ICYMI: BT outage; Euro CNI vulnerable; 4 rail attacks; Polish telecom hack: ransomware uses cloud
The latest In Case You Missed It (ICYMI) looks at BT outage; Euro CNI vulnerable; 4 rail attacks; Polish telco breached; ransomware uses cloud
BT Broadband's troubles garnered the most attention from readers this week
BT Broadband has suffered two major outages this week. The first BT outage is down to a power failure at Telecity Harbour Exchange, where BT as well as various other ISPs join the LINX peer exchange. The power outage at Telecity lasted for about an hour, from just before 8am until 9:15am, when full connectivity was restored.
Equinix, owner of Telecity said: "This morning between 07:55 BS and 08:17 BST, one of the datacentres that houses equipment for The London Internet Exchange (LINX) experienced a partial power outage. This affected only one of a number of Internet peering nodes that LINX operates at the facility, and service was fully restored on the LINX network at 09:15 BST." More
Operators of critical infrastructure in Europe including power stations in Germany, Italy and Israeli smart building, have left networks open to attack by hackers, according to investigations carried out by law enforcement officials.
According to a report by German IT news publication Golem, Berlin Police's Internet Wache, inquiries carried out over a couple of months found that researchers were able to access the control systems of waterworks, cogeneration units, interfaces for building automation and other industrial control system (ICS). The researchers started the investigation after they discovered certain patterns in HTTP headers in these control systems and then programmed a Python script and used ZMap to find public IP addresses. More
Polish telecom Netia suffered a major data breach following an attack that allowed hackers gain access to 14GB of customer data. Following the incident, which took place on July 7, the company's website was down until later that day.
Lidia Marcinkowska, a spokesperson for Netia, which owns Poland's second largest fixed phone line, and provides TV, Internet and mobile telephony services to its customers, told SCMagazineUK.com that, following the latest attack, the Polish operator decided to establish cooperation with an outside team of IT experts. The team is currently advising Netia on additional security measures that could prevent a similar incident in the future. More
The UK rail network has been hit by cyber-attacks at least four times in the past 12 months. No disruption has been caused to the UK rail network. However Darktrace, responsible for defending the rail network, discovered the attacks and said that exploration of the network was taking place.
It is unclear who was behind the attacks, but a hacker with access to the network may be able to change the behaviour of trains. The attacks are thought to be the work of hackers sponsored by nation states. More
As with all dual use phenomena, cyber-criminals have noticed the opportunities for wrong-doing inherent in cloud services and evolved new techniques to their benefit. Recently, security researchers have spotted two kinds of ransomware, Cerber and cuteRansomware, using cloud services as a medium to deliver spam emails or host decryption keys and command-and-control functionality.
A new variant of Cerber targets Office 365 users via malicious macros laced into office documents. This ransomware is able to encrypt 442 file types with a combination of AES-265 and RSA. It has been discovered and named RANSOM_CERBER.CAD by Trend Micro. More