Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label IT Systems. Show all posts
Sensitive Data Leak
Cyber Attacks Data Leak data security Data Theft IT Systems Ransomware attack Ransomware group Ransomwares Sensitive Data Leak

Tata Technologies Cyberattack: Hunters International Ransomware Gang Claims Responsibility for 1.4TB Data Theft

 

Hunters International, a ransomware group known for high-profile cyberattacks, has claimed responsibility for a January 2025 cyberattack on Tata Technologies. The group alleges it stole 1.4TB of sensitive data from the company and has issued a threat to release the stolen files if its ransom demands are not met. Tata Technologies, a Pune-based global provider of engineering and digital solutions, reported the cyberattack in January. 

The company, which operates in 27 countries with over 12,500 employees, offers services across the automotive, aerospace, and industrial sectors. At the time of the breach, Tata Technologies confirmed that the attack had caused disruptions to certain IT systems but stated that client delivery services remained unaffected. The company also assured stakeholders that it was actively restoring impacted systems and conducting an internal investigation with cybersecurity experts. 

However, more than a month later, Hunters International listed Tata Technologies on its dark web extortion page, taking responsibility for the attack. The group claims to have exfiltrated 730,000 files, totaling 1.4TB of data. While the ransomware gang has threatened to publish the stolen files within a week if a ransom is not paid, it has not provided any samples or disclosed the nature of the compromised documents. Tata Technologies has yet to release an update regarding the breach or respond to the hackers’ claims. 

BleepingComputer, a cybersecurity news platform, attempted to contact the company for a statement but did not receive an immediate response. Hunters International emerged in late 2023, suspected to be a rebranded version of the Hive ransomware group. Since then, it has carried out multiple high-profile attacks, including breaches of Austal USA, a U.S. Navy contractor, and Japanese optics company Hoya. 

The group has gained notoriety for targeting various organizations without ethical restraint, even engaging in extortion schemes against individuals, such as cancer patients from Fred Hutchinson Cancer Center. Although many of the gang’s claims have been verified, some remain disputed. For example, in August 2024, the U.S. Marshals Service denied that its systems had been compromised, despite Hunters International’s assertions.  

With cybercriminals continuing to exploit vulnerabilities, the Tata Technologies breach serves as another reminder of the persistent and evolving threats posed by ransomware groups.
Read more »
Supply chain vulnerability
CNI CrowdStrike CrowdStrike outage Cyber Security cybersecurity resilience IT Industry IT Systems Supply chain vulnerability

2024 CrowdStrike Outage Reveals Critical IT Vulnerabilities

 


The CrowdStrike outage in July 2024 exposed significant weaknesses in global IT supply chains, raising concerns about their resilience and dependence on major providers. The disruption caused widespread impact across critical sectors, including healthcare, transportation, banking, and media. Key services—such as parts of the NHS, international transport hubs, and TV networks—experienced significant downtime, highlighting vulnerabilities in centralized IT systems.

The outage was attributed to a faulty software update for Microsoft Windows users provided by cybersecurity firm CrowdStrike. Initial fears of a cyberattack were ruled out, but the incident shed light on the inherent risks of reliance on a few dominant providers in global IT supply chains. Experts warned that such dependencies create singular points of failure, leaving essential infrastructure exposed to systemic disruptions.

One of the most affected sectors was healthcare, where operations in the NHS were forced to revert to manual methods like pen and paper. Dafydd Vaughan, chief technology officer at Public Digital, emphasized the dangers of monopolistic control in critical services. He highlighted that EMIS, a provider serving over 60% of GP surgeries in England and Wales, dominates the healthcare IT landscape. Vaughan advocated for increased competition within IT supply chains to mitigate risks and enhance resilience.

Far-Reaching Impacts

The repercussions of the outage extended beyond healthcare, disrupting transport systems, banking operations, and broadcasting networks. These interruptions prompted calls for enhanced safeguards and reinforced the need for robust IT infrastructure. Recognizing the severity of these vulnerabilities, the UK government elevated data centres to the status of critical national infrastructure (CNI). This designation ensures they receive additional protection and resources, similar to essential utilities like water and energy.

Government Response and Future Legislation

In response to the crisis, the Labour Government, which assumed power in July 2024, announced plans to introduce the Cyber Security and Resilience Bill in 2025. This proposed legislation aims to expand regulatory oversight, enforce stringent cybersecurity standards, and improve reporting protocols. These measures are designed to fortify national defenses against both outages and the escalating threat of cyberattacks, which increasingly target critical IT systems.

The CrowdStrike incident underscores the pressing need for diversified and resilient IT supply chains. While the government has taken steps to address existing vulnerabilities, a sustained focus on fostering competition and enhancing infrastructure is essential. By proactively preparing for evolving threats and ensuring robust safeguards, nations can protect critical services and minimize the impact of future disruptions.

Read more »
Ransomwares
Cyber Attacks Defense Hacker attack Inc ransomware IT Systems IT systems breach Military Data NATO Ransomwares

Hungarian Defence Agency Hacked: Foreign Hackers Breach IT Systems

 

Foreign hackers recently infiltrated the IT systems of Hungary’s Defence Procurement Agency, a government body responsible for managing the country’s military acquisitions. According to Gergely Gulyas, the chief of staff to Hungarian Prime Minister Viktor Orban, no sensitive military data related to Hungary’s national security or its military structure was compromised during the breach. Speaking at a press briefing, Gulyas confirmed that while some plans and procurement data may have been accessed, nothing that could significantly harm Hungary’s security was made public. The attackers, described as a “hostile foreign, non-state hacker group,” have not been officially identified by name. 

However, Hungarian news outlet Magyar Hang reported that a group known as INC Ransomware claimed responsibility for the breach. According to the outlet, the group accessed, encrypted, and reportedly published some files online, along with screenshots to demonstrate their access. The Hungarian government has refrained from confirming these details, citing an ongoing investigation to assess the breach’s scope and potential impact fully. Hungary, a NATO member state sharing a border with Ukraine, has been increasing its military investments since 2017 under a modernization and rearmament initiative. 

This program has seen the purchase of tanks, helicopters, air defense systems, and the establishment of a domestic military manufacturing industry. Among the notable projects is the production of Lynx infantry fighting vehicles by Germany’s Rheinmetall in Zalaegerszeg, a region in western Hungary. The ongoing conflict in Ukraine, which began with Russia’s 2022 invasion, has further driven Hungary to increase its defense spending. The government recently announced plans to allocate at least 2% of its GDP to military expenditures in 2024. Gulyas assured reporters that Hungary’s most critical military data remains secure. 

The Defence Procurement Agency itself does not handle sensitive information related to military operations or structural details, limiting the potential impact of the breach. The investigation aims to clarify whether the compromised files include any material that could pose broader risks to the nation’s defense strategy. The breach raises concerns about the cybersecurity measures protecting Hungary’s defense systems, particularly given the escalating reliance on advanced technology in modern military infrastructure. With ransomware attacks becoming increasingly sophisticated, governments and agencies globally are facing heightened pressure to bolster their cybersecurity defenses. 

Hungary’s response to this incident will likely involve a combination of intensified cybersecurity protocols and ongoing collaboration with NATO allies to mitigate similar threats in the future. As the investigation continues, the government is expected to release further updates about the breach’s scope and any additional preventive measures being implemented.
Read more »
TCS
AI Revolution BPO Call Center Cyber Attacks CyberCrime Cybersecurity IT Systems Policymakers Software TCS

TCS CEO Predicts AI Revolution to Decimate India's Call Center Industry in Just One Year

 


As early as next year, Tata Consultancy Services' head said, artificial intelligence will generate a "minimal" need for call centres, as AI's rapid advancements to date are set to disrupt a vast industry across Asia and beyond. AI's rapid advancements are expected to result in the demise of vast call centres across the globe. 

The chief executive of TCS, K Krithivasan, told the Financial Times that although he had not seen any job reductions at the company so far, the wider adoption of generative artificial intelligence by multinational clients will transform the kinds of customer support centres that have created a lot of jobs in countries like India and the Philippines because of the massive growth in customer service. 

The author believes that chatbots equipped with generative artificial intelligence will be capable of analysing customer transaction histories as well as performing tasks traditionally handled by call centre agents. As a result of the possibility that generative AI might negatively affect white-collar jobs, such as call centre employees and software developers, policymakers around the globe have expressed concern. 

In the $48.9 billion IT and business process outsourcing industry that accounts for over five million jobs in India according to Nasscom, this is a significant threat to the country, which is known for its back-office services. It has been highlighted once again in the comments of the TCS CEO that AI is likely to take over many jobs, including call centre agents and software developers in the future.

The remarks of the TCS CEO are very important for India, which, according to Nasscome, employs over five million people in IT and BPO processes. In his opinion, AI will have a far greater impact on society than has been anticipated in the short term, even though there have been exaggerated expectations regarding its immediate effects. 

The chairman also mentioned that a growing need for individuals with technological skills will be observed in the coming years. Among the more than 600,000 employees of TCS, an arm of India’s Tata conglomerate, which develops IT systems for multinational companies, the company generates revenues of more than $30 billion annually. 

The flow is expected to be "significantly increased" and will almost double over a few more quarters, according to Krithivasan. To date, the company has been able to pay off its investment by selling a record number of orders worth $42.7 billion for the financial year that ends in March. Due to factors such as inflation, geopolitical tensions, and past elections, Krithivasan explained that previously, IT services spending had been clouded with "uncertainty." 

These factors have forced businesses to postpone investments in new technology projects due to the risk associated with such uncertainties. The CEO explained that considering TCS's revenue growth declined by 3% in 2005 as a result of this uncertainty. The chairman goes on to explain that TCS itself has an ongoing pipeline of generative AI projects of $900 million worth, he continues. It was also Krithivasan who stated during the announcement of TCS's Q4 financial results that the company have seen greater traction in the market since its AI. 

The cloud business unit was launched during the quarter. According to Krithivasan, TCS is also working on projects of generative AI, and as reported by the Financial Times, for the quarter ended at the end of the third quarter, the value of the project had doubled to be worth $900 million, an increase of 80% over the prior quarter. According to him, in the following quarters, order flows are expected to increase significantly. 

According to Krithivasan, this would not hurt employment if the demand for tech talent is increased, but not decreased as a consequence of this situation. His advice is that they need to train their workforce if they are to meet this demand, especially in India, where there is a high demand. According to the third quarter earnings report published on April 12 by the biggest IT services firm in India on the Fourth quarter earnings for the financial year 2023-24 (Q4 FY24), the company posted a net profit of Rs 12,434 crore, up 9.1 per cent from the third quarter. 

A revenue of Rs 61,237 crore was also reported for the quarter, an increase of 3.5 per cent from the previous quarter, corresponding to an increase of one per cent over the year-ago quarter. The notable difference between generative AI and traditional AI, however, is that Krithivasan warns that the benefits of generative AI shouldn't be overestimated, despite the expected disruptions. 

Krithivasan, the CEO of TCS, acknowledged the current buzz surrounding AI and its potential impact on jobs, but he stressed that its true effects will unfold gradually, possibly presenting new job opportunities rather than simply displacing existing ones. Addressing concerns about job losses, Krithivasan expressed confidence in the rising demand for tech talent, especially in countries like India. 

He proposed that the evolution of AI would result in the emergence of more skilled professionals, ultimately leading to job growth rather than reduction. However, a recent report from McKinsey Global Institute titled "Generative AI and the Future of Work in America" paints a contrasting picture. According to the report, jobs involving tasks that can be automated, such as data collection and repetitive duties, will likely be taken over by AI to enhance efficiency. 

Sectors like office support, customer service, and food service are expected to be particularly impacted by this AI-driven transformation, potentially leading to significant changes in employment dynamics.
Read more »
Sensitive data
Compliance Cyber Essentials scheme Data Breach Data protection Electoral Commission email security government-backed schemes Hackers Information Security IT audit IT Security IT Systems Sensitive data

Electoral Commission Fails Cyber-Security Test Amidst Major Data Breach

 

The Electoral Commission has acknowledged its failure in a fundamental cyber-security assessment, which coincided with a breach by hackers gaining unauthorized access to the organization's systems. 

A whistleblower disclosed that the Commission received an automatic failure during a Cyber Essentials audit. Last month, it was revealed that "hostile actors" had infiltrated the Commission's emails, potentially compromising the data of 40 million voters.

According to a Commission spokesperson, the organization has not yet managed to pass this basic security test. In August of 2021, the election watchdog disclosed that hackers had infiltrated their IT systems, maintaining access to sensitive information until their detection and removal in October 2022. 

The unidentified attackers gained access to Electoral Commission email correspondence and potentially viewed databases containing the names and addresses of 40 million registered voters, including millions not on public registers.

The identity of the intruders and the method of breach have not yet been disclosed. However, it has now been revealed by a whistleblower that in the same month as the intrusion, the Commission received notification from cyber-security auditors that it was not in compliance with the government-backed Cyber Essentials scheme. 

Although participation in Cyber Essentials is voluntary, it is widely adopted by organizations to demonstrate their commitment to security to customers. For organizations bidding on contracts involving sensitive information, the government mandates holding an up-to-date Cyber Essentials certificate. In 2021, the Commission faced multiple deficiencies in their attempts to obtain certification. 

A Commission spokesperson acknowledged these shortcomings but asserted they were unrelated to the cyber-attack affecting email servers.

One of the contributing factors to the failed test was the operation of around 200 staff laptops with outdated and potentially vulnerable software. The Commission was advised to update its Windows 10 Enterprise operating system, which had become outdated for security updates months earlier. 

Auditors also cited the use of old, unsupported iPhones by staff for security updates as a reason for the failure. The National Cyber Security Centre (NCSC), an advocate for the Cyber Essentials scheme, advises all organizations to keep software up to date to prevent exploitation of known vulnerabilities by hackers.

Cyber-security consultant Daniel Card, who has assisted numerous organizations in achieving Cyber Essentials compliance, stated that it is premature to determine whether the identified failures in the audit facilitated the hackers' entry. 

He noted that initial signs suggest the hackers found an alternative method to access the email servers, but there is a possibility that these inadequately secured devices were part of the attack chain.

Regardless of whether these vulnerabilities played a role, Card emphasized that they indicate a broader issue of weak security posture and likely governance failures. The NCSC emphasizes the significance of Cyber Essentials certification, noting that vulnerability to basic attacks can make an organization a target for more sophisticated cyber-criminals.

The UK's Information Commissioner's Office, which holds both Cyber Essentials and Cyber Essentials Plus certifications, stated it is urgently investigating the cyber-attack. When the breach was disclosed, the Electoral Commission mentioned that data from the complete electoral register was largely public. 

However, less than half of the data on the open register, which can be purchased, is publicly available. Therefore, the hackers potentially accessed data of tens of millions who had opted out of the public list.

The Electoral Commission confirmed that it did not apply for Cyber Essentials in 2022 and asserted its commitment to ongoing improvements in cyber-security, drawing on the expertise of the National Cyber Security Centre, as is common practice among public bodies.
Read more »
User Privacy
Data Breach Game Hacking IT Systems PDF Exploits Ransomware Attacks. Source Code leak User Privacy

Riot Games Hit by Data Breach

Riot Games reported last week that a social engineering attempt had infiltrated the systems in their software platform. Motherboard got the ransom note that was sent to Riot Games and reported that hackers demanded $10 million in exchange for keeping the stolen source code a secret and erasing it from their servers.

The LoL and TFT teams are investigating how to cheat developers who might exploit the data that was obtained to create new tools and evaluating whether any fixes are necessary to resist such nefarious attempts. According to the game creator, the game source code obtained during the security breach also includes certain unreleased features that might not make it to the release stage.

Hackers gave Riot Games two sizable PDFs as proof, claiming that they would demonstrate their access to Packman and the League of Legends source code. These files were also obtained by Motherboard, and they seem to display directories connected to the game's code. According to the ransom message, the hackers threatened to remove the code from their servers in exchange for payment and give insight into how the intrusion occurred and offer guidance on preventing future breaches.

The hackers indicated Riot Games could contact them through a Telegram chat, and they provided a link to that chat in the post. The motherboard has joined this channel. Its members contained usernames that corresponded to the names of Riot Games personnel.

No player or user information was taken during the attempt, as per Riot, but the company warned that it would take some time to adequately protect the systems and that patches might be delayed. The breach is the subject of an investigation by Riot Games. It appears that the attacker did not utilize ransomware but instead concentrated on stealing source code so they could demand money from the business.
Read more »
IT Systems
Cyber Security Cybersecurity DIHK IT Systems

DIHK Suffers Cyberattacks, Shuts Down IT Systems


About the DIHK Attack

The association of German Chambers of Industry and Commerce (DIHK) was compelled to close down all of its IT systems and shut off digital services, telephones, e-mail servers, as a counter measure to the cyberattack. 

DIHK is an association of 79 chambers that represent organizations within the German state, with more than 3 million members having business ranging from small shops to large enterprises within the country. 

The organisations attends to matters of legal representation foreign trade promotion, consultation, regional economic development, training, and offers generic assistance services to the members. 


How did attackers breach DIHK

A statement released on the DIHK site explains the shutdown as a precautionary measures, and provide IT teams time to find a solution and bring out a counter measure. 

Few services of the companies are slowly getting available again after some aggressive reviews that make sure it's safe to use them. But, the restoration of service isn't complete at the moment. 

DIHK general manager Michael Bergmann via a LinkedIn post told the public about the cyberattack incident that happened on Wednesday, and noted the incident as 'massive.' Currently, DIHK can't sayfor how long the urgent shutdown measures will be needed. 

The attack shows hints of ransomware, the systems have been shut down to stop the malware from spreading further, however, this information hasn't been verified officially. 

Besides this, no announcements of a successful compromise off DIHK on any of the big ransomware websites, however, it is too soon to comment on that. The cyberattack's impact doesn't have any local focus. 

Bleeping Computers reports "individual divisions in North Rhine-Westphalia, Lower Saxony, Bavaria, and Mecklenburg-Western Pomerania have all confirmed facing problems. For example, the Chamber of Industry and Commerce in Köln informed the public that phone lines work to a limited extent, while its website was still offline at the time of this writing."





Read more »
User Privacy
Cyber Attacks Email Attacks German Cyber Security IT Systems Russian Hackers User Privacy

14 Account's Email System Targeted the Green Party of Germany

 

The foreign minister Annalena Baerbock and the economy minister Robert Habeck's email accounts were both compromised last month, according to the German Green party, which is a member of the coalition government of the nation. 

The party acknowledged a revelation published on Saturday by the German magazine Der Spiegel, but claimed that the two had stopped using official party accounts since January.

According to a report on a German magazine Der Spiegel on Thursday, the Green Party said that a total of 14 accounts, including the party's co-leaders' Omid Nouripour and Ricarda Lang, were also hacked and that certain messages were sent to other servers. The article further read that the attack also had an impact on the party's "Grüne Netz" intranet IT system, where private information is exchanged.

The party declined to acknowledge Der Spiegel's claim that an electronic trace suggested the cyberattack may have originated in Russia because of the current investigation by German authorities.

"More than these email accounts are affected," the party official claimed. The topic concerns emails using the domain "@gruene.de." The representative stated that it was yet unknown who had hacked in. The first indication of the attack came on May 30 and since June 13, when specialists determined that there had been a breach, access to the system has been restricted. 

Authorities blamed the unauthorized access on Russian state-sponsored hackers. Baerbock has consistently taken a harsh approach in response to Russia's abuse of human rights and aggression against Ukraine. Since taking office in December, Habeck has been in charge of Germany's initiatives to wean itself off of Russian energy sources.

Network logs, according to the Greens, did not reflect any signs of the increased traffic levels that would indicate the theft of a significant amount of data.
Read more »
Subscribe to: Posts (Atom)