This week in InfoSec makes a tenuous wrestling link to a security story Rant of the Week is a warning the UK government is ill-prepared for what’s coming Billy Big Balls is a train wreck Industry News is the latest and greatest news stories from around the world And Tweet of the Week is sage seasonal advice
This week in InfoSec (12:55)
With content liberated from the “Today in infosec” Twitter account and further afield
11th December 2010: The hacker group Gnosis released the source code for Gawker's website and 1.3 million of its users' password hashes.
After a jury found Gawker's parent company liable in a lawsuit filed by Hulk Hogan and awarded him $140 million, Gawker shut down in 2016.
https://twitter.com/todayininfosec/status/1734217170173763907
14th December 2009: RockYou admitted that 32 million users' passwords (stored as plain text) and email addresses were compromised via a SQL injection vulnerability. RockYou's customer notification said "it was important to notify you of this immediately"...10 days after they became aware.
https://twitter.com/todayininfosec/status/1735357287147995514
Not really infosec https://x.com/depthsofwiki/status/1735147763447595024?s=20 but 14th Dec 2008 was the infamous Bush shoeing incident. Where Bush ducked the shoes thrown by Al-Zaidi while the Iraqi PM Nouri Al-Maliki tried to parry it.
Rant of the Week (22:10)
UK government woefully unprepared for 'catastrophic' ransomware attack
The UK has failed to address the threat posed by ransomware, leaving the country at the mercy of a catastrophic ransomware attack that the Joint Committee on National Security Strategy (JCNSS) yesterday warned could occur "at any moment."
The Parliamentary Select Committee reached this conclusion in a scathing report released December 13 that accused the government of failing to take ransomware seriously, and of providing "next-to-no support" to victims of ransomware attacks.
"There is a high risk that the government will face a catastrophic ransomware attack at any moment, and that its planning will be found lacking," the report concluded. "There will be no excuse for this approach when a major crisis occurs, and it will rightly be seen as a strategic failure."
Recent examples of ransomware infections at UK government institutions and critical private infrastructure are not hard to find.
Manchester Police, Royal Mail and the British Library have all fallen victim to ransomware attacks since September 2023.
In July 2023, the Barts Health NHS Trust hospital group was hit by the BlackCat ransomware gang. The NHS had already been taught a lesson about the vicious power of ransomware in 2017 when multiple Brit hospitals stopped taking new patients, other than in emergencies, after being hobbled by WannaCry.
Third-party providers of NHS software systems have been hit as well, taking systems offline and forcing care providers to revert to pen and paper.
In short, the situation with ransomware in the UK is already bad, and the JCNSS has predicted things will likely get worse.
Billy Big Balls of the Week (29:54)
Polish Hackers Repaired Trains the Manufacturer Artificially Bricked.
After breaking trains simply because an independent repair shop had worked on them, NEWAG is now demanding that trains fixed by hackers be removed from service.
They did DRM to a train.
In one of the coolest and more outrageous repair stories in quite some time, three white-hat hackers helped a regional rail company in southwest Poland unbrick a train that had been artificially rendered inoperable by the train’s manufacturer after an independent maintenance company worked on it. The train’s manufacturer is now threatening to sue the hackers who were hired by the independent repair company to fix it.
The fallout from the situation is currently roiling Polish infrastructure circles and the repair world, with the manufacturer of those trains denying bricking the trains despite ample evidence to the contrary. The manufacturer is also now demanding that the repaired trains immediately be removed from service because they have been “hacked,” and thus might now be unsafe, a claim they also cannot substantiate.
Industry News (38:38)
EU Reaches Agreement on AI Act Amid Three-Day Negotiations
Europol Raises Alarm on Criminal Misuse of Bluetooth Trackers
Widespread Security Flaws Blamed for Northern Ireland Police Data Breach
UK Ministry of Defence Fined For Afghan Data Breach
UK at High Risk of Catastrophic Ransomware Attack, Government Ill-Prepared
MITRE Launches Critical Infrastructure Threat Model Framework
Microsoft Targets Prolific Outlook Fraudster Storm-1152
Vulnerabilities Now Top Initial Access Route For Ransomware
Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign
Tweet of the Week (46:06)