A NEW TARGET FOR HACKERS : BUILDING AUTOMATED MANAGEMENT
As Building automated management spreads, so do cyber attacks against these systems. Users report a rapid increase in attacks, a part of which seem linked to Russia. When such buildings are for company use, the objective can be to disrupt systems hence damaging the user, or to discover another way to enter the management IT system which is often connected to the building automation system.
FRANCE: THE AGENCY IN CHARGE OF DELIVERING OFFICIAL DOCUMENTS HACKED
ANTS delivers passports, ID cards and othr documents as driving licenses. After the evidence of personal data for sale on the dark net, an inquiry tends to show that the Agency has been attacked and data related to “customers” have leaked. Experts are investigating the case. No need to say that such data should be particularly protected.
QUARKSLAB TO JOIN THE AIRBUS CYBERSECURITY FAMILY
QUARKSLAB is a French start up which on one side delivers expert cyber services and on the other one proposes a code checking system. This tool is used among others in embedded industrial software. On April 21, it was announced that AIRBUs will acquire the company. AIRBUS already owns a portfolio of cybersecurity vendors, including STORMSHIELD and INFODAS (the latter mostly in Germany)
UK OFFICIALS EXPOSE GROWING PACE OF STATE-LINKED ATTACKS
British intelligence officials on April 21 said the shape and scope of cyberattacks wielded by the nation’s adversaries is changing as fast as the technology involves.
Britain’s National Cyber Security Centre investigates major attacks at a rate of about four per week. “We do know from conflicts around the world this last year that cyber operations are now integral to conflict, as much a reality of modern warfare as drones and missiles, and the scope of targeting is getting wider,” chief executive Richard Horne said at conference, which the NCSC hosts.
“The attacks on the Polish energy sector in December are a stark reminder of that reality, that cybersecurity is the home front,” he said
“NCSC handled over 200 nationally significant incidents last year, more than double the year before,” said Anne Keast-Butler, director of the Government Communications Headquarters. GCHQ is the nation’s signals intelligence agency, of which NCSC is part.
While the chief cybercrime threat facing British businesses is financially motivated ransomware, Horne said “the majority” of the NCSC-investigated attacks trace to nation-state threat actors. China in particular wields an “eye-watering level of sophistication in their cyber offerings,” which he characterized as being on par with Britain’s capabilities. The NCSC chief also singled out Russia, noting that it’s been “taking cyber lessons used in the theater of war and moving them beyond the battlefield.”
Horne highlighted the rise of “sustained Russian hybrid activity targeting assets across the U.K. and Europe”. “Russia is testing us in the gray zone with tactics that are just below the threshold of war,” often boiling down to “attempts to bully, fear monger and manipulate,” said Blaise Metreweli, the chief of Britain’s Secret Intelligence Service, better known a MI6, in a rare public speech last December detailing Moscow’s evolving “information warfare” tactics.
These tactics include “cyberattacks on critical infrastructure,” as well as “drones buzzing airports and bases,” aggressive maritime and undersea activity, “state-sponsored arson and sabotage” and a range of “propaganda and influence operations” designed to target existing societal divisions, Metreweli said.
“We are now operating in a space between peace and war,” she said.
Dan Jarvis, Britain’s minister of state for security, echoed those words in a speech at CyberUK. “They’ve worked out that the most effective way is not to confront us directly but to quietly hollow us out,” he said of Russia’s evolving cyber operations playbook.
One challenge for cyber defenders and government agencies is the rapid and disruptive pace of technological change.
Horne said that as technology changes, “the definition of cybersecurity expands with it.” It now encompasses everything from “securing the operational technology that controls energy systems, to production lines, robotics, space-based communications autonomous systems and agents.”
(Tribute to DATABREACH TODAY, April 23)
US CLOUD PLATFORM VERCEL HACKED THROUGH COMPROMISED AI SYSTEM
San Francisco-based Vercel runs the widely used frontend cloud platform React, a JavaScript library used to build web applications. The company identified an incident that began with a compromise of Context.ai, a third-party AI tool used by a Vercel employee. “The attacker used that access to take over the employee’s Vercel Google Workspace account, which enabled them to gain access to some Vercel environments and environment variables that were not marked as ‘sensitive.'”The company said all stored sensitive data is fully encrypted and doesn’t appear to have been exposed.
GOOGLE DEPLOYS A FULLY AUTOMATED CYBERSECURITY ARMY
Relying on WIZ, which acquisition has now been finalized, Google intends to mitigate AI-based cyber attacks by deploying a massive force of AI defensive agents, which will permanently scrutinize the user’s IT context. What will be the impact on classical cybersecurity software providers ? And on CISOs’ work ?
