12 April 2019

IRM Weekly Cybersecurity Roundup: Autistic gamers targeted

Fancy getting the weekly roundup delivered straight to your inbox? Sign up to the IRM newsletter.

Cybercriminal gangs target autistic gamers

Cybercriminals aren’t usually loan wolves, they tend to be part of an online gang. Recently, police are warning autistic gamers to be aware of gangs attempting to recruit them. Organised online gangs prey on computer gamers who want to fit into virtual worlds that value their skills.

More than 80% of cybercriminals come from a background of computer gaming.  Chief Constable Peter Goodman – who is the National Police Chiefs Council’s lead on cybercrime, said: “Gamers live in quite an enclosed world which tends to be the bedroom… they spend a lot of time online because they tend to be highly intelligent, highly technically proficient individuals…Many of the youngest cybercriminals are somewhere on the autistic spectrum, they find it very hard to have any credibility, any confidence, any traction in the real world.”

Specialist detectives are working on identifying the most at risk teenagers to work on developing initiatives that will help steer them towards lucrative careers in the legitimate computing world.

You can read more here.

24-year-old student jailed for six years

A 24-year-old student from London, Zain Qaiser, has been jailed for 6 years and 5 months after making £700,000 by blackmailing pornography website users between 2012-2014 with a malicious advertising and ransomware.

Visitors to the adult websites who clicked on the advertisements found their unprotected computers infected with the ransomware, triggering a pop-up message from (impersonated) law enforcement implying an offence had been committed, before demanding a payment of roughly $200+ (£100+) to unfreeze their screens and browsers.

The victims were also conned into believing a webcam image had been captured during their visit to the adult website as part of the blackmail. “Out of fear of embarrassment from friends or family members  discovering they had accessed pornography, many users paid the ransom,” prosecutor Joel Smith told Kingston Crown Court. “For obvious reasons very few people complained to law enforcement officials.”

After Qaiser was caught out by the Canadian brokers that sold him the advertising space, he threatened them after they warned him to stop. After the brokers informed police, Qaiser launched a cyber-attack onto the Canadian company, causing hundreds of thousands of pounds worth of damage to their businesses.

Considered as the most serious case of cyber-crime they have investigated by the National Crime Agency, Qaiser admitted to 11 offences, including blackmail, fraud, money laundering and computer misuse, and was jailed at Kingston Crown Court.

You can read read more here.

Could Huawei be banned from Westminster?

Huawei are still under the microscope after a GCHQ-backed security review identified the company had failed to fix some of their software development.

The UK government will reveal whether they will restrict or even ban the 5G technology in May if the related cybersecurity defects aren’t fixed.

Dr Levy – Technical director of GCHQ’s National Cyber Security Centre, described the security processes in Huawei “like nothing else” – “It’s engineering like its back in the year 2000 – it’s very, very shoddy.”

As mentioned in previous roundups, Huawei has had several issues with the 5G rollout. These include arguments with the US government over cybersecurity processes and potential links to the Chinese government, of which Huawei are now suing the US Government for unconstitutional sale restrictions.

You can read more here.

AI helped South Korean police track down Ponzi Scheme

Artificial intelligence assisted police in tracking down criminals behind a Bitcoin Ponzi Scheme. The initiative embezzled approximately 56,000 people of over 21.2 billion won  (around £14 million), with most targets being elderly or retired.

The AI uncovered the scam by learning the ‘language’ of the Ponzi scheme and managed to uncover the algorithm used. This included phrases related to risk factors, statements related to guaranteed incomes, referral bonuses and recruitment.

The Ponzi scheme called ‘M-Coin’ gave members-only shopping websites and cryptocurrency exchanges for unlisted M-Coin tokens. Members would annually pay a fee of 330,000 won ($290) for a standard package or a premium package for 990,000 won (870). Members could also sign up for 10 years, which promised discounts of special events and leisure activities.

The police have arrested two of the schemes CEOs, along with ten other members connected to recruitment. The use of AI algorithms are already showing promise for the future.

You can read more here.

 Quick Fire Updates:

A cyber-attack every minute on UK Businesses: Since the start of 2019, UK businesses are hit once a minute by a cyber-attack. That’s up 122% year-on-year. Read more here.

What could a 5G cyber-attack be like: BBC News have created a short video on how chaotic a 5G cyber-attack could be. Watch it here.

Printers can also be a cybersecurity risk: Probably the last thing you’d think would be a risk when it comes to cybersecurity, but alas, printers are a vulnerable point of entry for hackers. Read more here.

Smart speaker recordings may reviewed: Amazon, Apple and Google all confirm they employ staff to listen to voice recordings from customers speaking into their smart speakers and voice assistant apps. Read more here.

To receive this blog direct to your inbox every week, sign up to our newsletter.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.