14 June 2019

IRM Weekly Cybersecurity Roundup: DDoS attack on Telegram and more

Fancy getting the weekly roundup delivered straight to your inbox?

Sign up to the IRM newsletter.

Telegram hit by a cyber-attack from Chinese IP addresses

The messaging app, Telegram, which has over 200 million users, has been hit by a cyber-attack that coincided with the ongoing protest in Hong Kong.

The movement has seen hundreds of thousands of people protesting against an extradition bill that would allow people to be sent to mainland China to stand trial. Telegram has been facilitating the protests as a tool to coordinate the demonstration. Telegram allows people to send encrypted messages, documents, videos and pictures without charge and to an unlimited audience.

The attack on Telegram was aimed at disrupting services and mostly came from Chinese IP addresses using a Distributed Denial of Service attack (DDOS). A DDoS attack uses multiple computers and Internet connections to flood the targeted resource. The cyber-attack saw the app experience connection issues for an hour.

You can read more here.

MI5 have not been meeting data protection obligations

MI5 have been unlawfully holding large volumes of people’s data collected through surveillance or hacking programmes, the High Court has been told.

People’s location data, calls, messages and browsing history were being held without proper protection. The data was not handled safely and hadn’t been destroyed when it was no longer needed, which goes against the Investigatory Powers Act.

MI5 were exposed by the official watchdog, the Investigatory Powers Commissioner, Lord Justice Fulford, and confirmed by Sajid Javid, the Home Secretary.

Lord Justice Fulford said MI5 had a “historical lack of compliance” with the law in the way it retained and deleted data. He said it had been held and handled in an “undoubted unlawful manner.”

The security service has now taken “immediate and substantial steps” to comply with the law, Home Secretary Sajid Javid has said.

You can read more here.

Aircraft manufacturer closed indefinitely after cyber-attack

Asco, a manufacturer of aircraft parts, has had to shut down operations after a cyber-attack on the company’s servers.

Asco have temporarily closed down their base in Zaventem, Belgium, as well as operations in other countries, following a security breach. Around 1,000 employees are currently on technical unemployment until the company resumes operations.

The attack was a type of malware which forces the victim’s system to shut down until a ransom is paid for to resume operations. It is unclear how much the ransom is for, or how long the company is expected to be out of action for.

You can read more here.

Radiohead sells recordings after hacker threatens to leak material

The rock band, Radiohead, has been targeted by a hacker who stole unreleased recording material and threatened to leak it in an extortion scheme.

The hacker managed to get into lead vocalist Thom Yorkes’ mini disk archive, containing the recordings from their 1997 studio album, OK Computer.

Instead of paying the hacker £150,000 ransom for the recordings, Radiohead decided to release the full songs, with proceeds going towards Extinction Rebellion; an environmentalist movement relying on non=violent resistance to generate awareness.

The archived material is on Bandcamp for £18 and is only available for 18 days. That’s one way to thwart a hacker!

You can read more here.

Quick Fire Updates:

Netherlands vulnerable to cyber-attacks due to digitisation: With almost all vital processes and systems being completely digitised with no analogue back-ups, the Netherlands are particularly vulnerable to IT failures and attacks. Read more here.

Congress to potentially create ‘Cyber first responders’: A bill was passed on June 10th to allow the establishment of ‘cyber incident teams’ to help protect federal agencies and the private sector from cyber-attacks. You can read more here.

Hacker who blackmailed executives of TalkTalk in cyber-attack has been jailed: Daniel Kelley has been jailed after blackmailing telecommunications company TalkTalk. The total cost of the cyber-attack estimated at $77 million. You can read more here.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM. 

Are you looking to get into a career in cyber? Check out IRM’s job vacancies on our careers page.