Robin’s Newsletter #287

17 December 2023. Volume 6, Issue 51
Russian group claims responsibility for knocking out Ukraine's largest telco. National Grid removing Chinese tech from electricity network. PSNI breach expected to cost over £20M.
Join hundreds of subscribers who get this first, every Sunday. Subscribe

This week

Outage at Ukraine’s largest mobile operator caused by cyber-attack

National Grid removing Chinese components from UK electricity network

  • National Grid, who operate the UK’s electricity transmission network, have begun removing components manufactured by a Chinese company over security fears
  • Narai Technology’s UK subsidiary was relatively small, with the technology present at 15 sites across the UK. National Grid is understood to have terminated its relationship with the company earlier this year following advice from the National Cyber Security Centre.

Operational impact of PSNI breach expected to cost £24M-37M

  • Human impact: An official review of the Police Service of Northern Ireland’s (PSNI) August data breach, which affected 9,483 officers, has revealed the impact on staff.
  • An undisclosed number of officers have chosen to relocate themselves and their families, with more being financially unable to do so. Over 50 sickness absences have been linked to the breach and safety fears.
  • More than 4,000 staff have contacted the ‘threat assessment group’ set up by the force, who expect operational impact to be £24-37 million ($30-46.5 million). 

Interesting reads

  • Microsoft has released incident response guidance that actually looks pretty good. It’s more suited for larger organisations but covers quite a bit of ground, with a few stages, questions to ask, and pitfalls to avoid. (PS, Cydea has a template incident response plan, if you need that, too.)

Interesting stats

It’s two years since Log4J reared its head (vol. 4, iss. 50). Thankfully, the immediate consequences were largely over-hyped, but the long tail of issues lingers…

~38% of apps using the Apache Foundation’s Log4J library are using a version that’s vulnerable to security issues, according to Veracode.

10 new Android banking trojans targeted  985 banking apps across  61 countries in 2023, according to Zimperium

Other newsy bits / in brief

And finally

  • Disgruntled employee: Miklos Daniel Brody, a former cloud engineer at First Republic Bank, has been sentenced to two years in prison and restitution of $529,000 for a spree of malicious acts upon being fired in March 2020. Brody’s employment was terminated for connecting a USB drive containing pornography to company computers, but he refused to return his laptop and used his access to wipe servers, delete the bank’s code repositories and log files, and impersonate and taunt other employees.
Robin

  Robin's Newsletter - Volume 6

  Ukraine Russia Telecommunications Kyivstar Cyber war Disruption National Grid China Nari Technology Critical National Infrastructure (CNI) Police Service of Northern Ireland (PSNI) Data breach Incident Response Banking trojan AutoSpill Password Manager Location Tracking Geofence Warrants Surveillance Cox Media Group (CMG) Active Listening Privacy TeamCity Perforce Hunters International Hive Progress Software MOVEit Ubiquiti Disgruntled Employee