Category Archives: England

Massive international cyber attack hits computers across Europe, Asia and Russia

London: A huge cyber attack struck computers across Europe and Asia on Friday, crippling health services and closing emergency rooms in Britain.

The attack involved ransomware, a kind of malware that encrypts data and locks out the user. According to security experts, it exploited a vulnerability that was discovered and developed by the National Security Agency (NSA) in the US.

The hacking tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen NSA hacking tools online since the beginning of last year. Microsoft rolled out a patch for the vulnerability last March, but hackers took advantage of the fact that vulnerable targets – particularly hospitals – had yet to update their systems.

The malware was circulated by email; targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets.

Employees of Britain’s National Health Service (NHS) were warned about the ransomware threat early on Friday, but by then it was too late.

As the disruptions rippled through hospitals, doctors’ offices and ambulance services across Britain, the NHS declared the attack a “major incident” and patients were asked to only seek assistance for serious medical emergencies.

Hospitals and telecommunications companies across Europe, Russia and Asia were affected, according to MalwareHunterTeam, a security firm that tracks ransomware attacks.

Spain’s Telefonica and Russia’s MegaFon were among the telecommunications targets.

Attacks were being reported in Britain and 11 other countries, including Turkey, Vietnam, the Philippines, Japan, with the majority of affected computers in Russia. The computers all appeared to be hit with the same ransomware, and similar ransom messages demanding about $US300 to unlock their data.

The attack on the NHS seemed perhaps the most audacious of the attacks, because it had life-or-death implications for hospitals and ambulance services.

Tom Donnelly, a spokesman for NHS Digital, the arm of the health service that handles cybersecurity, said in a phone interview that 16 organisations, including “hospitals and other kinds of clinician services,” had been hit. Officials later updated that number to at least 25.

Hospitals and doctors’ surgeries were forced to turn away patients and cancel appointments as the attack crippled computer systems.

The Spanish government said a large number of companies, including telecommunications giant Telefonica, had been infected. Portugal Telecom was also hit but no services were impacted, a spokeswoman for the company said.

“Seeing a large telco like Telefonica get hit is going to get everybody worried. Now ransomware is affecting larger companies with more sophisticated security operations,” Chris Wysopal, chief technology officer with cyber security firm Veracode, said.

In Spain, some big firms took pre-emptive steps to thwart ransomware attacks following a warning from the National Cryptology Centre of “a massive ransomware attack.” It said hackers used a version of a virus known as WannaCry that targets Microsoft Corp’s widely used Windows operating system.

Iberdrola and Gas Natural, along with Vodafone’s unit in Spain, asked staff to turn off computers or cut off internet access in case they had been compromised, representatives from the firms said.

Reuters

www.scamsfakes.com

www.crimefiles.net

Henry Sapiecha

Apple Boss Tim Cook Says He’ll Defy Britain’s Government Spy Law Data Access Plan

Italy Apple Cook_image www.intelagencies.com

Apple CEO Tim Cook, right, listens to former Italian premier and President of Bocconi University Mario Monti as they attend the inauguration of the academic year at the Bocconi, in Milan, Italy, Tuesday, Nov.10, 2015. (AP Photo/Luca Bruno)

Tech giant Apple will resist the British government’s efforts to get access to encrypted data through a new spying law, CEO Tim Cook said Wednesday.

Last week, Britain published a draft law that seeks to ensure that telecommunication companies “provide wider assistance to law enforcement and the security and intelligence agencies in the interests of national security.”

That worries firms like Apple, whose iMessage service offers “end-to-end” encryption, meaning the company doesn’t have the ability to read messages sent over the app.

Cook told students at Trinity College Dublin that Apple didn’t plan to introduce a “back door” ability to decrypt the messages.

“We will productively work with the governments to try to convince them that’s also in their best interests in the national security sense,” he said.

Cook said weakening encryption would be bad for online security, because “if you leave a back door in the software then there’s no such thing as a back door for the good guys only.”

“If there’s a back door anybody can come in,” he said.

British Home Secretary Theresa May said last week that the draft Investigatory Powers Bill “will not ban encryption or do anything to undermine the security of people’s data.”

But civil liberties and privacy groups have expressed alarm at its provisions, which include requiring communications companies to hold onto customers’ web traffic records for up to a year. The draft bill also says service providers will be legally obliged to assist the authorities in getting access to customers’ devices.

The bill has yet to be approved by Parliament.

ig

Henry Sapiecha

Internet Firms Warn UK Against ‘Dangerous’ Changes To Law

electricity background red pink surreal image www.intelagencies.com

Major U.S. Internet companies have urged the British government to reconsider a plan to make telecommunications firms help spies hack into computers and phones.

The draft Investigatory Powers Bill would require telecoms companies to keep records of customers’ Web histories for up to a year, and to help security services gain access to suspects’ electronic devices.

In a joint submission to a committee of British lawmakers, Facebook, Google, Microsoft, Twitter and Yahoo said that “to the extent this could involve the introduction of risks or vulnerabilities into products or services, it would be a very dangerous precedent to set.”

They urged the government to reconsider, and warned against changes that would weaken online encryption, which they called a “fundamental security tool.”

The submission was made last month and published Thursday by the committee, which is reviewing the proposed legislation.

Apple has also objected to the British proposals, saying they could weaken online security by providing a backdoor to users’ data for “bad guys” as well as “good guys.”

The British government insists the bill won’t weaken or ban online encryption.

If approved by Parliament, the bill will let police and spies access Internet connection records — a list of websites, apps and messaging services someone has visited, though not the individual pages they looked at or the messages they sent.

Civil liberties groups have also expressed alarm at the bill. A previous version of the legislation was thrown out by lawmakers in 2013 as overly intrusive.

The government says it will set out final proposals in the spring.

oo

Henry Sapiecha

Britain Seeks Greater Access To Citizens’ Online Activity

Cybersecurity image www.intelagencies.com

The British government plans to make telecommunication firms keep records of every website that customers visit under a new law regulating cyber-snooping.

The draft Investigatory Powers Bill is designed to regulate authorities’ access to Internet activity, replacing a patchwork of laws, some dating from the Web’s infancy.

Home Secretary Theresa May said Wednesday that the bill would let police and spies access Internet connection records – a list of websites and social media apps someone has visited, though not the individual pages they looked at or messages they sent.

May said the data was “simply the modern equivalent of an itemized phone bill,” but civil liberties groups say it marks a big expansion of snooping powers.

The bill will be reviewed by legislators before it’s submitted to Parliament for approval.

ooo

Henry Sapiecha

UK refuses to reveal how many lawmakers are under surveillance

UK Home secretary Theresa May did confirm that members of devolved parliaments and the European Parliament are not subject to wiretap protections.

UK home secretary Theresa May speaking on BBC radio image www.intelagencies.com

UK home secretary Theresa May speaking on BBC radio (Image: BBC/Twitter; file photo)

The UK’s home secretary Theresa May has refused to confirm how many fellow lawmakers have had their communications intercepted by British intelligence agencies.

In a brief confrontation in the parliament’s House of Commons on Monday, fellow Conservative Peter Bone MP said May’s refusal to answer was an “indication” that some members of parliament (MPs) have been subject to surveillance by UK intelligence agencies.

The emergency session follows a ruling last week that determined the so-called Wilson Doctrine, a promise made by former prime minister Harold Wilson that said members of parliament won’t have their mail opened or phones tapped by the intelligence agencies without his direct knowledge, was no longer valid.

May said the doctrine “still applies,” but confirmed that devolved members of parliament in Scotland (MSPs), Wales, and Northern Ireland, as well as members of the European Parliament (MEPs), are not protected by the doctrine.

Joanna Cherry MP, a Scottish member of parliament, criticized May’s response, asking why the government thinks the Scottish parliament is “less deserving” of the doctrine’s protection. She added that the home secretary’s “caveated” comments about the doctrine in 2014 suggested the doctrine may have been partly suspended around the time of the Scottish national independence referendum, a national vote that saw Scotland remain as part of the United Kingdom.

Caroline Lucas MP, who brought the case under debate to the Investigatory Powers Tribunal, said lawmakers had been “misled” over the level of protections MPs are afforded under the doctrine.

Doctrine ‘cannot work sensibly’

Until last week, the doctrine was kept in force by every prime minister since Wilson, but was expanded in 2002 when former prime minister Tony Blair said the doctrine applied to “all forms” of communications.

But last week, James Eadie QC told the Investigatory Powers Tribunal (IPT), which hears complaints against the intelligence agencies, that the doctrine “simply cannot work sensibly” in an age of bulk data collection and mass surveillance, and did not have the force or weight of the law.

The IPT said that the UK’s spy agencies MI5, MI6, and GCHQ — the eavesdropping agency whose activities were detailed in an extensive range of documents leaked by whistleblower Edward Snowden — have their own separate policies that do not require for the prime minister to be informed where parliamentary communications were collected.

MPs were quick to respond with anger, amid concerns that emails sent to and from parliamentary offices may have been collected or spied on.

In a letter to the prime minister David Cameron, Scottish first minister Nicola Sturgeon asked for clarification, arguing “the confidentiality of communications between parliamentarians and their constituents is of the utmost importance,” according to The Guardian.

MPs not ‘above the law’

Many of the lawmakers on Monday argued that the need to protect their communications from surveillance was to protect whistleblowers, and not about driving a wedge of privilege between them and the public.

David Davis MP, a Conservative politician known for being pro-civil liberties, and who has almost always voted against requiring the mass retention of information about communications, said MPs need the doctrine’s protections against government surveillance because their job is to “hold the government to account.”

He argued that MPs often “deal with campaigners, journalists, whistleblowers, and our own constituents” in bringing to light wrongdoing disclosed by members of the public, including police and public-sector workers, and employees of big corporations.

Chris Bryant MP, who called for the emergency debate following last week’s ruling, argued that MPs “cannot ever be above the law,” a sentiment echoed by others, including the home secretary.

Bryant, a Labour MP with a long record of voting in favor of data retention and communications collection legislation, accused May of withholding any public statement about a change in the doctrine’s standing because it wasn’t “compatible” with the current state of national security.

Davis, in agreement with Lucas and others, said the the doctrine must be enshrined into law.

May will “soon” introduce the so-called “snoopers’ charter,” first mentioned earlier this year in the Queen’s annual speech.

Known as the Investigatory Powers Bill, the Conservative government said the draft law would give authorities “tools” to keep the public safe by addressing gaps in existing intelligence gathering.

Dominic Grieve MP, chair of the Security and Intelligence Committee which oversees the intelligence agencies, said the committee will examine how parliamentarians will be treated under the new draft bill.

ooo

Henry Sapiecha

UK and U.S. intelligence agencies to increase cyber security co-operation

Britain's Prime Minister David Cameron speaks at a debate to promote the EU-US trade deal, in Brussels

(Reuters) – Britain and the United States will increase cooperation on cyber security, Prime Minister David Cameron said, setting up “cyber cells” to share intelligence and conduct simulated attacks to test the defences of organisations such as banks.

Cameron is on a two-day visit to Washington focused on the economy and security, and is due to have a second meeting with President Barack Obama on Friday at the White House.

“We have got hugely capable cyber defences, we have got the expertise and that is why we should combine as we are going to, set up cyber cells on both sides of the Atlantic to share information,” Cameron told the BBC in an interview aired on Friday.

The cooperation between Britain’s GCHQ eavesdropping agency and the U.S. National Security Agency will include joint war games, with the first exercise later this year to involve the Bank of England and commercial banks in both the City of London and Wall Street, the BBC reported.

“This is a real signal it is time to step up the efforts and to do more,” said Cameron.

The British leader said he also planned to discuss with Obama how the two countries could work more closely with big Internet companies such as Facebook and Google to monitor communications between terror suspects.

ooo

Henry Sapiecha