By Reuters | Updated: 11 December 2021
Brazil’s health ministry said its website was hit on Friday by a hacker attack that took several systems down, including one with information about the national immunisation program and another used to issue digital vaccination certificates.
The government put off for a week implementing new health requirements for travellers arriving in Brazil due to the attack.
“The health ministry reports that in the early hours of Friday it suffered an incident that temporarily compromised some of its systems … which are currently unavailable,” it said in a statement.
Police said they were investigating the attack.
The alleged hackers, calling themselves Lapsus$ Group” posted a message on the website saying that internal data had been copied and deleted. “Contact us if you want the data back,” it said, in an apparent ransomware attack.
The message, which included e-mail and Telegram contact info, had been removed by Friday afternoon, but the web page was still down, while user data in the ConectSUS app that provides Brazilians with vaccination certificates had disappeared.
The ministry said it was working to restore its systems. At a news conference, Deputy Health Minister Rodrigo Cruz said access to the vaccination data had still not been recovered by Friday evening. Cruz said it was too early to say whether the data had been lost.
Under measures decided on Tuesday after President Jair Bolsonaro opposed the use of a vaccine passport, unvaccinated travelers arriving in Brazil will have to quarantine for five days and be tested for COVID-19.
The requirement was due to start on Saturday, but the government said that will be postponed for a week as vaccination data was not accessible online following the attack.
COVID-19 tracing forms for arriving airline passengers were still available on health regulator Anvisa’s website, which was not targeted.
© Thomson Reuters 2021
Ukraine Suspects Belarus Intelligence-Linked UNC1151 Group Over Cyberattack
By Reuters | Updated: 17 January 2022
Kyiv believes a hacker group linked to Belarusian intelligence carried out a cyberattack that hit Ukrainian government websites this week and used malware similar to that used by a group tied to Russian intelligence, a senior Ukrainian security official said.
Serhiy Demedyuk, deputy secretary of the national security and defence council, told Reuters that Ukraine blamed Friday’s attack – which defaced government websites with threatening messages – on a group known as UNC1151 and that it was cover for more destructive actions behind the scenes.
“We believe preliminarily that the group UNC1151 may be involved in this attack,” he said.
His comments offer the first detailed analysis by Kyiv on the suspected culprits behind the cyberattack on dozens of websites. Officials on Friday said Russia was probably involved but gave no details. Belarus is a close ally of Russia.
The cyberattack splashed websites with a warning to “be afraid and expect the worst” at a time when Russia has massed troops near Ukraine’s borders, and Kyiv and Washington fear Moscow is planning a new military assault on Ukraine.
Russia has dismissed such fears as “unfounded”.
The office of Belarusian President Alexander Lukashenko did not immediately respond to a request for comment about Demedyuk’s remarks.
Russia’s foreign ministry also did not immediately respond to a request for comment on his remarks. It has previously denied involvement in cyberattacks, including against Ukraine.
“The defacement of the sites was just a cover for more destructive actions that were taking place behind the scenes and the consequences of which we will feel in the near future,” Demedyuk said in written comments.
In a reference to UNC1151, he said: “This is a cyber-espionage group affiliated with the special services of the Republic of Belarus.”
Demedyuk, who used to be the head of Ukraine’s cyber police, said the group had a track record of targeting Lithuania, Latvia, Poland and Ukraine and had spread narratives decrying the NATO alliance’s presence in Europe.
“The malicious software used to encrypt some government servers is very similar in its characteristics to that used by the ATP-29 group,” he said, referring to a group suspected of involvement in hacking the Democratic National Committee before the 2016 US presidential election.
“The group specialises in cyber espionage, which is associated with the Russian special services (Foreign Intelligence Service of the Russian Federation) and which, for its attacks, resorts to recruiting or undercover work of its insiders in the right company,” Demedyuk said.
The messages left on the Ukrainian websites on Friday were in three languages: Ukrainian, Russian, and Polish. They referred to Volhynia and Eastern Galicia, where mass killings were carried out in Nazi German-occupied Poland by the Ukrainian Insurgent Army (UPA). The episode remains a point of contention between Poland and Ukraine.
Demedyuk suggested the hackers had used Google Translate for the Polish translation.
“It is obvious that they did not succeed in misleading anyone with this primitive method, but still this is evidence that the attackers ‘played’ on the Polish-Ukrainian relations (which are only getting stronger every day),” he said.
© Thomson Reuters 2022
REvil Ransomware Group Dismantled by Russia at US Request
By Reuters | Updated: 17 January 2022
Apple said on Saturday it would allow developers of dating apps in the Netherlands to offer non-Apple payment options to their users, complying with an order from the country’s market regulator to do so by January 15 or face fines.
The country’s Authority for Consumers and Markets found in a decision published on December 24 that Apple had abused its market position by requiring dating app developers, including Tinder owner Match Group, to exclusively use Apple’s in-app payment system.
Apple’s practice of requiring developers to use its system and pay commissions of 15-30 percent on digital goods purchases has come under scrutiny from regulators and lawmakers around the world, but the Dutch ruling applies only in the Netherlands and only for dating apps.
Russia has dismantled ransomware crime group REvil at the request of the United States in an operation in which it detained and charged the group’s members, the FSB domestic intelligence service said on Friday.
The arrests were a rare apparent demonstration of US-Russian collaboration at a time of high tensions between the two over Ukraine. The announcement came as Ukraine was responding to a massive cyber attack that shut down government websites, though there was no indication the incidents were related.
The United States welcomed the arrests, according to a senior administration official, adding “we understand that one of the individuals who was arrested today was responsible for attack against Colonial Pipeline last spring.”
A May cyberattack on the Colonial Pipeline that led to widespread gas shortages on the US East Coast used encryption software called DarkSide, which was developed by REvil associates.
A police and FSB operation searched 25 addresses, detaining 14 people, the FSB said, listing assets it had seized including 426 million (roughly Rs. 40 crore), $600,000 (roughly Rs. 4 crore), 500,000, computer equipment and 20 luxury cars.
A Moscow court identified two of the men as Roman Muromsky and Andrei Bessonov and remanded them in custody for two months. Muromsky could not be reached for comment and his phone was off. Reuters could not immediately reach Bessonov.
Two Muscovites told Reuters Muromsky was a web developer who had helped them with websites for their businesses.
Russia told Washington directly of the moves it had taken against the group, the FSB said. The US Embassy in Moscow said it could not immediately comment.
“The investigative measures were based on a request from the … United States,” the FSB said. “… The organised criminal association has ceased to exist and the information infrastructure used for criminal purposes was neutralised.”
The REN TV channel aired footage of agents raiding homes and arresting people, pinning them to the floor, and seizing large piles of dollars and Russian roubles.
The group members have been charged and could face up to seven years in prison, the FSB said.
A source familiar with the case told Interfax the group’s members with Russian citizenship would not be handed over to the United States.
The United States said in November it was offering a reward of up to $10 million (roughly Rs. 75 crore) for information leading to the identification or location of anyone holding a key position in the REvil group.
The United States has been hit by a string of high-profile hacks by ransom-seeking cybercriminals. A source with direct knowledge of the matter told Reuters in June that REvil was suspected of being the group behind a ransomware attack on the world’s biggest meat packing company, JBS SA.
Washington has repeatedly accused the Russian state in the past of malicious activity on the internet, which Moscow denies.
REvil has not been associated with any major attacks for months.
John Shier, a threat researcher at the UK-based Sophos cybersecurity company, said there was no independent confirmation the self-identified leaders of the “defunct” group had been arrested.
“If nothing else, it serves as a warning to other criminals that operating out of Russia might not be the safe harbor they thought it was,” he said.
A former client of Muromsky who only gave the name Sergei described him as a regular worker who did not appear wealthy.
Sergei runs a shop called Motohansa selling motorcycle spare parts. Muromsky created its website and supported it for some time charging him around RUB 15,000 (roughly Rs. 14,700) per month, he said.
“He is a smart person and I can imagine that if he wanted to do it (hacking) he could, but he charged very little money for his services. Several years ago he had a Rover car. That’s not an expensive car at all,” Sergei said.
Muromsky is in his thirties and was born in Anapa in Russia’s south, he said. “He worked as a normal programmer.”
Another client, Adam Guzuyev, described Muromsky as “a regular normal worker” who proved unable to install all the features Guzuyev wanted on his website.
“He earned no more than RUB 60,000 (roughly Rs. 60,000). I can’t say he has genius abilities,” he said, adding Muromsky spent three months working on his website.
© Thomson Reuters 2022
Ukraine Says Russia Behind Cyberattack in ‘Hybrid War’ Move
By Associated Press | Updated: 17 January 2022
Ukraine said Sunday that Russia was behind a cyberattack that defaced its government websites and alleged that Russia is engaged in an increasing “hybrid war” against its neighbor.
The statement from the Ministry of Digital Development came a day after Microsoft said dozens of computer systems at an unspecified number of Ukrainian government agencies had been infected with destructive malware disguised as ransomware. That disclosure suggested the attention-grabbing defacement attack on official websites last week was a diversion.
“All evidence indicates that Russia is behind the cyberattack. Moscow continues to wage a hybrid war and is actively building up its forces in the information and cyberspaces,” the ministry statement said.
The attack comes as the threat of a Russian invasion of Ukraine looms and diplomatic talks to resolve the tense standoff appear stalled.
Microsoft said in a short blog post Saturday that it first detected the malware on Thursday. That would coincide with the attack that simultaneously took some 70 Ukrainian government websites temporarily offline.
Microsoft said in a different, technical post that the affected systems “span multiple government, non-profit, and information technology organisations.” It said it did not know how many more organisations in Ukraine or elsewhere might be affected but said it expected to learn of more infections.
On Sunday, US national security adviser Jake Sullivan said US and private-sector companies were still working to determine the source of the attacks. He said the United States has warned for months about the possibility of cyberattacks from Russia and has been working with Ukraine to improve that country’s defenses.
“This is part of the Russian playbook,” he said on CBS television’s “Face the Nation” programme.
A top private sector cybersecurity executive in Kyiv, Oleh Derevianko, told The Associated Press that the intruders penetrated the government networks through a shared software supplier in a supply-chain attack like the 2020 SolarWinds Russian cyberespionage campaign that targeted the US government.
In 2017, Russia targeted Ukraine with one of the most damaging cyberattacks on record with the NotPetya virus, causing more than $10 billion (roughly Rs. 74,150 crore) in damage globally. That virus, also disguised as ransomware, was a so-called “wiper” that erased entire networks.
In Friday’s mass web defacement, a message left by the attackers claimed they had destroyed data and placed it online, which Ukrainian authorities said had not happened.
The message told Ukrainians to “be afraid and expect the worst.”
Google Mandates Weekly COVID-19 Tests for People Entering US Offices
By Reuters | Updated: 15 January 2022
Alphabet’s Google is temporarily mandating weekly COVID-19 tests for any person entering Google offices or facilities in the United States, the tech giant said on Friday.
Anyone who comes into Google’s US work sites will require a negative test and be required to wear surgical-grade masks while at the office, the company said.
“To help prevent the further spread of COVID-19 during this period of heightened risk, we’re implementing new temporary health and safety measures for anyone accessing our sites in the US,” a Google spokesperson said.
Google provides free at-home and in-person testing options to its employees, their dependants and household members.
The temporary policy of weekly testing comes as cases of the highly contagious Omicron variant of the coronavirus surge in the country.
Last month, Google said it was delaying its return-to-office plan globally from January amid growing concerns over Omicron.
Google, which was one of the first companies to ask its employees to work from home during the pandemic, had told its employees they would lose pay and eventually be fired if they do not follow its COVID-19 vaccination rules, according to a CNBC report in December.
© Thomson Reuters 2022
Ukraine Faces Hacking Attack, Government Websites Down
By Associated Press | Updated: 14 January 2022
A number of government websites in Ukraine were down on Friday after a huge hacking attack, Ukrainian officials said.
While it was not immediately clear who was behind the attacks, they come amid heightened tensions with Russia and after talks between Moscow and the West failed to yield any significant progress this week.
“As a result of a massive hacking attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily down. Our specialists are already working on restoring the work of IT systems,” spokesman of Ukraine’s Foreign Ministry Oleg Nikolenko wrote on Facebook on Friday.
Nikolenko told The Associated Press it was too soon to tell who could have been behind the attacks. “It’s too early to draw conclusions as the investigation is ongoing, but there is a long record of Russian cyber assaults against Ukraine in the past,” he said.
Moscow had previously denied involvement in cyberattacks against Ukraine.
Websites of the country’s Cabinet, seven ministries, the Treasury, the National Emergency Service and the state services website, where Ukrainians’ electronic passports and vaccination certificates are stored, were unavailable Friday as the result of the hack.
The websites contained a message in Ukrainian, Russian, and Polish, saying that Ukrainians’ personal data has been leaked to the public domain. “Be afraid and expect the worst. This is for your past, present and future,” the message read, in part.
Ukraine’s State Service of Communication and Information Protection has said that no personal data has been leaked.
The US estimates Russia has massed about 100,000 troops near Ukraine, a buildup that has stoked fears of an invasion. Moscow says it has no plans to attack and rejects Washington’s demand to pull back its forces, saying it has the right to deploy them wherever necessary.
The Kremlin has demanded security guarantees from the West precluding NATO’s expansion eastwards.
Last month, Moscow submitted draft security documents demanding that NATO deny membership to Ukraine and other former Soviet countries and roll back the alliance’s military deployments in Central and Eastern Europe. Washington and its allies have refused to provide such pledges, but said they are ready for the talks.
High-stakes talks this week between Moscow and the US, followed by a meeting of Russia and NATO representatives and a meeting at the Organization for Security and Cooperation in Europe, failed to bring about any immediate progress.
Google Shows Faith in Work-From-Office With $1-Billion London Deal
By Reuters | Updated: 14 January 2022
Tech giant Google has spent $1 billion (roughly Rs. 7,410 crore) to buy a central London building where it is currently a tenant, showing its confidence in the future of the office as a place to work, the company said on Friday.
Google, which employs 6,400 people in Britain, plans a multi-million pound refurbishment of its offices within the Central Saint Giles development it is buying, close to Covent Garden in central London.
“We have been privileged to operate in the UK for nearly 20 years, and our purchase of the Central Saint Giles development reflects our continued commitment to the country’s growth and success,” said Ruth Porat, CFO of Google’s parent company Alphabet.
Google plans to refit the building so it is adapted for in-person teamwork and has meeting rooms for hybrid working, as well as creating more space for individuals.
The new refurbishment will also feature outdoor covered working spaces to enable work in the fresh air, the company said.
Google said it would eventually have capacity for 10,000 workers at its UK sites, including one being developed in the nearby King’s Cross area of London.
“This investment in jobs from Google is a big vote of confidence in the UK as a world-leading tech hub,” finance minister Rishi Sunak said in a statement.
Google said last month that it was delaying its return-to-office plan globally amid growing concerns over the Omicron variant of the coronavirus.
The Central Saint Giles building had been owned by a joint venture between Legal & General Investment Management Real Assets and Mitsubishi Estate London Limited.
© Thomson Reuters 2022
Delhi Transport Corporation’s First Electric Bus Flagged Off by Chief Minister Arvind Kejriwal
Elon Musk’s Tweet Makes Indian States Clamour for Tesla Plant
Singapore Central Bank Issues Guidelines to Discourage Crypto Trading by Public
Apple to Establish North Carolina Campus That Will House Up to 3,000 Employees, Increase US Spending Targets
Microsoft Mesh Mixed Reality Platform Launched That Allows Users to Appear as Holograms in Virtual Meetings
Apple, Epic Games CEOs on List of Witnesses in Fortnite Case
Mobiles3 weeks ago
Apple Says Foxconn’s iPhone Plant in India Doesn’t Meet Standards for Workers’ Dorms After Mass Food Poisoning
Internet3 weeks ago
CES 2022: AMD, P&G Join Google and Others in Opting Out of Event Over Omicron Fears
Apps2 weeks ago
Facebook Took Action on 16.2 Million Content Pieces in November in India: Meta
Technology2 weeks ago
Tesla Criticised for Opening Showroom in China’s Xinjiang Region
Mobiles3 weeks ago
India Smartphone Market Growth to Accelerate, Around 200 Million Shipments Expected in 2022: Market Analysts
Entertainment3 weeks ago
TV Star Paris Hilton Launches Metaverse Business ‘Paris World’ on Roblox
Uncategorized2 weeks ago
CES 2022: GM CEO Announces Plans to Launch Personal Self-Driving Car by Mid-Decade
Mobiles2 weeks ago
Apple Becomes First Company to Hit $3-Trillion Market Value, Then Slips