United Kingdom

Britain's Newest Warship Runs Windows XP, Raising Cyber Attack Fears (telegraph.co.uk) 102

Chrisq shares a report from The Telegraph: Fears have been raised that Britain's largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-board hardware and software "would have been good in 2004" when the carrier was designed, "but now seems rather antiquated." However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks.
Security

Petya Ransomware Outbreak Originated In Ukraine Via Tainted Accounting Software (bleepingcomputer.com) 12

An anonymous reader quotes a report from Bleeping Computer: Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. According to several researchers, such as Cisco Talos, ESET, MalwareHunter, Kaspersky Lab, and others, an unknown attacker was able to compromise the software update mechanism for M.E.Doc's servers, and deliver a malicious update to customers. When the update reached M.E.Doc's customers, the tainted software packaged delivered the Petya ransomware -- also referenced online as NotPetya, or Petna. The Ukrainian software vendor appears to have inadvertently confirmed that something was wrong when, this morning, issued a security advisory. Hours later, as the ransomware outbreak spread all over Ukraine and other countries across the globe causing huge damages, M.E.Doc denied on Facebook its servers ever served any malware. According to security researcher MalwareHunter, this is not the first time M.E.Doc has carried a malicious software update that delivered ransomware. Back in May, the company's software update mechanism also helped spread the XData ransomware.
Crime

Police Use Lyft As 'Trojan Horse' To Capture Suspect In Murder of Tech CEO (myajc.com) 43

McGruber writes: On Friday, June 23, 2017, three men broke into the home of Albert Eugene DeMagnus, the CEO of Computer Management Services. The men stabbed DeMangus, who was pronounced dead after he had been taken to a hospital. Police officers chased two of the suspects as they fled in DeMangus' gray Lexus. The Lexus crashed and the two men ran away into the woods. Police then set up a perimeter with road checkpoints. Soon, a Lyft driver approached a checkpoint and told police she was picking up a passenger nearby. "This may be one of our suspects trying to leave the scene," Fayette County, Georgia Sheriff Barry Babb thought of the person being picked up. So Babb and three officers got into his car, which happened to be identical to the Lyft driver's. They got the location of the suspect from the Lyft driver and simply drove to the suspect, posing as his ride. "The subject walked all the way up, was about to open the door and get in our vehicle, when we exited and identified ourself," said Sheriff Babb. The suspect fled and got about 100 yards into the woods before being taken into custody. "That was something that was unique for us," Babb said, "a first time for us."
Security

Hacker Behind Massive Ransomware Outbreak Can't Get Emails From Victims Who Paid (vice.com) 138

Joseph Cox, reporting for Motherboard: On Tuesday, a new, worldwide ransomware outbreak took off, infecting targets in Ukraine, France, Spain, and elsewhere. The hackers hit everything from international law firms to media companies. The ransom note demands victims send bitcoin to a predefined address and contact the hacker via email to allegedly have their files decrypted. But the email company the hacker happened to use, Posteo, says it has decided to block the attacker's account, leaving victims with no obvious way to unlock their files. [...] The hacker tells victims to send $300 worth of bitcoin. But to determine who exactly has paid, the hacker also instructs people to email their bitcoin wallet ID, and their "personal installation key." This is a 60 character code made up of letters and digits generated by the malware, which is presumably unique to each infection of the ransomware. That process is not possible now, though. "Midway through today (CEST) we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact," Posteo, the German email provider the hacker had an account with, wrote in a blog post. "Our anti-abuse team checked this immediately -- and blocked the account straight away.
Security

Heritage Valley Health System Target Of Cyber Attack (cbslocal.com) 23

The Heritage Valley Health System says it has been hit with a cyber attack. From a report: A spokeswoman confirmed the attack Tuesday morning. "Heritage Valley Health System has been affected by a cyber security incident. The incident is widespread and is affecting the entire health system including satellite and community locations. We have implemented downtime procedures and made operational adjustments to ensure safe patient care continues un-impeded." Heritage Valley is a $480 million network that provides care for residents of Allegheny, Beaver, Butler and Lawrence counties, in Pennsylvania; parts of eastern Ohio; and the panhandle of West Virginia. Also read: Ukrainian Banks, Electricity Firm Hit by Fresh Cyber Attack; Reports Claim the Ransomware Is Quickly Spreading Across the World.
China

China's All-Seeing Surveillance State Is Reading Its Citizens' Faces (wsj.com) 98

China's government is using facial-recognition technology to help promote good behavior and catch lawbreakers, reports the WSJ. From the article: Facial-recognition technology, once a specter of dystopian science fiction, is becoming a feature of daily life in China, where authorities are using it on streets, in subway stations, at airports and at border crossings in a vast experiment in social engineering (alternative source). Their goal: to influence behavior and identify lawbreakers. Ms. Gan, 31 years old, had been caught on camera crossing illegally here once before, allowing the system to match her two images. Text displayed on the crosswalk screens identified her as a repeat offender. "I won't ever run a red light again," she said. China is rushing to deploy new technologies to monitor its people in ways that would spook many in the U.S. and the West. Unfettered by privacy concerns or public debate, Beijing's authoritarian leaders are installing iris scanners at security checkpoints in troubled regions and using sophisticated software to monitor ramblings on social media. By 2020, the government hopes to implement a national "social credit" system that would assign every citizen a rating based on how they behave at work, in public venues and in their financial dealings.
Security

Ukrainian Banks, Electricity Firm Hit by Fresh Cyber Attack; Reports Claim the Ransomware Is Quickly Spreading Across the World (vice.com) 96

A massive cyber attack has disrupted businesses and services in Ukraine on Tuesday, bringing down the government's website and sparking officials to warn that airline flights to and from the country's capital city Kiev could face delays. Motherboard reports that the ransomware is quickly spreading across the world. From a report: A number of Ukrainian banks and companies, including the state power distributor, were hit by a cyber attack on Tuesday that disrupted some operations (a non-paywalled source), the Ukrainian central bank said. The latest disruptions follow a spate of hacking attempts on state websites in late-2016 and repeated attacks on Ukraine's power grid that prompted security chiefs to call for improved cyber defences. The central bank said an "unknown virus" was to blame for the latest attacks, but did not give further details or say which banks and firms had been affected. "As a result of these cyber attacks these banks are having difficulties with client services and carrying out banking operations," the central bank said in a statement. BBC reports that Ukraine's aircraft manufacturer Antonov, two postal services, Russian oil producer Rosneft and Danish shipping company Maersk are also facing "disruption, including its offices in the UK and Ireland."

According to local media reports, the "unknown virus" cited above is a ransomware strain known as Petya.A. Here's how Petya encrypts files on a system (video). News outlet Motherboard reports that Petya has hit targets in Spain, France, Ukraine, Russia, and other countries as well. From the report: "We are seeing several thousands of infection attempts at the moment, comparable in size to Wannacry's first hours," Costin Raiu, a security researcher at Kaspersky Lab, told Motherboard in an online chat. Judging by photos posted to Twitter and images provided by sources, many of the alleged attacks involved a piece of ransomware that displays red text on a black background, and demands $300 worth of bitcoin. "If you see this text, then your files are no longer accessible, because they are encrypted," the text reads, according to one of the photos. "Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service."
Google

Google Slapped With $2.7 Billion By EU For Skewing Searches (bloomberg.com) 309

Google suffered a major regulatory blow on Tuesday after European antitrust officials fined the search giant 2.4 billion euros, or $2.7 billion, for unfairly favoring some of its own search services over those of rivals. The European Commission concluded that the search giant abused its near-monopoly in online search to "give illegal advantage" to its own Shopping service. Margrethe Vestager, the EU's competition commissioner, said Google "denied other companies the chance to compete" and left consumers without "genuine choice." The hefty fine marks the latest chapter in a lengthy standoff between Europe and Google, which also faces two separate charges under the region's competition rules related to Android, its popular mobile software, and to some of its advertising products. From a report: Google has 90 days to "stop its illegal conduct" and give equal treatment to rival price-comparison services, according to a binding order from the European Commission on Tuesday. It's up to Google to choose how it does this and it must tell the EU within 60 days of its plans. Failure to comply brings a risk of fines of up to 5 percent of its daily revenue. [...] "I expect the Commission now to swiftly conclude the other two ongoing investigations against Google," Markus Ferber, a member of the European Parliament from Germany. "Unfortunately, the Google case also illustrates that competition cases tend to drag on for far too long before they are eventually resolved. In a fast-moving digital economy this means often enough that market abuse actually pays off and the abuser succeeds in eliminating the competition." Google has been pushing its own comparison shopping service since 2008, systematically giving it prominent placement when people search for an item, the EU said. Rival comparison sites usually only appear on page four of search results, effectively denying them a massive audience as the first page attracts 95 percent of all clicks. In a blog post, Google said the EU has "underestimated" the value Google's services brings to the table. "We believe the European Commission's online shopping decision underestimates the value of those kinds of fast and easy connections. While some comparison shopping sites naturally want Google to show them more prominently, our data show that people usually prefer links that take them directly to the products they want, not to websites where they have to repeat their searches. We think our current shopping results are useful and are a much-improved version of the text-only ads we showed a decade ago. Showing ads that include pictures, ratings, and prices benefits us, our advertisers, and most of all, our users. And we show them only when your feedback tells us they are relevant. Thousands of European merchants use these ads to compete with larger companies like Amazon and eBay. [...] Given the evidence, we respectfully disagree with the conclusions announced today. We will review the Commission's decision in detail as we consider an appeal, and we look forward to continuing to make our case," wrote Kent Walker, SVP and General Counsel at Google.
Businesses

Zillow Threatens To Sue Blogger For Using Its Photos For Parody (theverge.com) 129

Kate Wagner is facing potential legal charges by real estate Zillow for allegedly violating the site's terms of service by reproducing images from their site on her blog. Wagner's blog is called McMansion Hell -- a Tumblr blog that "highlights the absurdity of giant real estate properties and the ridiculous staging and photography that are omnipresent in their sales listings," writes Natt Garun via The Verge. From the report: A typical McMansion Hell blog post will have a professional photo of a home and / or its interior, along with captions scattered throughout by Wagner. She also adds information about the history and characteristics of various architecture styles, and uses photos from the likes of Zillow and Redfin to illustrate how so many real estate listings inaccurately use the terms. Under each post, Wagner adds a disclaimer that credits the original source of the images and cites Fair Use for the parody, which allows for use of copyrighted material for "criticism, comment, news reporting, teaching, scholarship, and research." In a cease and desist letter to Wagner, Zillow claims Wagner's reproduction of these images do not apply under the Copyright Act. Additionally, the company claims McMansion Hell may "[interfere] with Zillow's business expectations and interests." As a result of the potential lawsuit, Wagner has temporarily taken McMansionHell.com down. In a statement to The Verge, Zillow said: "Zillow has a legal obligation to honor the agreements we make with our listing providers about how photos can be used. We are asking this blogger to take down the photos that are protected by copyright rules, but we did not demand she shut down her blog and hope she can find a way to continue her work."
Canada

China, Canada Vow Not To Conduct Cyberattacks On Private Sector (reuters.com) 52

New submitter tychoS writes from a report via Reuters: China and Canada have signed an agreement vowing not to conduct state-sponsored cyberattacks against each other aimed at stealing trade secrets or other confidential business information. The new agreement was reached during talks between Canada's national security and intelligence adviser, Daniel Jean, and senior communist party official Wang Yongqing, a statement dated June 22 on the Canadian government's website showed. "This is something that three or four years ago (Beijing) would not even have entertained in the conversation," an unnamed Canadian government official told the Globe and Mail, which first reported the agreement. The new agreement only covers economic cyber-espionage, which includes hacking corporate secrets and proprietary technology, but does not deal with state-sponsored cyber spying for intelligence gathering.
Security

Judge Sentences Man To One Year In Prison For Hacking Smart Water Readers In Five US Cities (bleepingcomputer.com) 60

An anonymous reader writes: A Pennsylvania man was sentenced to one year and one day in prison for hacking and disabling base stations belonging to water utility providers in five cities across the U.S. East Coast. Called TGB, these devices collect data from smart meters installed at people's homes and relay the information to the water provider's main systems, where it is logged, monitored for incidents, and processed for billing. Before he was fired by the unnamed TGB manufacturing company, Flanagan's role was to set up these devices. After he was fired, Flanagan used former root account passwords to log onto the devices and disable their ability to communicate with their respective water utility providers' upstream equipment. He wasn't that careful, as the FBI was able to trace back the attacks to his home. Apparently, the guy wasn't that silent, leaving behind a lot of clues. Flanagan's attacks resulted in water utility providers not being able to collect user equipment readings remotely. This incurred damage to the utility providers, who had to send out employees at customer premises to collect monthly readings. He was arrested in Nov 2014, and later pleaded guilty.
Piracy

Indie Game Developer Shares Free Keys on The Pirate Bay (torrentfreak.com) 130

Jacob Janerka, developer of the popular indie adventure game 'Paradigm,' recently spotted a cracked copy of his title on The Pirate Bay. But, instead of being filled with anger and rage while running to the nearest anti-piracy outfit, Janerka decided to reach out to the pirates. Not to school or scold them, but to offer a few free keys. From a report: "Hey everyone, I'm Jacob, the creator of Paradigm. I know some of you legitimately can't afford the game and I'm glad you get to still play it :D," Janerka's comment on TPB reads. Having downloaded many pirated games himself in the past, Janerka knows that some people simply don't have the means to buy all the games they want to play. So he's certainly not going to condemn others for doing the same now, although it would be nice if some bought it later. "If you like the game, please tell your friends and maybe even consider buying it later," he added.
Government

Supreme Court Partially Revives Travel Ban, Will Hear Appeal (bloomberg.com) 557

From a report: The U.S. Supreme Court partially revived President Donald Trump's travel ban and said the justices will hear arguments in the fall. The justices said the ban can apply for now only to people who don't have a "credible claim of a bona fide relationship with a person or entity in the United States." From a NYT report: Mr. Trump's revised executive order, issued in March, limited travel from six mostly Muslim countries for 90 days and suspended the nation's refugee program for 120 days. The time was needed, the order said, to address gaps in the government's screening and vetting procedures. [...] The United States Court of Appeals for the Ninth Circuit, in San Francisco, recently blocked both the limits on travel and the suspension of the refugee program. It ruled on statutory rather than constitutional grounds, saying Mr. Trump had exceeded the authority granted him by Congress. The court agreed to review both cases, and said it would hear arguments in October, noting that the government had not asked it to act faster.
United States

Ohio Government Websites Hacked With Pro-Islamic State Messages (bloomberg.com) 205

An anonymous reader quotes Bloomberg: The websites of Ohio Governor John Kasich and other state government agencies were hacked on Sunday with a posting professing love for the jihadist group Islamic State. Ten state websites and two servers were affected, and they've been taken off line for an investigation with law enforcement into how the hackers were able to deface them, said Tom Hoyt, a spokesman for the Ohio Department of Administrative Services... The same pro-Islamic State message, accompanied by music, were also shown on Sunday on the website of Brookhaven, a town on New York's Long Island about 50 miles (80 kilometers) from Manhattan, the New York Post reported... Ohio Treasurer Josh Mandel, a Republican candidate for the U.S. Senate in 2018, posted on Facebook that the Department of Rehabilitation and Correction website had been hacked and said, "Wake up freedom-loving Americans. Radical Islam infiltrating the heartland."
Australia

Roadside Cameras Infected with WannaCry Virus Invalidate 8,000 Traffic Tickets (yahoo.com) 173

Long-time Slashdot reader nri tipped us off to a developing story in Victoria, Australia. Yahoo News reports: Victoria Police officials announced on Saturday, June 24, they were withdrawing all speed camera infringement notices issued statewide from June 6 after a virus in the cameras turned out to be more widespread than first thought. "That does not mean they [the infringement notices] won't not be re-issued," Assistant Commissioner Doug Fryer told reporters, explaining that he wants to be sure the red light and speed cameras were working correctly. Acting Deputy Commissioner Ross Guenther told reporters on Friday that 55 cameras had been exposed to the ransomware virus, but they've now determined 280 cameras had been exposed. The cameras are not connected to the internet, but a maintenance worker unwittingly connected a USB stick with the virus on it to the camera system on June 6.

Fryer said that about 1643 tickets would be withdrawn -- up from the 590 that police had announced on Friday -- and another five and a half thousand tickets pending in the system would be embargoed. Fryer said he was optimistic the 7500 to 8000 tickets affected could be re-issued, but for now police would not issue new tickets until police had reviewed the cameras to ensure they were functioning properly... The "WannaCry" malware caused the cameras to continually reboot, Fryer said. Fryer said there was no indication the malware had caused inaccurate radar readings, but police were being "over cautious" to maintain public faith in the system.

Last week Victoria's Police Minister was "openly furious" with the private camera operator, saying the group hadn't notified the relevant authorities about the infection.

Slashdot Top Deals