Cybercrime

Drone technology smuggling: Russian man charged in US

A Russian national has been arrested in Florida on charges of illegally exporting drone-related technology to Russia. Authorities allege that 44-year-old Denis Postovoy, residing in Sarasota, smuggled microelectronic components with military applications to Russia following the 2022 invasion of Ukraine.

Postovoy is accused of violating US law by shipping technology that could enhance Russia’s military capabilities in the conflict. The Department of Justice stated that the exported components are used in drones and have dual-use potential for military purposes.

To conceal his activities, Postovoy allegedly worked through a network of companies in Russia and Hong Kong. He is said to have purchased the components from US distributors and sent them to intermediary locations before reaching Russia.

While the Russian embassy has acknowledged Postovoy’s detention, it noted no official communication from US law enforcement regarding the arrest has been received.

US CISA urges to address vulnerable Ivanti appliance

The Cybersecurity and Infrastructure Security Agency (CISA) have urged federal agencies to either remove or upgrade an outdated Ivanti appliance that has been exploited in recent attacks.

Ivanti updated its advisory, warning that a ‘limited number of customers’ had been breached due to the vulnerability CVE-2024-8190, which was disclosed earlier in the week. The flaw affects Ivanti’s Cloud Service Appliance (CSA), a tool used for secure internet communication and managing devices connected to central consoles. Exploitation of this bug, which the CISA confirmed, allows hackers to gain access to the affected device.

CISA has mandated that all federal civilian agencies remove the appliance or upgrade to version 5.0 by October 4. Ivanti advised customers to check for any new or modified administrative users, which could indicate exploitation of the bug, and to monitor security alerts with specific tools.

This advisory came just one day after another Ivanti vulnerability raised concerns. The company, which faced significant scrutiny after a series of high-profile nation-state attacks exploited its products earlier this year, has committed to a security overhaul.

Senators call for action to tackle Bitcoin ATM scams

A group of US Senate Democrats has called on the nation’s largest Bitcoin ATM operators to step up efforts in preventing fraud targeting elderly Americans. The Senators, led by Senate Judiciary Committee Chair Dick Durbin, addressed the growing number of scams using Bitcoin ATMs, urging companies to take immediate action to protect vulnerable populations.

Data from the Federal Trade Commission reveals that in the first half of this year alone, Bitcoin ATM-linked fraud amounted to $65 million. Older adults, particularly those aged 60 and over, were disproportionately affected, being three times more likely to report financial losses than younger users. Senators, including Elizabeth Warren, pointed to recent reports showing scammers coercing elderly individuals into sending funds through Bitcoin ATMs.

The Senators have asked major Bitcoin ATM firms to respond by early October, detailing their measures to combat fraud. This comes amid broader concerns over the rise in crypto scams, with the FBI reporting a significant increase in overall crypto-related fraud this year.

Meta bans Russian state media over covert online operations

Meta, the parent company of Facebook, has banned several Russian state media outlets, including RT (Russia Today) and Rossiya Segodnya, from its platforms due to their involvement in covert online influence operations. The censorship decision significantly escalates Meta’s actions against Russian media, as it previously restricted their activities by limiting ad access and post visibility. Meta explained that after reviewing ongoing foreign interference by these outlets, it expanded its enforcement to ban them from all its apps, which include Instagram, WhatsApp, and Threads. The company expects the ban to take full effect in the coming days.

The decision follows recent charges by US authorities against two RT employees accused of money laundering in connection with efforts to influence the 2024 US elections. US Secretary of State Antony Blinken has urged countries to treat RT’s activities as covert intelligence operations rather than legitimate journalism. Despite these developments, RT has criticised the US government’s actions, accusing them of stifling the media outlet’s ability to function as a journalistic organisation.

Meta also shared that Russian state media outlets have attempted to conceal their online activities before, and it anticipates further attempts to evade the newly imposed restrictions. The Russian embassy and the White House have yet to comment on Meta’s decision.

Telegram’s Pavel Durov faces criminal probe in France under LOPMI law

France has taken a bold legal step with its new law, targeting tech executives whose platforms enable illegal activities. The pioneering legislation, enacted in January 2023, puts France at the forefront of efforts to curb cybercrime. The law allows for criminal charges against tech leaders, like Telegram CEO Pavel Durov, for complicity in crimes committed through their platforms. Durov is under formal investigation in France, facing potential charges that could carry a 10-year prison sentence and a €500,000 fine. He denies Telegram’s role in facilitating illegal transactions, stating the platform complies with the EU regulations.

The so-called LOPMI (Loi d’Orientation et de Programmation du Ministère de l’Intérieur) 2023-22 law, unique in its scope, is yet to be tested in court, making France the first country to target tech executives in this way directly. Legal experts point out that no similar laws exist in the US or elsewhere in the Western world.

What is LOPMI?

The LOPMI law for the Ministry of the Interior outlines a €15 billion plan over five years to address future security challenges by enhancing human, legal, and budgetary resources. It aims to modernise operations through digital transformation, with nearly half the budget dedicated to digitising services, modernising investigative tools, and improving cybercrime response. The law plans to create 8,500 new jobs, improve recruitment diversity, and double police and gendarme presence by 2030. It emphasises crisis management, especially for civil security and climate events, and strengthens public order for major international events like the 2024 Olympics. Additionally, it aims to improve border security through advanced technology and cooperation.

While the US has prosecuted individuals like Ross Ulbricht, founder of the Silk Road marketplace, those cases required proof of active involvement in criminal activity. However, French law seeks to hold platform operators accountable for illegal actions facilitated through their sites, even if they were not directly involved.

Prosecutors in Paris, led by Laure Beccuau, have praised the law as a powerful tool in their fight against organised cybercrime, including child exploitation, credit card trafficking, and denial-of-service attacks. The recent high-profile arrest of Durov and the shutdown of other criminal platforms like Coco highlight France’s aggressive stance in combating online crime. The J3 cybercrime unit overseeing Durov’s case has been involved in other relevant investigations, including the notorious case of Dominique Pelicot, who used the anonymous chat forum Coco to orchestrate heinous crimes.

While the law gives French authorities unprecedented power, legal and academic experts caution that its untested nature could lead to challenges in court. Nonetheless, France’s new cybercrime law seriously escalates the global battle against online criminal activity.

Illegal gun parts from China seized by US authorities

US authorities have taken down over 350 websites selling gun silencers and parts from China used to convert semiautomatic pistols into fully automatic machine guns. The move follows an investigation that started in August 2023, targeting illegal sales of these dangerous devices.

Undercover operations revealed shipments from China, falsely labelled as items such as ‘necklaces’ or ‘toys’. Instead, these packages contained machine gun conversion devices, known as ‘switches’, and ‘silencers’, both banned under the National Firearms Act. Some websites even sold counterfeit goods, misusing the trademark of gun manufacturer Glock Inc.

Acting US Attorney Joshua Levy emphasised the importance of seizing these websites to halt the influx of illegal and dangerous contraband. Law enforcement has so far seized over 700 machine gun conversion devices, 87 illegal suppressors, 59 handguns, and 46 long guns.

Officials highlighted the growing problem of such devices being easily accessible, posing a serious threat to public safety. The seizures are part of a broader effort to tackle the illegal gun parts trade and protect communities.

Surge in cyberattacks targets US utilities

Cyberattacks targeting US utilities surged nearly 70% this year, according to data from Check Point Research. The energy sector is particularly vulnerable, with outdated software systems making utilities easier targets. Despite the spike in incidents, none of the attacks have yet caused severe damage, but experts warn that a coordinated effort could be disastrous, affecting essential services and resulting in major financial losses.

Check Point data showed an average of 1,162 cyberattacks through August, compared to 689 in 2023. These figures highlight the increasing risks as the US power grid rapidly expands to meet higher energy demand, particularly from new sectors such as AI data centres. Experts say the grid’s rapid growth creates more potential entry points for attackers.

Outdated Internet of Things (IoT) and Incident Command Systems (ICS) used by many utilities are not as secure as other industries’ advanced software, putting critical infrastructure at heightened risk. Regulations like NERC’s Critical Infrastructure Protection provide only a basic level of security, which some experts argue is insufficient given the growing threats.

The financial impact of cyber breaches in the energy sector has been significant. In 2022, IBM reported the average cost of a data breach in the sector reached $4.72 million. With the 2024 US election approaching, cybersecurity experts expect an even greater surge in cyberattacks on essential infrastructure.

Cyber threats soar: BT identifies 2,000 attacks per second

BT has reported detecting 2,000 potential cyberattacks on its network every second. The rise is attributed to criminals deploying disposable ‘bots’ to bypass existing security measures.

In July, digital surveillance activity by hackers using malicious scanning bots surged by 1,200% compared to the previous year. The telecom giant revealed that these attacks are targeting a wide range of sectors, including retail, education, hospitality, defence, and financial services.

Tris Morgan, BT’s managing director of security, stated that hackers are probing connected devices every 90 seconds in their attempts to breach systems. However, this reflects a significant escalation in cyber threats.

At its Secure Tomorrow cybersecurity event, BT showcased its advanced quantum secure communications and AI-driven cyber defence technologies.

DoT and TRAI to enhance telecom services with new measures

The Department of Telecommunications (DoT) and the Telecom Regulatory Authority of India (TRAI) are taking significant steps to enhance the security and quality of telecom services. To combat spam and cyber fraud, TRAI has implemented measures to disconnect and blacklist entities involved in bulk spam operations, resulting in the removal of over 3.5 lakh spam numbers and the blacklisting of 50 entities.

Additionally, the DoT’s Sanchar Saathi platform allows citizens of India to report suspicious activity, leading to the disconnection of over one crore fraudulent connections and the blocking of 2.27 lakh handsets involved in cybercrime. Concurrently, TRAI has updated its Quality of Service (QoS) regulations to enforce stricter benchmarks for network performance metrics such as call drop rates, packet drop rates, and latency. Effective 1 October 2024, these regulations will introduce monthly monitoring from April 2025, enhancing oversight and accountability to improve network quality.

DoT and TRAI are also implementing proactive measures to tackle the issue of unregistered telemarketers. For that, TRAI is considering immediate service suspensions for telemarketers not registered, based on a predefined threshold of complaints, and is working on proactive detection of suspected spammers.

These initiatives are part of a broader strategy to create a more secure and user-friendly telecom environment. Through these collaborative efforts, the DoT and TRAI ensure ongoing enhancements in telecom services, infrastructure, and quality assurance, aiming to provide users with a more reliable and customer-centric experience.

Data centres now deemed critical national infrastructure in the UK

Great Britain has recently designated its data centres as critical national infrastructure,’ a move designed to bolster their protection against cyber threats. This new classification aligns data centres with other essential services, such as water and energy, highlighting their importance in maintaining the country’s communications and economy.

The announcement comes amidst significant investment in the sector. This includes a £3.75 billion plan by DC01UK to build Europe’s largest data centre in Hertfordshire and an £8 billion commitment by Amazon Web Services for UK operations over the next five years. These investments underscore the increasing importance of securing digital infrastructure.

UK technology minister Peter Kyle emphasised that the new designation would improve collaboration between the government and data centre operators. This collaboration aims to prevent disruptions and protect against cybercriminals. This move follows recent incidents such as the CrowdStrike outage in July, which revealed vulnerabilities in digital infrastructure and underscored the need for increased security.