Spain’s High Court has reignited an investigation into the use of NSO Group’s Pegasus software to spy on Prime Minister Pedro Sanchez and other Spanish politicians. The legal move comes after a previous probe was shelved due to a lack of cooperation from Israeli authorities. Investigators plan to collaborate with France, where similar surveillance targeted politicians and public figures.
The investigation aims to uncover the perpetrators behind the spying activities, which triggered a political crisis in Spain in 2022 and resulted in the resignation of the country’s spy chief. However, no individuals or groups have been formally accused yet. The Spanish government has not disclosed whether foreign or domestic entities are suspected of orchestrating the espionage.
Judge Jose Luis Calama decided to reopen the case following revelations from France regarding the use of Pegasus software to surveil journalists, lawyers, and government officials. French President Emmanuel Macron even changed his mobile phone and number due to security concerns arising from the Pegasus spyware case. Calama emphasised the importance of analysing technical data from both countries’ investigations to identify the culprits behind the cyber attacks.
The judge has ordered expert analysis to compare technical elements gathered by Spanish and French authorities, expecting closer collaboration once this analysis is complete. Calama envisions joint efforts between French and Spanish judicial authorities to determine the origin of the Pegasus spy program’s infiltration in both countries. This renewed investigation signals a concerted effort to address concerns surrounding digital surveillance and protect the privacy of politicians and citizens alike.
South Korean police disclosed that major North Korean hacking groups have been relentlessly conducting cyber assaults on South Korean defence firms for over a year. These attacks have resulted in breaches of internal networks and the theft of crucial technical data. Identified groups include Lazarus, Kimsuky, and Andariel, all linked to North Korea’s intelligence apparatus.
Hackers successfully infiltrated networks using various methods, such as planting malicious codes directly into defence companies’ systems or through their contractors. Police, collaborating with national spy agencies and private sector experts, tracked these attacks. They used indicators such as source IP addresses, signal rerouting architecture, and malware signatures to identify the perpetrators.
One notable case, dating back to November 2022, saw hackers inserting a code into a company’s public network. This code later infected the intranet during a temporary disengagement of the internal security system for a network test. Exploiting security oversights, hackers gained entry through subcontractors’ accounts, who used identical passcodes for personal and official email accounts, extracting confidential technical data.
Although the police did not disclose the affected companies or the specifics of the data breaches, South Korea has become a significant global defence exporter. In recent years, lucrative contracts for items such as mechanised howitzers, tanks, and fighter jets have been valued at billions of dollars. This latest revelation underscores the persistent threat posed by North Korean cyber operations, which extend beyond national borders and target critical industries worldwide.
Capita, a British outsourcing company, has issued a warning that it expects to incur a financial impact of £15 million to £20 million following a cyberattack on its systems earlier this year.
The company, known for providing business support services to both government entities and private companies, stated that the cyber incident had resulted in the compromise of data from less than 0.1% of its server estate. Capita assured that it is taking necessary measures to recover and secure its systems. It emphasised its close collaboration with regulatory authorities, customers, suppliers, and employees to address the incident, notify affected parties, and implement any remaining essential steps.
Western Digital, a technology company, has notified its customers after the March 2023 data breach and confirmed that the customer data was stolen.
In a press release, the company mentioned it worked with external forensic experts and determined that the hackers obtained a copy of a database which contained limited personal information of online store customers. The exact number of affected customers has not been disclosed. The company has notified affected customers and advised them to remain vigilant against potential phishing attempts.
The March data breach had previously been reported in early April when the company disclosed it has suffered a cyberattack. TechCrunch reported that an ‘unnamed’ hacking group breached Western Digital, claiming to have stolen ten terabytes of data.
The hackers subsequently published some of the stolen data and threatened to release more if their demands were not met. Western Digital has restored the majority of its impacted systems and services and continues to investigate the incident.
The World Economic Forum and the Council on the Connected World published the State of the Connected World 2023 report exploring governance gaps related to the internet of things (IoT). The report outlines the findings of a survey conducted with 271 experts worldwide to understand the state of IoT affairs. The COVID-19 pandemic has increased IoT demand in health, manufacturing, and consumer IoT. However, there is a lack of confidence when it comes to matters such as privacy and security.
Two main governance gaps are identified: (1) a lack of governmental regulation and implementation of industry standards and (2) IoT users are more susceptible to cyber threats and cyberattacks.
One recommendation is for businesses and governments to develop and implement practices to improve privacy and security and create a more inclusive and accessible IoT ecosystem. The need to improve equal access to technology and its benefits is also underscored.
The third edition of Cyber Signals, a yearly report which highlights security trends and insights from Microsoft’s 8,500 security experts and 43 trillion daily security signals, was recently launched. In this edition, experts present new information on broader threats to critical infrastructure posed by converging information technologies, the Internet of Things (IoT), and operational technology (OT) systems.
Unpatched, high-security vulnerabilities identified in 75% of the most common industrial controllers in customer OT networks.
Over one million connected devices publicly visible on the internet running Boa, an outdated and unsupported software widely used in IoT devices and software development kits.
An 78% increase in disclosures of high-severity vulnerabilities from 2020 to 2022 in industrial control equipment produced by popular vendors.
The US National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE) published a draft practice guide for trusted internet of things (IoT) onboarding and lifecycle management. This guide demonstrates how organisations can protect their IoT devices and networks. It details standards, practices, and technology to demonstrate mechanisms for trusted network-layer onboarding of IoT devices. The guide also shows how to provide network credentials to IoT devices in a trusted manner and maintain a secure posture throughout the device lifecycle.
The third ministerial meeting of the EU-US Trade and Technology Council (TTC) was held on 5 December 2022 in Washington, DC, USA. During the meeting, the two parties:
Reiterated the importance of cooperating on trust and security in the ICT ecosystem and noted that the TTC Working Group on ICTS security and competitiveness plans to discuss transatlantic subsea cables’ connectivity and security, including alternative routes, such as the transatlantic route to connect Europe, North America and Asia.
Announced plans to launch a pilot project to assess the use of privacy-enhancing technologies and synthetic data in health and medicine.
Announced plans to establish an expert task force to strengthen research and development cooperation on quantum information science, develop common frameworks for assessing technology readiness, discuss intellectual property, and export control-related issues as appropriate, and work together to advance international standards.
Announced progress on increasing standards cooperation, for instance through the Strategic Standards Information mechanism meant to enable the EU and the USA to share information about international standardisation activities and react to common strategic issues.
Announced that the US Department of Commerce and the European Commission are entering into an administrative arrangement to implement an early warning mechanism to address and mitigate semiconductor supply chain disruptions in a cooperative way.
Stressed the importance of eliminating the use of arbitrary and unlawful surveillance to target human rights defenders, and expressed concerns over government-imposed internet shutdowns.
Announced plans to enhance transatlantic trade, for instance through developing joint best practices for the use of digital tools to simplify or reduce the cost of commercial actors’ interactions with the governments in relation to trade-related policy, legal requirements, or regulatory requirements.
Announced the launch of a Talent for Growth Task Force to facilitate exchanges of experiences on training and capacity building and serve as a catalyst for innovative skills policies.
