Search This Blog

Showing posts with label EU. Show all posts

SOCTA: Here's a Quick Look into the Report by Europol

 

The Serious Organized Crime Threat Assessment study 2021 by Europol summarises the criminal threat from the last four years and offers insights into what can be expected in the following four years. Organized crime isn't just cybercrime, but cybercrime is now a big component of organized crime. Europol sees the development of businesses, growth in the digital lifestyle, and the rise of remote workers as new vulnerabilities and opportunities for use. 

“Critical infrastructures will continue to be targeted by cybercriminals in the coming years, which poses significant risks,” cautions the published report. “Developments such as the expansion of the Internet of Things (IoT), the increased use of artificial intelligence (AI), applications for biometrics data, or the availability of autonomous vehicles will have a significant impact. These innovations will create criminal opportunities.” 

The interruption of Emotet Botnet in January 2021, with foreign activities organized by Europol, is highlighted in the report. This includes the international efforts concerning the authorities of the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada, and Ukraine. But the overall thought is that cybercrime is growing in sophisticated ways with criminal gangs being increasingly organized due to which the threat is multiplying at a fast rate. However, the Europol report does not comment on the usual cyber threats, apart from the fact that crime syndicates sell it 'as a service more and more. 

ENISA estimates that 230,000 new malware variants are detected each day. Europol shows that the number and sophistication of attacks continue to increase. “The increase in the number of attacks on public institutions and large companies is particularly notable.” Further, the DDoS - Denial of service is an expanding threat, frequently followed by attempts at extortion. Attacks on government and vital resources continue, but criminal groups with lower security protocols increasingly target smaller organizations. 

“Last year saw a multitude of damaging consequences from ransomware, breaches, and targeted attacks against sensitive data,” comments Yaniv Bar-Dayan, CEO and co-founder at Vulcan Cyber. Cyber attackers have taken full advantage of the much more critical vulnerabilities at the detriment of the organizations, ranging from hacks of COVID-19 study data to assaults on critical networks and government agencies. The increase in online child exploits, especially what is recognized as the live distance violence, also occurred as students experienced months at home during school closures. Besides, Europol states that it has a database of over 40 million pictures from around the globe of child sexual abuse. 

Furthermore, there shouldn’t be an underestimation of the involvement of the Dark Web in illegal activities, where criminals use it to share their knowledge on operating security. The usage of the dark web for the selling of illicit drugs and weapons has increased over the past four years, but law enforcement has seemed to have caused some mistrust among consumers and might have cooled down the growth rate in association with online assaults. Sex trafficking (THB) is also carried out on the dark web and surface web pages where labor and sex are the main categories. Europol claims that THB is substantially underreported and states that in the EU, THB is on the rise for labor exploitation. 

Even the complexity of technology has increased with the inception of fraud such as investment fraud, BEC, non-deployment fraud, novelty fraud, fake invoice fraud, social profit fraud, bank fraud, etc. This will probably go on. Also “The use of deep fakes will make it much more challenging to identify and counter fraud,” warns Europol. And the organized crime ecosystem is marked by a networked environment with smooth, systemic, and profitable coordination among criminals.

EU Banking Regulator Suffers Cyberattack in a Microsoft Email Breach

A significant EU financial regulator, the EU Banking Authority said that it suffered a cyberattack where its Microsoft email systems were hacked. The US company is putting the blame on a Chinese threat actor. Recently, Microsoft said that a Chinese state-sponsored hacking group was exploiting earlier unknown security vulnerabilities in Microsoft's exchange email services to hijack government and user data. The list of victims counts to as many as tens of thousands. Microsoft earlier this week said that "Hafnium attacks were in no way connected to the separate SolarWinds-related attacks." 

Threat actor "Hafnium" is highly skilled and sophisticated, says Microsoft. Hafnium has earlier attacked companies based in the US that include cybersecurity firms, law firms, defense contractors, think tanks, defense agencies, NGOs, and universities. The EBA (EU Banking Authority) said in a statement that the inquiries have not revealed any data theft as of now. Presently, the EBA e-mail infrastructure is safe and the investigation concludes that there has been no data breach, says the statement. 

There's no evidence to suggest that the breach affected anything more than email servers.  The company says that the investigation is still in process and security measures have been set up to restore the functionality of e-mails. EBA in a statement issued on Sunday said that it had shut down its systems as a preventive measure, observing that hackers may have got access to personal data in the emails. The company has issued updates to fix the security issues. It is very much likely that the hackers may want to take the advantage of the unpatched systems, says Tom Burt, Microsoft executive. 

In this regard, Security Week reported, "Beijing typically rejects US hacking charges out of hand and last year berated Washington following allegations that Chinese hackers were attempting to steal coronavirus research. In January, the US said Russia was probably behind the massive SolarWinds hack that hit large swathes of the government and private sectors, and which experts say may constitute an ongoing threat."  

Czech Republic's Intelligence Agency Reveal on Russian And Chinese Spies Posing an Imminent Threat to The EU Member's Security

 


The Czech Republic's intelligence agency recently revealed that Russian and Chinese spies posed an up and coming threat to the EU member's security and other key interests the previous year. 

The annual report of the Security Data Administration (BIS) said the intelligence services of Russia and China took up a rather significant role in further advancing their interests and options abroad.

All Russian intelligence services were rather active on Czech territory in 2019. Spies with a strategic and diplomatic cover zeroed in on further advancing Russia's interests and the Kremlin's views, just as boosting Russia's reputation in the Czech Republic. 

"The key difference is that Russia seeks to destabilise and disintegrate its opponents, while China is trying to build a Sinocentric global community wherein other nations acknowledge the legitimacy of China's interests," BIS said. 

The Chinese spies’ agents utilized covers as diplomats, journalists, or scientists and "utilized the receptiveness of the Czech environment to the offer of Chinese investment," BIS said. 

They focused on the tech area, the military, security, infrastructure, the health sector, the economy, and environmental protection and searched for ways to paint a positive portrait of China. 

BIS added that the foreign spies additionally focused on Czech cyberspace with attacks focused on the foreign ministry and diplomatic missions abroad, yet additionally the infrastructure of Czech anti-virus software maker Avast.

It said Russian and Chinese services were behind these attacks, adding that phishing and spear-phishing emails were the most frequently utilized tactic.

The Council of the EU and Its First-Ever Sanctions against Persons or Entities Involved in Various Cyber-Attacks



The Council of the European Union imposed its first-ever sanction against persons or entities engaged with different cyber-attacks focusing on European citizens and its member states. 

The sanctions imposed include a ban for people traveling to any EU nations and a freeze of assets on persons and entities. 

The order has been issued against six individuals and three entities liable for or associated with different cyber-attacks. Out of the six individuals sanctioned they include two Chinese citizens and four Russian nationals. 

The companies associated with carrying out these cyber-attacks incorporate an export firm situated in North Korea, and technology companies from China and Russia.

The entities responsible for or engaged with different cyber-attacks incorporate some publicly referred to ones as 'WannaCry', 'NotPetya', and 'Operation Cloud Hopper,' just as an endeavored cyber-attack against the organization for the prohibition of chemical weapons.




As per the European Council, the detailed of these persons or entities are: 

 1. Two Chinese Individuals—Gao Qiang and Zhang Shilong—and a technology firm, named Tianjin Huaying Haitai Science and Technology Development Co. Ltd, for the Operation Cloud Hopper. 

 2. Four Russian nationals (also wanted by the FBI) — Alexey Valeryevich, Aleksei Sergeyvich, Evgenii Mikhaylovich, and Oleg Mikhaylovich—for attempting to target the Organisation for the Prohibition of Chemical Weapons (OPCW), in the Netherlands. 

 3. A Russian technology firm (exposed by the NSA) — Main Centre for Special Technologies (GTsST) of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation—for the NotPetya ransomware attack in 2017 and the cyber-attacks directed at a Ukrainian power grid in the winter of 2015 and 2016. 

 4. A North Korean export firm — Chosun Expo, for the WannaCry ransomware attack that made havoc by disrupting information systems worldwide in 2017 and linked to the well-known Lazarus group. 

The Council says, “Sanctions are one of the options available in the EU's cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool." 

As indicated by the European Union, the two Chinese nationals who carried out Operation Cloud Hopper are members from the APT10 threat actor group, otherwise called 'Red Apollo,' 'Stone Panda,' 'MenuPass' and 'Potassium.' 

On the other hand, the four Russian nationals were agents of the Russian Intelligence agency GRU who once expected to hack into the Wi-Fi network of the OPCW, which, if effective, would have permitted them to compromise the OPCW's on-going investigatory work.

European Union likely to ban Facial Recognition for 5 years


The EU (Europian Union) is considering restricting the use of facial recognition technology for a possible duration of 5 years, in public area sectors. The reason being is the regulators need some time to consider the protection of unethical exploitation of the technique. The facial recognition is a technique that lets to identify faces that are captured on camera footage to be crosschecked against real-time watchlists, mostly collected by the police.


However, the restrictions for the use are not absolute as the technique can still be used for research and development, and safety purposes. The committee formulating the restriction drafted an 18-page document, which implicates the protection of privacy and security of an individual from the abuse of the facial recognition technique. The new rules are likely to strengthen the security measures further against the exploitation. The EU suggested forcing responsibilities on either party, the developers, and the users of AI (artificial intelligence) and requested member countries of the EU to build an administration to observe the recent laws.

Throughout the ban duration that is 3-5 years, "a solid measure for evaluating the repercussions of facial recognition and plausible security check means can be discovered and applied." The recommendations appear among requests from lawmakers and activists in the United Kingdom to prevent the police from unethical abuse of the AI technique that uses live facial recognition technology for purposes of monitoring the public. Not too late, the Kings Cross estate got into trouble after a revelation that its owners were using facial recognition without the public knowing about it.

The politicians allege that facial recognition is fallacious, interfering, and violates the basic human right of privacy. According to a recent study, the algorithms that facial recognition uses are not only incorrect but are also flawed in identifying the black and Asian faces in comparison to those of the whites.

How Facial Recognition works?

  • The faces stored in a police photo database are mapped using the software.
  • CCTV present at public places identifies the faces. 
  • Possible matches are compared and then sent to the police. 
  • However, pictures of inaccurate matches are stored for weeks.

UK Government to Fine Infrastructure Organisations up to £17m for Lax Cybersecurity

Industries running critical infrastructure in the UK will be facing fines as much as £17 million ($24 million), if they fail to put in strong cybersecurity measures as required by the NIS Directive.

NIS covers network and information security to be put into place by 9 May, 2018, and was announced by the UK government on Sunday.

The affected industries include transport, water, energy, and health businesses.

These fines are apparently as “last resort” if any of the above-mentioned businesses fails to follow the cybersecurity guidelines as required by all industries in the EU member states.

The government warned that a regulator will be able to assess the cybersecurity infrastructure of the country's critical industries and will have the power to issue legally-binding instructions to make sure the security is up to its mark — including imposing fines.

The Directive’s objectives are outlined as to manage security risk, ensure protection against cyber attacks, detecting cybersecurity events, and minimising the impact of cybersecurity incidents.

"We want our essential services and infrastructure to be primed and ready to tackle cyber attacks and be resilient against major disruption to services. I encourage all public and private operators in these essential sectors to take action now and consult NCSC's advice on how they can improve their cybersecurity,” said Margot James, Minister for Digital and Creative Industries.

According to the government, they are working on a “simple, straightforward reporting system” where it will be one can easily report cyber breaches and IT failures so they can be quickly identified and acted upon.

The National Cyber Security Centre (NCSC) website states that the first iteration of the Cyber Assessment Framework (CAF) will be available by the end of April 2018.

France’s data protection authority CNIL gives a sharp warning to WhatsApp ;issues a formal notice

Facebook, when it acquired WhatsApp back in early 2014 said that it won't have the capacity to link the WhatsApp users to their Facebook accounts. In any case, things being what they are, turns out it wasn't so difficult after all. A year ago, the organization changed the WhatsApp terms of services to do just that: link the WhatsApp and Facebook profiles belonging to the same user.

Facebook had allowed many of its users to opt out, yet that wasn't sufficient for the regulators. Germany had even requested Facebook to quit gathering WhatsApp data last September, a similar thing happened in the UK several months later and now fast forward to December 2017; there be yet another European nation issuing similar order.

Facebook's messaging service WhatsApp was given a one-month final proposal by one of Europe's strictest privacy watchdogs, which requested it to quit offering user data to its parent without getting the necessary assent. France's information insurance specialist also known as the data protection authority, CNIL gave quite a cautioning to WhatsApp by issuing a formal notice, scrutinizing it for "inadequate and insufficient" participation and cooperation.

The decision comes a year later after the European Union privacy authorities (security specialists) said that they had "genuine concerns" about the sharing of WhatsApp user data for purposes that were excluded in the terms of conditions and the privacy policy when people had signed up to the service.
However, even after the EU slapped Facebook with a €110 million fine over unlawful WhatsApp information sharing, France says that it has still not collaborated with information security expert CNIL, and could confront another sanction if it doesn't start thinking responsibly inside 30 days. The social network is as yet exchanging Whatsapp information for "business intelligence," it claims, and the only possible way that clients can quit is by uninstalling the application.

It was a French regulator, who saw that WhatsApp was sharing user information like phone numbers to Facebook for "business insight" reasons. When it over and over made a request to take a look at the information being shared, Facebook said that it is put away in the US, and "it considers that it is only subject to the legislation of the country," as per the CNIL. The regulator countered that whenever information is assembled in France, it naturally turns into the authority in charge.

The information exchanges from WhatsApp to Facebook occur to some extent without the users' assent, nor the legitimate interest of WhatsApp, CNIL said.

France says that while the notice was issued to Facebook, it's additionally intended to exhort users that this "gigantic information exchange from WhatsApp to Facebook" was occurring. "The best way to deny the information exchange for 'business insight' purposes is to uninstall the application," it adds. In any case, Facebook guarantees that it will keep on working with the CNIL to ensure that the users comprehend what data it gathers as well as how the data is utilized.

The merging of WhatsApp's data with Facebook was the first step taken by Facebook a year ago towards monetising the stage since the social network's CEO Mark Zuckerberg bought the company for about $22bn in 2014.