Russian Ransomware Gang Attack Destabilizes UK Royal Mail
A WIRED investigation this week found that the app SweepWizard, which some US law enforcement agencies use to coordinate raids, was publicly exposing sensitive data about hundreds of police operations until WIRED disclosed the flaw. The exposed data included personally identifying information about hundreds of officers and thousands of suspects, including geographic coordinates of suspects’ homes and the time and location of raids, demographic and contact information, and some suspects’ Social Security numbers.
Meanwhile, police in the Indian state of Telangana are using grassroots educational initiatives to help people avoid digital scams and other online exploitation. And the industrial control giant Siemens disclosed a major vulnerability in one of its most popular lines of programmable logic controllers this week. The company does not have plans to fix the vulnerability because, on its own, it is exploitable only through physical access. Researchers say, though, that it creates exposure for the industrial control and critical infrastructure environments that incorporate any of the 120 models of vulnerable S7-1500 PLCs.
And there’s more. Each week, we highlight the security news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories.
The UK’s Royal Mail service said on Wednesday that it had been hit by a ransomware attack and, as a result, could not process packages and letters to ship internationally. The company asked customers not to attempt to ship international mail until the attack is remediated. Royal Mail officials blamed the prolific cybercriminal ransomware group LockBit, which is thought to be based in Russia, for the attack. Royal Mail has not provided extensive comment about the situation but called it a “cyber incident” and cautioned that there would be “severe disruption” as a result of the attack.
In November, aides of President Joe Biden found classified material from his time as vice president in an office he used before beginning his 2020 presidential campaign and at his Wilmington, Deleware, home. Now, after combing through the president’s papers and offices, they have found more classified documents in an additional location. NBC News, which first reported the new details on Wednesday, wrote, “The classification level, number, and precise location of the additional documents was not immediately clear. It also was not immediately clear when the additional documents were discovered and if the search for any other classified materials Biden may have from the Obama administration is complete.”
Microsoft said in March 2019 that it would sunset Windows 7 and that customers should migrate to newer versions of the operating system. Beginning in January 2020, the company continued providing security updates only to enterprise customers who paid for extended support. Microsoft said that this, too, would run out at the end of 2022. The company confirmed on Tuesday that security updates for Windows 7 have ended and that all users should upgrade if they haven’t done so already. Computers that continue to run Windows 7 will not receive updates and will be vulnerable to hacking. The operating system first launched in 2009 and was ubiquitous in its heyday. As with many versions of Windows, it will likely have a long tail. TechCrunch reports that some market-share data analysts estimate that 10 percent of Windows PCs around the world still run Windows 10. Seemingly because of lower adoption rates, Microsoft ended support for Windows 8 in January 2016 and ended support for Windows 8.1 on Tuesday as well. And the company will not offer extended support for Windows 8.1.
Cybercriminals looking to conduct identity theft have been exploiting a very basic security weakness in the website of the credit bureau Experian. Experian designed its systems so people who want a copy of their credit report need to correctly answer a number of multiple-choice questions about their financial histories to validate their identity. Until the end of 2022, though, Experian’s website was allowing anyone to get around the requirement by simply entering a person’s name, birth date, Social Security number, and address. This set of information is often readily accessible to cybercriminals because of past data breaches and composite troves of many breaches put together.
A September 2022 investigation by the The New York Times included frank commentary from Russian soldiers about their criticisms of Russia’s invasion of Ukraine and ongoing war in the country. But the story seems to have accidentally exposed phone numbers and other identifying metadata about some of the sources, and the information persisted in publicly available source code for the story until Motherboard notified the publication in January. Though unintentional, the lapse has real potential implications for the physical safety of the sources, who could face repercussions from the Russian government or other entities.