Tag: Cybersecurity

ROYALS UNDER ATTACK Russian hackers dramatically target Royal Family days after King Charles condemned the war in Ukraine

RUSSIAN cyber criminals targeted the Royal Family yesterday — days after King Charles’s condemnation of the Ukraine war.

Hacktivist pro-Putin group KillNet said they brought down the royal.uk website for 90 minutes this morning ­— forcing Palace chiefs to scramble their cyber security experts.

Website royal.uk was targeted by pro-Russian group KillNet today, after royals like Kate have expressed support for Ukraine by carrying flowers in the coloursCredit: Getty
King Charles welcomes President Volodymyr Zelensky at Buckingham Palace in FebruaryCredit: Rex Features

A source said: “This was a denial of service attack which saw the site bombarded with traffic.”

Royal fans trying to log in saw the message “Gateway time-out error code 504”.

Soon after, KillNet bragged on messenger app Telegram that it was responsible.

And KillNet’s leader — KillMilk — boasted of his involvement on his personal blog 20 minutes after the site went down.

Palace chiefs said senior royals’ personal accounts weren’t hacked, nor sensitive information stolen.

But the ease with how the attack was executed will jolt the family.

Royals have been hugely supportive of Ukraine ever since Vladimir Putin’s forces invaded in February last year.

Two weeks ago, King Charles received a standing ovation in Paris when he blasted Russia’s “unprovoked aggression” and said “Ukraine must prevail”.

And in February he hosted President Volodymyr Zelensky at Buckingham Palace for talks.

Prince William travelled to Ukraine’s border with Poland this year to thank troops, while Prince Edward has visited Nato fighters on the border in Estonia.

Kate wore a dress in the blue and yellow of Ukraine’s flag at Eurovision, and also carried flowers in the colours.

Queen Elizabeth chose the same colours for duties before her death.

The family has even housed Ukrainian refugees.

Last year the Five Eyes intelligence alliance of the UK, US, Canada, New Zealand and Australia warned about KillNet.

Recently the group set up a private military hacking company called Black Skills.

KillNet is notorious for attacks on the websites of countries that support Ukraine.

A Distributed Denial of Service attack — its weapon of choice — involves sending thousands of connection requests to the target server or website a minute, slowing or stopping vulnerable systems.

Such attacks can lead to outages sometimes lasting days.

A royal source told The Sun: “It was not hacking because hacking is when the website is compromised and they gain access to the system.

“This was a denial of service attack which saw the site bombarded with traffic.”

The royals have bolstered cyber defences in recent years.

In February 2021 ex-MI5 chief Andrew Parker was made head of the Royal Household.

And a month later the Queen appointed Elliot Atkins as her first chief information security officer.

In July 2021 a Palace report warned the Household was at “high risk” from cyber criminals.

Source: https://www.thesun.co.uk/news/24224547/russian-hackers-target-royal-family-website-king-ukraine-war/?utm_campaign=native_share&utm_source=sharebar_native&utm_medium=sharebar_native

Urgent warning to Apple users as spyware infiltrates devices with zero clicks

Apple released updated to patch the zero-day bugs on Thursday (Picture: Reuters)

Apple users are being urged to update their products immediately to protect against a powerful new spyware that infiltrated devices without any clicks.

The tech company released updates to patch two zero-day exploit chains on Thursday.

It comes after an employee of the Washington DC-based civil society organization Citizen Lab found the zero-click vulnerability delivering Pegasus mercenary spyware, according to John Scott-Railton, a researcher for the group.

‘Last week we @citizenlab discovered a new #Pegasus zero-click exploit chain (No clicking required to infect latest iOS!)’ he wrote on X (formerly Twitter) on Thursday afternoon.

He urged users to ‘update your @apple products immediately!’

Citizen Lab, which investigates government malware, explained in a blog post that victims can be targeted by malware without clicking or tapping or opening any attachments.

‘The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,’ wrote the internet watchdog group.

Upon discovering the zero-click vulnerability, Citizen Lab informed Apple, which thanked the group for reporting it. Citizen Lab helped in the probe.

Source: https://metro.co.uk/2023/09/07/apple-zero-day-bug-spyware-update-19466522/

Germany examining Chinese components in its 5G network, interior minister says

Nancy Faeser, German Ministry of interior, attends the news conference following the refugee summit at the German ministry of interior in Berlin, Germany, February 16, 2023. REUTERS/Michele Tantussi

Germany’s Interior Ministry is examining all Chinese components that are already installed in the country’s 5G network, Minister Nancy Faeser was quoted as saying on Sunday, as Berlin re-evaluates its relationship with top trade partner China.

“We have to protect our communication networks,” Faeser told Bild am Sonntag newspaper, adding that the examination’s three priorities were identifying risks, averting dangers and avoiding dependencies.

“This is especially true for our critical infrastructure,” she said.

Germany has been considering banning certain components from Chinese companies Huawei and ZTE in its telecoms networks, a government source told Reuters last month, in a potentially significant move to address security concerns.

Source: https://www.reuters.com/business/media-telecom/germany-examining-chinese-components-its-5g-network-interior-minister-says-2023-04-15/

China simulates hitting ‘key targets’ on Taiwan

A Chinese aircraft takes part in a drill around Taiwan

China has simulated precision strikes against key targets on Taiwan and its surrounding waters during a second day of military drills.

The drills – which Beijing has called a “stern warning” to the self-governing island – are a response to Taiwan’s president visiting the US last week.

As the Chinese military simulated an encirclement of the island, the US urged China to show restraint.

Taiwan said about 70 Chinese aircraft flew around the island on Sunday.

Eleven Chinese ships were also spotted.

On Saturday, Taiwan said that 45 warplanes either crossed the Taiwan Strait median line – the unofficial dividing line between Taiwanese and Chinese territory – or flew into the south-western part of Taiwan’s air defence identification zone.

The operation, dubbed “Joint Sword” by Beijing, will continue until Monday. Taiwanese officials have been enraged by the operation.

On Saturday defence officials in Taipei accused Beijing of using President Tsai’s US visit as an “excuse to conduct military exercises, which has seriously undermined peace, stability and security in the region”.

On day one of the drills, one of China’s ships fired a round as it sailed near Pingtan island, China’s closest point to Taiwan.

Taiwan’s Ocean Affairs Council, which runs the Coast Guard, issued video footage showing one of its ships shadowing a Chinese warship, though did not provide a location.

In the footage a sailor can be heard telling the Chinese ship through a radio: “You are seriously harming regional peace, stability and security. Please immediately turn around and leave. If you continue to proceed we will take expulsion measures.”

Other footage showed a Taiwanese warship, the Di Hua, accompanying the Coast Guard ship in what the Coast Guard officer calls a “standoff” with the Chinese vessel.

While the Chinese exercises ended by sundown on Saturday evening, defence officials in Taipei said fighter jet sorties started again early on Sunday morning.

US state department officials have urged China not to exploit President Tsai’s US visit, and have called for “restraint and no change to the status quo”.

A state department spokesperson said the US was “monitoring Beijing’s actions closely” and insisted the US had “sufficient resources and capabilities in the region to ensure peace and stability and to meet our national security commitments”.

The US severed diplomatic ties with Taipei in favour of Beijing in 1979, but it is bound by law to provide Taiwan with the means to defend itself.

US President Joe Biden has said on several occasion that the US would intervene if China attacked the island, but US messaging has been murky.

At Wednesday’s meeting in California, Ms Tsai thanked US House Speaker Kevin McCarthy for America’s “unwavering support”, saying it helped “reassure the people of Taiwan that we are not isolated and we are not alone”.

Mr McCarthy had originally planned to go to Taiwan himself, but opted instead to hold the meeting in California to avoid inflaming tensions with China.
Chinese state media said the military drills, which are due to run until Monday, would “simultaneously organise patrols and advances around Taiwan island, shaping an all-round encirclement and deterrence posture”.

It added that “long-range rocket artillery, naval destroyers, missile boats, air force fighters, bombers, jammers and refuellers” had all been deployed by China’s military.

But in Taiwan’s capital Taipei, residents seemed unperturbed by China’s latest manoeuvres.

“I think many Taiwanese have gotten used to it by now, the feeling is like, here we go again!” Jim Tsai said on Saturday.

Meanwhile, Michael Chuang said: “They [China] seems to like doing it, circling Taiwan like it’s theirs. I am used to it now.

“If they invade we can’t escape anyway. We’ll see what the future holds and go from there.”

Taiwan’s status has been ambiguous since 1949, when the Chinese Civil War turned in favour of the Chinese Communist Party and the country’s old ruling government retreated to the island.

Taiwan has since considered itself a sovereign state, with its own constitution and leaders. China sees it as a breakaway province that will eventually be brought under Beijing’s control – by force if necessary.

Source: https://www.bbc.com/news/world-65223970

Why Leaked Pentagon Documents Are Still Circulating on Social Media

Twitter and the social media platform Discord have various policies that might have prompted them to remove the leaked Pentagon documents that Biden administration officials say revealed key information about U.S. intelligence gathering operations.

But gray areas in those rules and uneven enforcement of them make it unclear how, or even if, executives at those companies would decide to remove them.

As of Saturday, Twitter continued to host tweets with the Pentagon’s documents, some of which had been up since at least Wednesday. There is no indication that Elon Musk, who bought Twitter nearly six months ago, will take any action against the tweets with the classified documents.

Two days earlier, Mr. Musk seemed to respond sarcastically to a tweet about the leaked material. “Yeah, you can totally delete things from the Internet — that works perfectly and doesn’t draw attention to whatever you were trying to hide at all,” he wrote.

On Discord, a messaging platform popular with video game players, the Pentagon documents may have been circulating as early as March. Since Discord chat groups — known as servers — are not directly managed by the company like a Facebook or Twitter feed, the distribution of the Pentagon documents would have been difficult to spot.

Mr. Musk did not respond to a request for comment on Saturday, and Discord declined to comment. It is not known if the companies, which are both based in the United States, have been asked to remove the Pentagon material.

In the past, Twitter may have removed the material under rules that prohibit the publication and distribution of hacked materials, two former executives told The New York Times. Under this policy, Twitter would remove tweets with “real or synthesized hacked materials” or place warning labels on the material. Some of the Pentagon material circulating on social media may have been manipulated.

But there were caveats to Twitter’s rules, as they were described in a policy document, which was last updated in October 2020. The rules allowed for exceptions for material that forms the basis for reporting by news agencies. And debates inside social media companies about what to allow online have often been similar to discussions that traditional media have about whether leaked or hacked material is of enough public interest to justify publishing.

It was not clear on Saturday whether the Pentagon material was hacked or intentionally leaked — the images circulating appeared to be photographs of documents. The documents could fall into a gray area that, at least in the past, would have led to discussion among compliance officers inside the company about whether they qualified for a takedown.

Twitter used its hacked material policy to block the circulation of an article in October 2020 from the New York Post that said the F.B.I. had seized a computer that purportedly belonged to Joseph R. Biden Jr.’s son Hunter Biden. Twitter’s leaders, including then-chief executive Jack Dorsey, later called the decision a mistake.

The former executives, who spoke to The Times on the condition of anonymity for fear of retribution from Mr. Musk, said that Twitter often received reports of potential violations of its polices from U.S. government organizations.

But since acquiring the company in October, Mr. Musk has shrunk the groups responsible for moderation and more than 75 percent of Twitter’s 7,500 employees have been fired or left. Ella Irwin, Twitter’s head of trust and safety, did not immediately respond to requests for comment.

Twitter has removed or prevented the circulation of content at the behest of governments like India and on Mr. Musk’s whims.

This past week, Twitter also began regulating the circulation and engagement of links to Substack, the newsletter platform, after the start-up unveiled a Twitter-like service. On Friday, many Substack writers found that tweets that had links to their Substack pages could not be liked or retweeted.

Source: https://dnyuz.com/2023/04/08/why-leaked-pentagon-documents-are-still-circulating-on-social-media/

Classified Docs Leak on Social Media in Possible ‘Deliberate’ Move to Hinder Ukraine Efforts

Reuters

More than 100 classified documents detailing U.S. national security secrets have been leaked on social media, purportedly exposing crucial intelligence on Ukrainian military operations in a breach that could be a boon to Russia.

The documents, purported to have come from within U.S. military and intelligence agencies, have been circulated on Twitter, 4chan, and Telegram, where they were spread by pro-Kremlin commentators, according to The Wall Street Journal.

The Pentagon acknowledged on Thursday that officials were looking into the leak, which experts say may be one of the most damaging breaches in decades.

The New York Times, which was the first to report on the leaks, says defense officials were already scrambling early Friday to determine the scale of the first batch of leaked documents when it was discovered that another batch had been released.

One unnamed official quoted by the Times called the breach “a nightmare for the Five Eyes,” as the documents concern secrets regarding not only Ukraine, but also the Middle East, and China.

“As many of these were pictures of documents, it appears that it was a deliberate leak done by someone that wished to damage the Ukraine, U.S., and NATO efforts,” Mick Mulroy, a former senior Pentagon official, was quoted saying.

Officials say the documents do appear to be authentic Defense Department documents, but they have been modified in some ways to show scenarios more beneficial to Russia, such as lower figures for the number of Russian troops killed and inflated numbers of Ukraine’s war dead.

Some of the documents show the purported locations of Ukrainian air-defense systems, the quantities of air-defense missiles, and sensitive information about U.S.-provided arms and supplies.

Source: https://www.thedailybeast.com/classified-docs-leak-on-social-media-in-possible-deliberate-move-to-hinder-ukraine-efforts

Exit mobile version