Updates

Cybercrime

2018

Cloud environment of Tesla, the carmaker, was exploited by an attacker to mine cryptocurrencies, RedLock security firm reports in its study “Cloud Security Intelligence (CSI)”. The unsecured Kubernetes console - an open source system used for operation of application containers, virtualised software and cloud-based services - exposed access credentials to Tesla’s Amazon Web Service (AWS) cloud environment, which allowed attackers to inject cryptocurrency mining scripts as well as to reach out to sensitive data such as vehicle telemetry. The study suggests that the unauthorized use of computing power to mine cryptocurrency - known as cryptojacking - is becoming an increasing threat for cloud environments, such as those of Amazon, Microsoft and Google.

Cyber criminals likely to benefit from GDPR provisionsCriminals are switching to more refined and strategically targeted attacks; in particular, ransomware, cryptocurrency mining and business email compromises are on the rise, Trend Micro reports. The company warns that criminals could benefit from some provisions of the European Union’s General Data Protection Regulation (GDPR) which provides high fines - up to €20 million or 4% of global turnover - for institutions that fail to secure the personal data of their users. This may give a clear guide to criminals that manage to penetrate into systems and steal personal data on what ransome their targets might be willing to pay to hide the breach and avoid higher penalties and reputational damage.

India and Russia have agreed to broaden their practical co-operation on cybersecurity, including the exchange of technological information and combating the use of ICT for cybercrime and terrorism. The Indian Prime Minister’s National Security Advisor, Ajit Doval, and the Deputy Secretary of the Russian Security Council, Oleg Khramov, emphasised the importance of adopting regulations, norms and principles of a responsible conduct by countries in cyberspace under the auspices of the UN, and called for keeping up the work of the United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE) in this regard.

Kaspersky Lab has published a 2017 spam and phishing report. According to the report, the share of spam in e-mail traffic is down to 56.63%, having decreased by 1.68%  since 2016. The US remains the biggest source of spam (13.21%) followed by China (11.25%). However, the anti-phishing systems have identified an increase of nearly 58% of phishing attempts. The report informs a significant increase of scam pages migrating to HTTPS making it harder for users to reveal fraud.

In More children becoming victims of 'brutal' online sex abuseKieran Guilbert of the Thomson Reuters Foundation writes that 'The global spread of cheap, high-speed internet and the rise in mobile phone ownership is fuelling the growth of cybersex trafficking, which has become a “brutal form of modern-day slavery”', citing a report by Britain-led WeProtect. According to UNICEF, some 1.8 million children are brought into sex traffic each year. The WePROTECT Global Threat Assessment 2018 – Working together to end the sexual exploitation of children online concludes that 'Technology is enabling offender communities to attain unprecedented levels of organisation, creating new and persistent threats'.

A Worldwide Threat Assessment of the US Intelligence Community, presented by Daniel R. Coats, director of National Intelligence, sees cyber-threats among top global threats in 2018. The assessment warns of the risks of insecure devices being part of the Internet of Things, as well as the availability of criminal malicious tools. The assessment focuses on the increasing number of cyber-attacks by various actors ‘in a crisis short of war’, such as data deletion and disruptions of critical infrastructure. It estimates that over 30 countries have capabilities for conducting cyber-attacks, though no details are provided; in particular, it identifies Russia and North Korea as most likely conducting disruptive cyber operations against their neighbours and the US, and China and Iran conducting cyber espionage operations against their neighbours as well as the US government and industry. In addition, the assessment foresees the continued use of cyber tools by terrorist groups to organise and coordinate, recruit and spread propaganda, raise funds, and collect intelligence.

Pages

 

The GIP Digital Watch observatory is provided by

 

 

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top