • Neuberger declined to name specific industry sectors under threat but said they’re part of critical infrastructure ­– a government designation that includes industries deemed vital to the economy and national security, including energy, finance, transportation and pipelines.

    President Biden’s statement . White House fact sheet . And here’s a video of the extended Q&A with deputy national security adviser Anne Neuberger.

    • chevron_right

      Including Hackers in NATO Wargames

      Bruce Schneier · news.movim.eu / Schneier · Friday, 29 January, 2021 - 18:03

    This essay makes the point that actual computer hackers would be a useful addition to NATO wargames:

    The international information security community is filled with smart people who are not in a military structure, many of whom would be excited to pose as independent actors in any upcoming wargames. Including them would increase the reality of the game and the skills of the soldiers building and training on these networks. Hackers and cyberwar experts would demonstrate how industrial control systems such as power supply for refrigeration and temperature monitoring in vaccine production facilities are critical infrastructure; they’re easy targets and should be among NATO’s priorities at the moment.

    Diversity of thought leads to better solutions. We in the information security community strongly support the involvement of acknowledged nonmilitary experts in the development and testing of future cyberwar scenarios. We are confident that independent experts, many of whom see sharing their skills as public service, would view participation in these cybergames as a challenge and an honor.