Infosec Round-Up Oct 29th

Play Video

UK Ransomware Doubles, DDoS Attacks & Teen Scammer

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

UK Ransomware Attacks Double

The head of the UK’s Government Communications Headquarters (GCHQ) has stated that the number of ransomware attacks against British institutions has doubled in the past year.

Jeremy Fleming, the director of GCHQ made the disclosure this week at the Cipher Brief annual threat conference, noting ransomwares increased popularity amongst criminals was due to the attack vector being both highly profitable and “largely uncontested”.

Although GCHQ has not made the exact numbers of recorded ransomware attacks for this year or the last public, Mr Fleming recently announced that in a joint initiative with the UK’s new National Cyber Force, offensive tactics would be used to bring down the gangs responsible.

In his remarks the head of the spy agency noted: “If you do fairly basic cyber security, if you are really clear at an organisational level about things that you need to protect and if you are very diligent in implementing the guidance of your cyber security professionals… then you’re going to protect yourselves.”

Internet Phone DDoS Attack

In what has been described as an “unprecedented” cyber-attack, multiple UK based voice over internet protocol (VoIP) service providers have been targeted by distributed denial of service (DDoS) attacks.

Although the exact number of the attacks has not been disclosed, the Comms Council UK noted that the DDoS attacks which occurred over the past month “appear to be part of a co-ordinated extortion-focused international campaign by professional cyber-criminals”.

Resulting in numerous outages, VoIP technology allows for calls to be made over the internet, providing infrastructure to a range of customers, including businesses as well as public services, including the police and NHS.

A spokesman for the UK’s communications regulatory authority Ofcom has stated on the matter: “We're aware that some networks have been experiencing problems recently… We are in contact with them to establish the scale and cause of the problem, and also liaising closely with the UK Government and National Cyber Security Centre.”

Teen Scams £2 Million

Police have confiscated over £2 million worth of cryptocurrency from a Lincolnshire teenager who ran a sophisticated online gift voucher scam.

Having set up a website designed to impersonate legitimate online business Love2Shop, the seventeen-year-old also bought Google ads which allowed his fraudulent website to be promoted alongside the real one.

Believed to have harvested £6,500 worth of vouchers during the websites time of operation, a later police investigation also revealed on the teenager’s computer 12,000 credit card numbers, 197 PayPal accounts, and 48 Bitcoins.

Appearing in court this week, the judge handed down a 12-month youth rehabilitation order, as well as commenting that if the offender was an adult, he would be facing jail time.

Detective Constable Luke Casey of Lincolnshire Police noted on the case: “Cryptocurrency is often thought by criminals to be an anonymous way to move funds around undetected, but I'm glad that in this case we were able to highlight that the police are now able to effectively investigate offences of this nature.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.


Infosec Round-Up Oct 22nd

Infosec Round-Up Oct 22nd - Hut Six

Computer maker Acer hacked twice in a single week. Ofcom reports almost 45 million people targeted by scammers. US restricts the sale of hacking tools.

Infosec Round-Up Oct 8th

Infosec Round-Up Oct 8th - Hut Six

125GB of Twitch data leaked. School IT tech charged in insider threat case. EU parliament votes against A.I surveillance.

Infosec Round-Up Oct 1st

Infosec Round-Up Oct 1st - Hut Six

iPhone contactless flaw could allow locked phone payments. China warns crypto “seriously endanger the safety of people’s assets”. Ethereum research facing 20 years in prison.

InfoSec Round-Up Sep 24th

InfoSec Round-Up Sep 24th - Hut Six

REvil steals loot from affiliate criminals. Lithuania warns of Chinese made phones. UK MoD exposes the data of Afghan interpreters.

Infosec Round-Up Sep 17th

Infosec Round-Up Sep 17th - Hut Six

Irish DPA investigates TikTok data collection. NSO Group flaw fixed. Microsoft announces passwordless future.

Infosec Round-Up Sep 10th

Infosec Round-Up Sep 10th - Hut Six

Ragnar Locker threatens victims with possible data leaks. UK student jailed for "cynical" cyber crime. ProtonMail faces criticism.

Infosec Round-Up Sep 3rd

Infosec Round-Up Sep 3rd - Hut Six

Insider threat destroys 21GB of credit union data. Hackers leak UK firearms marketplace data. Coinbase accidentally sends 125K warning emails.

Infosec Round-Up Aug 27th

Infosec Round-Up Aug 27th - Hut Six

Ethical hacker rewarded with $500K after returning stolen crypto. Japanese exchange attacked. US loses $2.3 million to BEC scam.

Infosec Round-Up Aug 20th

Infosec Round-Up Aug 20th - Hut Six

48 million T-Mobile customers' data breached. Secret 'no-fly' list exposed on internet. Brazil Government hit with another ransomware attack.

Infosec Round-Up Aug 13th

Infosec Round-Up Aug 13th - Hut Six

Apple responds to CSAM scanning criticism. Crypto hacker returns over $300 million worth of tokens. Crytek game developer confirms data leak hack.