Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label London. Show all posts
TfL
Cyber Attacks data security London Online Services TfL

London's Transit System Suffers Through Prolonged Cyberattack; Data Security a Concern







Transport for London, the governmental body tasked with running the capital's transit system, is battling a cyberattack that has stretched into a second week. The backbone of the transit operations remains intact and fully functional; however, many of TfL's online services and digital customer platforms are still down, an indicator of the severity of the situation.

TfL Confirms Ongoing Cyber Incident 

An update was published on the website of TfL on October 14th with regard to the cyber incident. It confirmed that a cyber incident was "still being worked on." This came to replace its previous statement that there is "no evidence" the customer data has been breached. Now it is worded as "working to secure our systems and your data", which sends menaces of data breaches.

The uncertainty about whether or not customer data is safe has grown since TfL took back the earlier assertion of no compromise of data. To explain whether they have the technical capability-including log analysis-to determine if customer or employee data has been stolen or exfiltrated during the attack, TechCrunch reached out to TfL. However, TfL spokesperson Thomas Canning dodged these questions. Although TfL confirmed the update to the website, it is not known if the attackers have accessed any kind of information related to customers or employees.

Customer Concerns and Impact on Digital Services

While the cyberattack did not directly impact the transit system, the extended unavailability of online services has caused a great deal of inconvenience to users. Many key digital capabilities remain unavailable, and there is concern about possible long-term impacts on the way customers interact with the transit agency. In fact, TfL has successfully reassured the public that their top priority now is the resolution of this issue and protection of their digital infrastructure against such incidents in the future.

What's in Store for TfL?

Since the cyber-attack is continuous, questions such as the extent of the breach and whether sensitive data has been pilfered are left unanswered. While TfL tries to suppress the situation, until the full breadth of the incident is clarified, a likelihood exists that public trust in protection against leakages of personal data will be put on the agenda.

This indicates the nature of the risk that public organisations face when confronted with sophisticated cyber threats and how such occurrences can be better avoided in the future through more effective cybersecurity measures.

Preventative Measures and Security Focus

This will perhaps shape future policy at TfL around cybersecurity issues, with better protection for customer data and not allowing such an attack to take place in the future. While recuperation of affected digital services takes place, any perceived opacity or lack of clear communication about what happened may hamper efforts to restore confidence in the security of customers' personal information.

This is a still-ongoing incident that serves as a good reminder that organisations all over the world should be very aware and proactive with respect to cybersecurity, constantly reevaluating defenses to minimise the threat, which always seems to be growing.





Read more »
TfL
cyber attack Cyber Attacks London Ransomware Security TfL

TFL Hit by Cyberattack, Leaving Disabled Riders Stranded


 

Transport for London (TfL) recently confirmed that disabled passengers are the first group to feel the effects of a cyberattack that has hit their systems. This incident has severely impacted the Dial-a-Ride service, a specialised transport service designed for wheelchair users and individuals with long-term disabilities, leaving many unable to book their necessary door-to-door journeys.

TfL, the organisation responsible for managing London’s public transport network, initially acknowledged a cyber incident on September 2. In their first public statement, TfL reassured customers that no personal data had been compromised, and transport services across the network were unaffected. However, in the days following, it became clear that the cyberattack has caused more disruption than initially reported, particularly for disabled passengers who rely heavily on the Dial-a-Ride service.

The Dial-a-Ride service, which offers free transport for disabled passengers, was forced to suspend new bookings due to the ongoing cybersecurity incident. A recent update from TfL confirmed that the system is unable to process any new journey requests, inconveniencing those who depend on this service for mobility. In addition to suspending bookings, TfL also reported that many staff members operating the service have limited access to critical systems, making it difficult for them to respond to user inquiries or manage ongoing services efficiently.

For many disabled residents, Dial-a-Ride is a crucial service for daily travel. Without it, those with limited mobility are left without a reliable option to get around the city, exacerbating the challenges they already face in navigating public transportation.

Ransomware Likely Cause of the Attack

Although the full details of the cyberattack have not yet been disclosed, cybersecurity experts believe it may be a ransomware attack, a type of cybercrime where systems are locked down by hackers who demand payment in exchange for restoring access. The limited system access reported by TfL employees suggests that hackers may have taken control of essential systems, preventing the organisation from operating key services like Dial-a-Ride.

Mark Robertson, an expert from Acumen Cyber, noted that the involvement of Dial-a-Ride indicates the attack may be more serious than originally thought. He emphasised that being locked out of key systems is a common effect of ransomware, further hinting at the nature of the incident. However, he commended TfL for its incident response efforts, which have helped to manage the crisis and minimise further damage.

Despite the disruption, there has been some good news for Dial-a-Ride users. Following internal recovery measures, TfL announced that essential booking requests are now being accepted once again. Though services remain limited, there is optimism that the situation will continue to improve as the day progresses. 

As TfL continues to address the issue, it serves as a reminder that cyberattacks can have far-reaching impacts, particularly on vulnerable populations such as disabled individuals who rely on services like Dial-a-Ride for their daily mobility needs. TfL’s handling of this situation will likely set an example for other organisations on how to manage similar incidents in the future. 

There is a pressing need for both strong cyber defences and detailed response plans to minimise the fallout from these types of attacks.


Read more »
Ransom Demand
Data Breach data security Hacker attack Healthcare Hacking healthcare sectors hospital data London Patient Data Ransom Demand

Massive Data Breach Hits London Hospitals Following Cyber Attack

 

In a severe cyber attack targeting a London hospital, hackers have published a massive 400GB of sensitive data, raising significant alarm within the healthcare sector. This breach underscores the escalating threat posed by cybercriminals to critical infrastructure, especially within public health services. 

The attack, attributed to a sophisticated hacking group, involved infiltrating the hospital’s IT systems, exfiltrating vast amounts of data, and subsequently releasing it online. The compromised data reportedly includes patient records, internal communications, and operational details, posing severe privacy risks and operational challenges for the hospital. The cybercriminals initially demanded a hefty ransom for the decryption of the stolen data and for not making it public. When the hospital administration, adhering to governmental policies against ransom payments, refused to comply, the hackers followed through on their threat, releasing the data into the public domain. 

This move has not only compromised patient privacy but has also led to significant disruptions in hospital operations. Experts warn that the healthcare sector is increasingly becoming a prime target for ransomware attacks due to the sensitive nature of the data and the critical need for operational continuity. The incident has once again highlighted the urgent need for robust cybersecurity measures within healthcare institutions. Public healthcare providers often operate with complex IT systems and limited budgets, making them vulnerable targets for cyber attacks. 

The ramifications of such breaches are far-reaching, affecting not just the targeted institution but also the patients relying on its services. In response to the breach, the hospital has ramped up its cybersecurity protocols, working closely with cybersecurity experts and law enforcement agencies to mitigate the damage and prevent future incidents. Efforts are also underway to support affected patients, ensuring that their data is secured and providing necessary assistance in the wake of the breach.  

This incident serves as a stark reminder of the persistent and evolving threat landscape that healthcare providers face. It underscores the necessity for continuous investment in cybersecurity infrastructure and the implementation of proactive measures to safeguard sensitive data against potential breaches. 

As the investigation into this attack continues, healthcare institutions worldwide are urged to reassess their cybersecurity strategies, ensuring that they are equipped to defend against such malicious activities. The leak of 400GB of sensitive data stands as a testament to the devastating impact of cybercrime on critical public services, emphasizing the importance of vigilance and robust security practices in the digital age.
Read more »
UK
Cyber Attacks Data Privacy Healthcare London National Cyber Security Centre NHS patient data protection Ransomware attack Russian Gang UK

Ransomware Attack on Pathology Services Vendor Disrupts NHS Care in London

 

A ransomware attack on a pathology services vendor earlier this week continues to disrupt patient care, including transplants, blood testing, and other services, at multiple NHS hospitals and primary care facilities in London. The vendor, Synnovis, is struggling to recover from the attack, which has affected all its IT systems, leading to significant interruptions in pathology services. The Russian-speaking cybercriminal gang Qilin is believed to be behind the attack. Ciaran Martin, former chief executive of the U.K. National Cyber Security Center, described the incident as "one of the more serious" cyberattacks ever seen in England. 

Speaking to the BBC, Martin indicated that the criminal group was "looking for money" by targeting Synnovis, although the British government maintains a policy against paying ransoms. Synnovis is a partnership between two London-based hospital trusts and SYNLAB. The attack has caused widespread disruption. According to Brett Callow, a threat analyst at security firm Emsisoft, the health sector remains a profitable target for cybercriminals. He noted that attacks on providers and their supply chains will persist unless security is bolstered and financial incentives for such attacks are removed. 

In an update posted Thursday, the NHS reported that organizations across London are working together to manage patient care following the ransomware attack on Synnovis. Affected NHS entities include Guy's and St Thomas' NHS Foundation Trust and King's College Hospital NHS Foundation Trust, both of which remain in critical incident mode. Other impacted entities are Oxleas NHS Foundation Trust, South London and Maudsley NHS Foundation Trust, Lewisham and Greenwich NHS Trust, Bromley Healthcare, and primary care services in South East London. 

The NHS stated that pathology services at the impacted sites are available but operating at reduced capacity, prioritizing urgent cases. Urgent and emergency services remain available, and patients are advised to access these services normally by dialing 999 in emergencies or using NHS 111. The Qilin ransomware group, operating on a ransomware-as-a-service model, primarily targets critical infrastructure sectors. According to researchers at cyber threat intelligence firm Group-IB, affiliate attackers retain between 80% and 85% of extortion payments. Synnovis posted a notice on its website Thursday warning clinicians that all southeast London phlebotomy appointments are on hold to ensure laboratory capacity is reserved for urgent requests. 

Several phlebotomy sites specifically managed by Synnovis in Southwark and Lambeth will be closed from June 10 "until further notice." "We are incredibly sorry for the inconvenience and upset caused to anyone affected." Synnovis declined to provide additional details about the incident, including speculation about Qilin's involvement. The NHS did not immediately respond to requests for comment, including clarification about the types of transplants on hold at the affected facilities. The Synnovis attack is not the first vendor-related incident to disrupt NHS patient services. Last July, a cyberattack against Ortivus, a Swedish software and services vendor, disrupted access to digital health records for at least two NHS ambulance services in the U.K., forcing paramedics to use pen and paper. 

Additionally, a summer 2022 attack on software vendor Advanced, which provides digital services for the NHS 111, resulted in an outage lasting several days. As the healthcare sector continues to face such cybersecurity threats, enhancing security measures and removing financial incentives for attackers are crucial steps toward safeguarding patient care and data integrity.
Read more »
User Security
3D Guns Illicit Frearms London Technology UK User Security

3D-printed guns: UK’s Latest Problem

 

Last month, officers from the Met's Specialist Crime Command discovered a suspected makeshift 3D firearm factory at a home in London. 

The met stated the seizure was “one of the largest” ever conducted in the UK and, it demonstrates the emerging threat of 3D firearms in the country. 

“The raid was part of an operation involving officers from the Met’s ‘Operation Viper’ team, who lead on developing firearms intelligence. This operation demonstrates how we continue to relentlessly target those who attempt to put lethal firearms on the streets of London,” commander Paul Brogden stated.

The discovery comes as some experts also warn of a growing threat. Matthew Perfect, head of the National Firearms Targeting Centre at the UK's National Crime Agency (NCA), says the latest 3D weapons are "stuff that you definitely, wouldn't want to see on the streets in the UK. These are automatic weapons. These are weapons that are capable of multiple rounds of discharge.” 

At present, the 3D printed components only form some of the parts needed to make a gun, at most 80 to 90% of the weapon, Mr. Perfect added. Key metal components such as the barrel typically have to be manufactured in more traditional ways. And the guns still require ammunition. 

John Maytham speaks to professor of criminology and public policy at the University of Brighton, Peter Squires, about the growth of 3D-printed firearms in the UK and the threat that they pose within the illicit firearm market. 

Rajan Basra, a senior research fellow at the International Centre for the Study of Radicalization at King's College London, says the situation in the UK impersonates a trend visible around Europe. While most violent extremists will prefer established weapons, printed guns are an alternative for those who can't obtain illicit firearms. 

“They're popping up all over Europe and police in the UK are intercepting them and burning them in London and Manchester. This is something that we thought was a slow-burn issue and that it would constitute a serious threat in years to come but suddenly they're turning up in real-world in both components and fully fabricated firearms,” Basra stated. 

Designing and owning homemade firearms, including 3D-printed guns, is banned in EU nations. In the UK, for example, the Home Office Guidelines of Firearm Licensing Law were updated in 2013 to specifically criminalize the manufacture, purchase, and sale of 3D-printed guns and gun parts. The first known conviction in the UK for producing a fireable 3D-printed gun came in 2018.
Read more »
Network Attacks
Certified WhiteHat Hacker Cyber Security Ethical Hacker Ethical Hackers News London Network Attacks

Demand for teen hackers rises


Shivam Subudhi is 15 and lives in London. Three years ago, he was so inspired by the movies he was watching that featured hackers, he coded a simple port scanner revealing network doors that might let a hacker enter uninvited. "I decided to put my skills into practice for the first time," Subudhi says, "by pentesting my school network and website." Penetration testing is also known as ethical hacking and involves probing networks, systems, and sites looking for security vulnerabilities that could be exploited by an attacker. It was this activity that, unsurprisingly, brought Subudhi to the attention of the deputy headteacher. That teacher was also an IT enthusiast and introduced the budding hacker to the Cyber Discovery program; a £20 million ($24 million) U.K. government-backed scheme to teach kids how to be cybersecurity superheroes. Could your kid be next?

Teenage hackers sought by government Cyber Discovery program

Back in 2017, the U.K. government issued a tender to run a £20m Cyber Schools Programme as part of the National Cyber Security Strategy 2016-2021 created to reduce the cyber skills gap by encouraging young people to pursue a career in the profession. The SANS Institute bid for this contract was successful, having run similar programs in the U.S. and able to demonstrate the success of using a "gamified" learning model.

"SANS is by far the largest and most trusted provider of cybersecurity training in the world," James Lyne, CTO at the SANS Institute says, "so we have a wealth of experience, training content and expert instructors." In the first year the Cyber Discovery program saw some 23,000 youngsters from the U.K. aged between 14 and 18 taking part in the initial assessment phase, and around 12,000 qualifying to participate in the primary learning phases, "CyberStart Game" and "CyberStart Essentials." The following year, 29,000 took part and 14,000 qualified. Registration for the third year of Cyber Discovery is now open and Lyne anticipates a significant increase in participation, not least as the entry age has now dropped to 13.
Read more »
Wikileaks
Julian Assange London United Kingdom United States Wikileaks

WikiLeaks‘ founder Assange arrested after seven years hide out inside Ecuador embassy







British police has finally arrested the WikiLeaks founder Julian Assange from the Ecuadorian embassy in London after Ecuador government withdrew asylum citing his bad behavior. 

The arrest has closed the seven year long dramatic stint which could end up in landing in a United States prison as he is facing  a hacking conspiracy charge.

According to an indictment Assange conspired with former Army intelligence analyst Chelsea Manning to steal, and publish classified documents. 

Soon after his arrest, Assange appeared before Westminster Magistrates’ Court, where District Judge Michael Snow found  him guilty for breaching his bail conditions, flatly rejecting his assertion that he had not had a fair hearing and a reasonable excuse for not appearing.

“Mr. Assange’s behavior is that of a narcissist who cannot get beyond his own selfish interests,” Snow said. “He hasn’t come close to establishing ‘reasonable excuse.’”

While, Assange waved to the public from the gallery as he was taken to the cells. His next appearance would be on May 2 via prison video-link for his extradition case.

Whereas his attorney, Jennifer Robinson, said he will fight any extradition to the U.S.

“This sets a dangerous precedent for all journalist and media organizations in Europe and around the world,” she said. “This precedent means that any journalist can be extradited for prosecution in the United States for having published truthful information about the United States.”

Read more »
Ransomeware
Anonymous Hackers cybercriminals Hotel London Lucknow Ransomeware

London hackers may be behind ransomware attack on Lucknow hotel

In a first-of-its-kind ransomware attack in Lucknow, cybercriminals breached and blocked the computer system of The Piccadily, a five-star hotel in the capital of Uttar Pradesh, and demanded a ransom to allow data access. Ransomware is a malware unleashed into the system by a hacker that blocks access to owners till ransom is paid.

The hotel management lodged an FIR with the cyber cell of police and also roped in private cyber detectives to probe the crime and suggest a remedy.

The hotel’s finance controller in Alambagh, Jitendra Kumar Singh, lodged an FIR on March 9, stating the staff at the hotel was unable to access the computer system on February 27 around 11:45 pm when they were updating monthly business data. This was followed by screen pop-ups which read — Oops, your important files are encrypted. The staff initially ignored the pop-ups and rebooted the system following which it crashed. Later, the hotel management engaged a software engineer to track down the malfunction after which it came to light the system has been hit by ransomware.

Nodal officer of the cyber cell deputy superintendent of police (DySP) Abhay Mishra said the case happens to be first of its kind of ransomware attack in the city. The demand for ransom in such cases are also made through ‘Bitcoin’, he said. “They are investigating into the matter, but are yet to make any breakthrough,” Singh told TOI. The staff initially ignored the pop-ups and rebooted the system following which it crashed.

The cyber cell of Lucknow police believes the ransomware attack could have been made from London. Sleuths of the cyber cell made these claims after authorities of the Piccadily said they had been getting frequent phone calls from London-based number after the attack.

Singh said, “We received for calls from the same number a day after the attack. The callers inquired about the ransomware attack and asked about the progress in the case. Later, they also agreed to offer assistance.”
Read more »
Subscribe to: Posts (Atom)