Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label UK Firm. Show all posts

Engineering Giant Arup Falls Victim to £20m Deepfake Video Scam

 

The 78-year-old London-based architecture and design company Arup has a lot of accolades. With more than 18,000 employees spread over 34 offices worldwide, its accomplishments include designing the renowned Sydney Opera House and Manchester's Etihad Stadium. Currently, it is engaged in building the La Sagrada Familia construction in Spain. It is now the most recent victim of a deepfake scam that has cost millions of dollars. 

Earlier this year, CNN Business reported that an employee at Arup's Hong Kong office was duped into a video chat with deepfakes of the company's CFO and other employees. After dismissing his initial reservations, the employee eventually sent $25.6 million (200 million Hong Kong dollars) to the scammers over 15 transactions.

He later realised he had been duped after checking with the design company's U.K. headquarters. The ordeal lasted a week, from when the employee was notified to when the company started looking into the matter. 

“We can confirm that fake voices and images were used,” a spokesperson at Arup told a local media outlet. “Our financial stability and business operations were not affected and none of our internal systems were compromised.” 

Seeing is no longer the same as believing 

The list of recent high-profile targets involving fake images, videos, or audio recordings intended to defame persons has risen with Arup's deepfake encounter. Fraudsters are targeting everyone in their path, whether it's well-known people like Drake and Taylor Swift, companies like the advertising agency WPP, or a regular school principal. An official at the cryptocurrency exchange Binance disclosed two years ago that fraudsters had created a "hologram" of him in order to get access to project teams. 

Because of how realistic the deepfakes appear, they have been successful in defrauding innocent victims. Deepfakes, such as the well-known one mimicking Pope Francis, can go viral and become difficult to manage disinformation when shared on the internet. The latter is particularly troubling since it has the potential to sway voters during a period when several countries are holding elections. 

Attempts to defraud businesses have increased dramatically, with everything from phishing schemes to WhatsApp voice cloning, Arup's chief information officer Rob Greig told Fortune. “This is an industry, business and social issue, and I hope our experience can help raise awareness of the increasing sophistication and evolving techniques of bad actors,” he stated. 

Deepfakes are getting more sophisticated, just like other tech tools. That means firms must stay up to date on the latest threat and novel ways to deal with them. Although deepfakes might appear incredibly realistic, there are ways to detect them. 

The most effective approach is to simply ask a person on a video conference to turn—if the camera struggles to get the whole of their profile or the face becomes deformed it's probably worth investigating. Sometimes asking someone to use a different light source or pick up a pencil can assist expose deepfakes.

Here's Why the World is Investing So Much in Semiconductors

 

Hannah Mullane, a BBC correspondent, recently visited Pragmatic Semiconductor, the UK's newest computer chip facility in Durham. Formerly a ceramic pipe factory, from the outside it looks like a large warehouse.

However, the large site is being turned into a sophisticated computer chip production hub. Pragmatic Semiconductor has already developed one production line, commonly known as a fabrication line or fab line. 

Enclosed within a spacious chamber, the manufacturing line is equipped with all the costly tools required to manufacture computer chips, and the air quality is constantly regulated to prevent any contamination while the manufacturing process is underway.

Pragmatic has the funds to create another such production line, and investment of £182 ($230 million) announced late this year will go into production lines 3 and 4. 

In addition to private investors, Pragmatic secured funding from British Patient Capital, a division of British Business Bank, and the government-backed UK Infrastructure Bank. However, the Cambridge-based firm will require a lot more funding to wrap up the eight production lines it has planned to install in the old pipe plant. 

From phones and computers to cars and washing machines, practically every product with an on/off switch is dependent on the production of computer chips, also known as semiconductors.

It is an industry that has experienced significant turmoil in recent years. During the pandemic, supply lines were disrupted, and geopolitical tensions arose in Asia, which manufactures 90% of the world's most advanced chips. 

David Moore, CEO of Pragmatic Semiconductor, the largest semiconductor maker in the UK, believes the industry will require a variety of semiconductors to handle "different kinds of problems" in the chip industry. 

Most semiconductors are composed of silicon, but his company uses an alternate process. Rather than sitting on a silicon wafer, Pragmatic's chips are built from a flexible thin sheet. This approach develops chips that are less expensive and faster to manufacture than traditional silicon chips.

"If you take a standard silicon manufacturing facility, it's going to take multiple years and billions of dollars to make," Mr Moore said. "Our fabrication plant can be 10 to 100 times cheaper depending on what you compare it with. In silicon, it will take three to six months to go from the start of the process all the way to a finished wafer product. For us, we can do that in less than 48 hours.” 

But it is no panacea. The most sophisticated silicon-based computer chips will still be required to run phones, computers, and other cutting-edge technology, even though flexible chips can be manufactured more quickly and at a lower cost.

A significant shortage of such chips in 2021, illustrated how reliant the global industry is on a few key suppliers. For example, 90% of the most advanced semiconductors manufactured worldwide are produced by Taiwan Semiconductor Manufacturing Company (TSMC). 

To reduce that dependency, governments are investing enormous sums to develop more robust local semiconductor sectors. In August 2022, the US government signed the US Chips Act, which pledged $52 billion (£41 billion) to increase domestic computer chip production. 

The European Union has its own initiative of €43 billion (£37 billion). On a smaller scale, the UK has agreed to invest £1 billion in the sector. Analysts believe that large chip manufacturers are responding to such government incentives. 

Following the US Chips Act, approximately 500 firms sought the US government for project financing, according to Hannah Dohmen, a research analyst at Georgetown's Centre for Security and Emerging Technology in Washington. 

Plants are planned for New York, Arizona, Texas, Ohio, and Idaho, she says. Other projects are also being planned outside of the United States and Europe.

"We're also seeing India attempt to enter the chip manufacturing space. A country that has a strong history in chip design but will be starting from scratch in manufacturing," Ms Dohmen added. "India is looking to be a big player in space, and with intensifying competition with China. This has prompted the US and other allied countries to strengthen tech cooperation with India.”

It all seems extremely promising, but establishing computer chip plants is not straightforward. TSMC's plans to develop advanced semiconductors in Arizona have stalled, with the company blaming a dearth of experienced labour. Security experts are also concerned that the rush to develop plants in Europe and the United States would simply replicate what already exists in Asia.

Criminal Records Service Still Not Working Four Weeks After Cyber Attack

 

Nearly a month after a cyberattack, the organisation in the UK responsible for managing criminal records is still experiencing difficulties. 

The Acro Criminal Records Office prepares certificates for those looking to work with children or obtain emigration visas in addition to providing records to the police and exchanging them abroad. 

On March 21, after the intrusion was discovered, it took both its website and application portal down. Although more staff has been hired to handle email applications, delays still exist. 

Although there was no "conclusive evidence" that personal information had been compromised, the probe remained "ongoing". 

"Pretty annoying" 

Customers reported experiencing lengthy waits on Twitter, and many turned to the Acro Twitter account in the hopes of acquiring their certificates. 

John Gilday, who lives in Scotland, told BBC News that after three weeks of waiting, he had finally received his, allowing him to apply for a visa to work in Brazil. His friend, however, had received him considerably sooner. 

But Leicester resident Rahim Abdel-illah, who requested that his last name not be used, told BBC News that he was still awaiting his certificate so he could get married in Morocco. He had no clue how long it would take because he was no longer able to check the status of his application. 

"It's pretty frustrating and annoying that the police are taking so long to recover from a cyber-attack," he stated. 

Previous attacks

A ransomware assault in January caused Royal Mail services to be disrupted and delayed for weeks. Hackers purportedly based in Russia demanded roughly $70 million (£56 million) to restore computer services, but Royal Mail refused. 

Another large corporation, Capita, was the target of a rumoured ransomware attack on March 31 by a different group with ties to Russian cybercriminal networks. 

Numerous contracts for public services are held by Capita, including those for: 

  • the smart metre national telecommunications network 
  • the certification programme for gas 

"We continue to work closely with specialist advisers and forensic experts in investigating the incident. We are in constant contact with all relevant regulators and authorities. Our investigations have not yet been able to confirm any evidence of customer, supplier or colleague data having been compromised. Once our investigations have concluded, we will if necessary inform any impacted parties," a capita official stated. 

"We have taken all appropriate steps to ensure the robustness of our systems and are confident in our ability to meet our service-delivery commitments." 

Although Capita claims that the majority of client services are still available, the company has not posted an update to its website since 3 April. 

Lockbit 3.0 Ransomware Targets UK-Based Kingfisher Insurance

 

Earlier this week, UK insurer Kingfisher Insurance's name appeared on the LockBit ransomware gang’s leak site alongside claims of 1.4TB of the firm`s data having been siphoned, including private data of staff and users. 

The malicious gang set a deadline of 28 November to fulfill its demands and in case the firm fails to adhere to their demand, it will be releasing the siphoned data to the public. Kingfisher appears alongside six other firms the gang claims to have hacked this month. 

The company acknowledged the attack on its IT systems however they have denied the size of the data breached. 

According to LockBit, the siphoned data includes private data of staff and customers as well as contacts and corporate mail archives belonging to Kingfisher. The hackers published multiple email addresses linked to Kingfisher Insurance staff, as well as passwords to several management system accounts, such as Workday and Access on their site. 

According to the Kingfisher’s representative, the company blocked all external access and exploited servers were brought offline as soon as the cyberattack became known. Kingfisher owns multiple high-profile UK insurance brands, such as Classic Insurance Services, ClubCare Insurance, Cork Bays & Fisher, and First Insurance. 

LockBit 3.0 flexing its muscles 

According to research from security vendor CyberInternational, LockBit is the most active ransomware gang in the third quarter of 2022, launching 37% of the ransomware attacks, a surge of 5% since the previous quarter. Since its emergence in 2019, LockBit has continued to operate as a ransomware-as-a-service (RaaS) by recruiting hackers to infiltrate networks and encrypt devices. 

Earlier this year in, the gang targeted global private and public sectors including the Italian tax offices, the cybersecurity firm Mandiant and NHS supplier Advanced. The latter attack led to disruptions to the NHS’s 111 service. 

In the same month, LockBit received a taste of its own medicine when anonymous hackers launched a DDoS attack on its dark web server containing leaks from companies the gang has ransomed. At the time of the attack, LockBit was receiving “400 requests a second from over 1,000 servers”.

Consumers Warned of Rising Delivery Text Scams

 

Consumers are being advised to be wary of delivery scam texts while purchasing online for Christmas and Boxing Day sales. 

New research from cybersecurity firm Proofpoint shows that delivery 'smishing' scams are on the rise during the busiest shopping season of the year, according to UK Finance. So far in Q4, more than half (55.94%) of all reported smishing text messages impersonated parcel and package delivery firms. In Q4 2020, only 16.37 percent of smishing efforts were made. 

In comparison to Q4 2020, Proofpoint saw a considerable decrease in different types of smishing frauds in Q4 2021. Text scams mimicking financial institutions and banks, for example, accounted for 11.73 percent of all smishing attacks in 2021, compared to 44.57 percent in 2020. 

The information comes from Proofpoint's operation of the NCSC's 7726 text message system. Customers can use this method to report suspicious texts. 

Delivery smishing scams typically begin with a fraudster sending a bogus text message to the recipient alerting them that the courier was unable to make a delivery and demanding a charge or other information to rearrange. The consumer will be directed to a fake package delivery company's website, where they will be asked to provide personal and financial information. 

Following the significant development in online shopping during COVID-19, this form of scam has become increasingly common. Over two-thirds (67.4%) of all UK texts were reported as spam to the NCSC's 7726 text messaging system in the 30 days to mid-July 2021, according to Proofpoint. 

Which? revealed a very clever smishing fraud involving an extremely convincing DPD fake website in a recent investigation. 

Katy Worobec, managing director of economic crime at UK Finance, commented: “Scrooge-like criminals are using the festive season to try to trick people out of their cash. Whether you’re shopping online or waiting for deliveries over the festive period, it’s important to be on the lookout for scams. Don’t let fraudsters steal your Christmas – always follow the advice of the Take Five to Stop Fraud campaign and stop and think before parting with your information or money.” 

Steve Bradford, senior vice president EMEA at SailPoint, stated: “The sharp rise in text message scams – or smishing, which has increased tenfold compared to last year, should be a stark warning to the public. With parcel delivery scam texts expected to spike this Christmas, it’s clear cyber-criminals are using every opportunity available to target victims using new methods. This comes as more businesses use SMS to engage with customers, to accommodate the digital-first mindset that now characterizes many consumers. But this also opens the doors to threat actors able to masquerade as popular websites or customer service support."

“Consumers must be extra vigilant and refrain from clicking any links in text messages that they’re unsure about. It’s also crucial they are keeping their data, identities, and banking information safe – for example, by not taking pictures of their credit card and financial information, since photos often get stored in the cloud, which risks potential exposure to malicious actors.”

Sainsbury's Payroll Provider Targeted in a Cyber Attack

 

Sainsbury’s payroll system provider, US-based Kronos, has been hit by a cyber-attack, impacting nearly 150,000 employees.

The Mirror reported that Kronos was targeted on Saturday last week, which caused the supermarket to lose a week’s worth of data. However, despite the data loss, Sainsbury has promised that its 150,000 employees would be paid before Christmas. 

Sainsbury's is among leading firms in the UK and US and relies on Kronos to log, store and process the 'hours' employees have worked on their systems to calculate their monthly payments. Following the cyber-attack, multiple departments involved in payroll including payroll, human resources (HR), and accounting are now using historical data to ensure workers are paid the correct amount, including the overtime that is common during the festive season. 

A Sainsbury's spokeswoman said: "We're in close contact with Kronos while they investigate a systems issue. In the meantime, we have contingencies in place to make sure our colleagues continue to receive their pay." 

Kronos, run by the Ultimate Kronos Group (UKG) company, from Massachusetts, supplies a range of cloud payroll services, including an automated payment system used by firms around the globe. The payroll provider has announced that some of its services will be offline for weeks following the ransomware attack. 

The sector which is severely affected by the UKG ransomware attack within public finance is healthcare, where Kronos’ payroll and workforce solutions systems have been popular. The ransomware attack should not affect clinical outcomes or add meaningful costs, except for some added expenses activating contingencies to track hours and pay employees.

According to CNN, many sectors have shifted to paper checks, while others are still finding ways to access their payroll systems. In most cases, however, the offline Kronos timesheet system is still working and firms can keep using it for the time being.

“Data is no longer a commodity, it’s a currency — as this incident represents. Information within an organization’s network is valuable to both businesses and attackers. With a majority of the world’s data residing in the cloud, it is imperative that organizations become cloud-native when thinking about data protection,” Amit Shaked, Co-Founder & CEO of Laminar, stated.