Connect with us


State may face ‘wave’ of cyberattacks from same gang, security expert warns



The Republic could be facing a “wave” of cyberattacks from the same criminal gang that has targeted the HSE, according to a former army intelligence officer and security consultant.

Such attacks tend to come in waves because the technology that works against one IT system, in this case the HSE’s, often also works against systems used by other bodies or organisations in the same country, according to security expert Adrian Jacobs.

“There tends to be a wave because when you can get access through one system, the chances are that other systems will be as vulnerable.”

He said the gangs behind criminal cyberattacks that involve ransom demands operate to a “successful” business model.

This included significant advance work to find a weakness before launching their attack. They gangs then often seek to maximise their return on this investment with subsequent attacks on other agencies or bodies in the same country.

State bodies within one country can have similarities in terms of age, how the system was developed and also a level of compatibility between agencies.

“If you get five shots, and you score on two, that’s doubling your return,” he said.


Mr Jacobs also highlighted the speed with which Taoiseach Micheál Martin stated that there would be no ransom paid.

He said this was an attempt to mitigate against not just the attempt to profit from the current attack but also the potential for “multiple dips into the well” in the form of more attacks.

“I wouldn’t expect a victory parade after the HSE attack is contained, because they will be hugely concerned about the exposure that is still there. Because the modelling would suggest that [more attacks] is most likely.”

The most likely location for ransomware gangs was North Korea, China, or Russia, with Russia thought to be the likely location for the gang in the HSE attack, he said.

Whereas state control was likely in North Korea, in China and Russia some gangs are believed to operate in return for occasionally carrying out non-commercial attacks on behalf of the government, he said.

“You would have had attacks that were directly political. For example in the Baltic states there have been state-directed attacks. Moscow would deny this, but the targets have all been national strategic targets.”

He also said there would be no need for any member of the gang to come to Ireland as part of the preparation for the attack.

While larger, richer countries might be expected to pay higher ransoms to protect their health services and therefore a more likely target, they would also be expected to have better resourced protection of critical national IT infrastructure, Mr Jacobs said, which could explain why Ireland was attacked.

Mr Jacobs added it might be precisely because of the pandemic that the HSE was chosen.

“The more vulnerable you are, the more likely you might be considered to pay a ransom.”


In Ireland, the main body involved in the oversight of Ireland’s critical IT infrastructure is the National Cyber Security Centre (NCSC), based in the Department of Communications.

It is the national point of contact for cyber security and will be in contact with Europol and the Enisa, the European Union Agency for cybersecurity.

Under the terms of the 2016 Network and Information Systems Directive, the State has responsibility for dealing with the security of services provided by multinational companies across the European Union that have their European headquarters located in Ireland. The majority of these multinational companies are from the United States.

In other countries, with much larger military infrastructures, there tends to be a greater involvement by military intelligence and the national intelligence services, in respect of cyber warfare and cyber security, Mr Jacobs said.

The success or otherwise with which Ireland deals with the attack on the HSE system, and any subsequent attacks, may have an influence on the State’s ability to continue to attract and maintain foreign direct investment, he added.

“From the Government’s point of view, one of the first calls they would have had to field would have been from the likes of Intel, because identifying how access was gained, whether they are reliant or connected in any way to the same access point, would be a concern.”

While major multinationals and other large businesses based here would have their own IT security systems, they also use the same national infrastructures such as broadband networks used by State agencies.

Not reported

“Without a doubt, and I can guarantee you of this, there are a huge amount of cyber ransoms that don’t go reported.”

However, commercial organisations often do not want to admit that they have been attacked, he said, for fear of prompting further attacks.

Given the speed of technological change Mr Jacobs believes it impossible to completely secure systems against attack.

“The battle goes on. You can never have enough resources . . . It is about risk management.”

In the US last week, the operators of the largest fuel pipeline in the country, Colonial Pipeline, were reported to have paid a ransom of 75 Bitcoin, or approximately €4 million, after a gang called Darkside, based in Russia, closed the pipeline network in a cyberattack.

The attack severely affected fuel deliveries in the US and led to a state of emergency in four states.

On Friday the New York Times reported Darkside had announced it was shutting down, following unspecified “pressure” from the US government.

In a statement in Russian to the newspaper, the criminals said they had lost access to aspects of their system and that money had been withdrawn to an unknown account.

However, the newspaper quoted security experts as saying that the statement from the criminal gang could be a ruse.

Mr Jacobs said the gangs involved in ransom attacks use ransom negotiation tactics, and that initial ransom demands are often “testers.”

In the case of the attack on the HSE, the Taoiseach’s public statement that no ransom would be paid, meant there was now a “stand-off”.

“You are into: ‘do you pull the trigger or don’t you’?”

Source link


Germany’s flood zones spared severe storms on Saturday



In the west of the country, the fire brigade reported a quiet night in the flood areas in Rhineland-Palatinate and North Rhine Westphalia.

The situation remains tense, however, with local thunderstorms forecast in some parts of Germany from midday on Sunday — most likely south of the Danube.

Further heavy rain and hail were also possible again, according to the German Weather Service (DWD), which publishes storm warnings.

READ ALSO: WEATHER: German flood zones at risk of further storms

The latest storms came just days after parts of the country were hit by devastating floods after torrential rains that ravaged entire villages and left 180 people dead, hundreds injured and with many still missing.

The flooding also caused damage in Belgium, where 37 people died, Luxembourg, the Netherlands and Switzerland.

Source link

Continue Reading


Prosecutors allege R Kelly had sexual contact with under-age boy



US prosecutors in R Kelly’s sex trafficking case say he had sexual contact with an under-age boy in addition to girls, and the government wants jurors in his upcoming sex-trafficking trial to hear those claims.

Federal prosecutors aired a wide-ranging raft of additional allegations – but not new charges – against the R&B singer in a court filing on Friday.

Jury selection is due to start August 9th in a New York federal court for Kelly, who denies ever abusing anyone.

The Grammy Award-winning singer is charged with leading what prosecutors call a criminal enterprise of managers, bodyguards and other employees who allegedly helped him to recruit women and girls for sex and pornography and to exercise control over them.

The charges involve six different women and girls, who are not named in court filings.

Now, prosecutors would also like jurors to hear about more than a dozen other people whom the government alleges that Kelly sexually or physically abused, threatened or otherwise mistreated.

Among them, the government says, was a 17-year-old boy and aspiring musician whom Kelly met at a McDonald’s in December 2006 and later invited to his Chicago studio.

According to the prosecutors’ court filing, after asking the boy what he would do to make it in the music business, Kelly propositioned and had sexual contact with him while he was still under-age.

And when Kelly was about to go on trial on child pornography charges in Chicago in 2008, the same youth told the singer he had access to a juror, and Kelly asked him to contact the juror and vouch he was a “good guy”, prosecutors wrote.

The filing does not say whether the youth did so. Kelly was acquitted in that case.

The boy also introduced Kelly to a 16- or 17-year-old male friend, with whom prosecutors say the singer began a sexual relationship several years later.

Kelly also filmed the two youths in sexual encounters with other people, including some of Kelly’s girlfriends, according to the filing.

Prosecutors wrote that the accounts of the boys and others would help show that the actual charges “were not isolated events and were part of a larger pattern”.

The multiplatinum-selling singer, born Robert Sylvester Kelly, is known for work including the 1996 hit I Believe I Can Fly and the cult classic Trapped In The Closet, a multi-part tale of sexual betrayal and intrigue.

Kelly’s private life has drawn scrutiny since the 1990s, and he currently is also facing sex-related charges in Illinois and Minnesota. He has pleaded not guilty.– AP

Source link

Continue Reading


Fears mount in western Germany as fresh rain falls



For some areas, the German Weather Service has forecast heavy showers or storms, bringing between 30 and 40 litres per square metre.

Amid further rainfall on Saturday afternoon, evacuation services to emergency accommodation were offered to communities in Rheinland-Palatinate who had been particularly badly affected by the flooding, German news site Merkur reported.

“The people will have to make the decision themselves,” said Begona Hermann, head of the relief teams in the west German state, explaining that the forecast rainfall was not expected to be as severe as that which devastated parts of Germany last week.  

READ ALSO: German floods death toll hits 180, with 150 still missing

However, even lower levels of rainfall could still be a problem because sewage and drainage systems were not working properly because of the flooding.

Earlier on Saturday, police requested all volunteers working on the clean-up operation in the Ahr area to leave as quickly as possible for their own safety because of the difficult conditions.

This came after the police and the crisis management team asked the public not to travel to Rhineland-Palatinate to help out because there were too many people there.

“The population’s willingness to help continues to be undiminished and overwhelming,” read a Kassel police statement on Saturday. Due to the large number of volunteers who came to help out, however, roads in the area are now congested, it said.

Heavy machinery required for road and bridge construction, and for the restoration of the area’s water supply, was getting stuck in traffic jams, the press release said.

Vehicles for removing rubbish and construction debris, as well as emergency and rescue vehicles, were also unable to get through.

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!