Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label NSW. Show all posts

NSW Cybercrime Squad Arrests Suspect in Million-Person Data Breach Case

 

In a significant development, the Cybercrime Squad in New South Wales (NSW) has made a crucial breakthrough in a case involving a mass data breach affecting approximately one million individuals. The arrest of a 46-year-old man from Fairfield West marks a pivotal moment in the investigation into this alarming cyber incident. The suspect was apprehended following a raid on a property in Fairfield West by Cybercrime Squad detectives, underscoring law enforcement's dedication to combating cyber threats and protecting individuals' privacy and security. 

The data breach, which has sent shockwaves across NSW, particularly among patrons of specific clubs, has raised serious concerns about the safety and integrity of personal information online. Individuals of "prominence" are among those affected by the breach, highlighting the far-reaching implications of such cyber incidents. The Cybercrime Squad, part of State Crime Command’s Serious Crime Directorate, has been at the forefront of the investigation, aiming to unravel the complexities surrounding the breach and identify any criminal activities associated with it. 

According to Detective Chief Superintendent Grant Taylor, the personal details compromised in the data breach were collected by certain NSW clubs as part of their membership or entry procedures. The breach has potentially exposed sensitive information, including portions of individuals' driver's license details or membership data. The Cybercrime Squad is diligently investigating the breach, delving into the circumstances surrounding its occurrence and pursuing those responsible for perpetrating this cybercrime. While the investigation is ongoing, it is crucial to acknowledge the broader implications of such data breaches and the risks they pose to individuals' privacy and security. 

The proliferation of cyber threats underscores the need for heightened vigilance and robust cybersecurity measures. With cybercriminals becoming increasingly sophisticated in their tactics, it is imperative for organizations and individuals alike to prioritize cybersecurity and adopt proactive strategies to safeguard sensitive information. The arrest made by the Cybercrime Squad serves as a stark reminder of the pervasive threat posed by cybercriminals and the importance of law enforcement agencies' proactive efforts in combatting cybercrime. 

The collaboration between law enforcement agencies and cybersecurity experts is essential in addressing the evolving landscape of cyber threats and ensuring the safety and security of individuals' digital identities. In response to the data breach, law enforcement authorities are working tirelessly to mitigate the impact on affected individuals and prevent further dissemination of compromised information. Efforts are underway to take down the website responsible for publishing the personal information and prevent unauthorized access to individuals' data. 

Additionally, law enforcement agencies are urging individuals to remain vigilant and exercise caution when sharing personal information online. The incident underscores the critical role of cybersecurity awareness and education in empowering individuals to protect themselves against cyber threats effectively. By staying informed about best practices for online security and adopting secure password practices, individuals can significantly reduce their risk of falling victim to cybercrime. 

As the investigation into the data breach continues, law enforcement agencies remain committed to holding accountable those responsible for compromising individuals' personal information. Through collaborative efforts and proactive cybersecurity measures, stakeholders can work together to strengthen defenses against cyber threats and safeguard the integrity of digital ecosystems.

Multiple Vulnerabilities Identified in NSW Digital Driver License

 

In Australia, the government of New South Wales launched digital driver's licenses in late 2019, claiming they were more secure than a physical license. Last month, security firm Dvuln released a report on the multiple security flaws that make forging a New South Wales digital driver’s license (DDL) easy. 

The researchers demonstrated multiple vulnerabilities in the digital license, now used by nearly 4 million people – more than half the state’s drivers. The company warned the flaws undermine trust in the government by creating the risk of identity fraud and fake licenses being used by thieves and teenagers. 

The primary issue with the DDLs is that the only thing guarding their encryption is a 4-digit PIN which Dvuln brute-force in minutes. Secondly, no verification process for the DDLs on users' devices takes place. 

Furthermore, the mobile device backups include a DDL's data, which allows threat actors to edit them without jailbreaking a phone. Going through the trouble of jailbreaking a device makes forgeries even easier. The way a DDL transmits a user's age is also vulnerable. 

Combined, these vulnerabilities pave an easier path for a scammer to pull a license off of a device, edit it, re-encrypt it, and pass it off as legitimate. It may even be easier than acquiring the materials to forge a physical license like the right plastic, foil, and printer. Dvuln doesn't suggest the government scrap the DDLs, but rather fix the security loopholes. 

A ServiceNSW spokesperson said exploits are “known” but insisted it does not pose a threat to customer data. “The blogger has manipulated their own Digital Driver Licence (DDL) information on their local device,” the spokesperson told a local media outlet. “No other customer data or data source has been compromised. It also does not pose any risk in regard to unauthorized access or changes to backend systems such as Drives [one of the central systems for motor vehicle registration and driver licensing in NSW].” 

“If the tampered license was scanned by police, the real time check used by NSW Police (scanning mobipol) would show the correct personal information as it calls on DRIVES. Upon scanning the license, it would be clear to law enforcement that it has been tampered with.” 

New South Wales isn't the first place where DDLs are being tested, nor the only place where they're accepted. The British government has been testing DDLs since 2016, and Secretary of State for Transport Grant Shapps said they may arrive before 2024. Last year, Apple Wallet introduced the service to Georgia and Arizona, with plans to expand to Connecticut, Iowa, Kentucky, Maryland, Oklahoma, and Utah.

New South Wales Labor Party Hit By Avaddon Threat Attackers Demand Ransom


On Wednesday afternoon New South Wales (NSW) police unit has disclosed an apparent ransomware attack on the New South Wales labor party. 

Global cybercriminals group has given a 10 days timeline to the labor party to pay a ransom or else the illicitly accessed credentials will be put into the public domain including driver’s licenses, images of passports, and employment contracts.

According to the data, the ransomware operational group named Avaddon, which emerged in Russia is found to be behind the recent breach. Additionally, for further information Sydney City Police Area Command, has already begun its inquiries against the attack. 

The Avaddon ransomware was originated in the middle of 2020 in an underground forum(where participants exchange information on abusive tactics and engage in the sale of illegal goods and services, which are a form of online social network (OSN). Research suggests that Avaddon has been linked to various malicious activities, including data compromise and leaked credentials of at least 23 organizations as of February this year. 

Further, a research university, Rey Juan Carlos in Spain has published a research paper in which it disclosed that the Avaddon ransomware uses distributed denial-of-service attacks against its victims that denied to pay the ransom. 

“NSW Labor, the company does not want to cooperate with us, so we give them 240 hours to communicate and cooperate with us. If this does not happen before the time counter expires, we will leak valuable company documents…” 

“…We have a large amount of data on contracts, a lot of confidential information, confidential contracts, driver’s licenses, passports, employment contracts, information about employees, resumes, and more,” Avaddon said in a post on its website. 

Prior to this cyberattack, Austrian high profile organizations have been targeted including the email systems of the Commonwealth and West Australian parliaments that were taken offline this year. Now, a major political party has become a victim of cyber threats; however, this is the first time when cyber attackers have tried to extort an Australian political party for their financial advantages. 

Josh Lemon, managing director of digital forensics and incident response at business advisory firm Ankura, said most of the screenshots contained keywords such as “sensitive” and “confidential”. 

“Although it’s a little bit abstract, as someone who isn’t the victim, it’s intended to provide proof to the actual victim,” Mr. Lemon added.