Sunday, February 10, 2019
Friday, February 8, 2019
Australia’s security agencies are urgently investigating an attempt to hack the federal parliament’s computer network, with the parliament unable to rule out a foreign government being behind the attack.
In a joint statement, Scott Ryan and Tony Smith – parliament’s presiding officers – reported a “security incident on the parliamentary computing network” occurred overnight and into Friday morning.
No data breach has been reported, and they said all passwords had been reset out of “an abundance of caution”.
“Similarly, we have no evidence that this is an attempt to influence the outcome of parliamentary processes or to disrupt or influence electoral or political processes,” they said.
“The methods used by malicious actors are constantly evolving. Since 2012, DPS has made substantial strides in strengthening cyber defences for the APH IT networks.
“While there is no guaranteed approach to cyber security, best practise is the ability to detect and remediate threats quickly. The department has done this working jointly with expert agencies.”
Australia’s agencies are understood to be investigating whether China, among other state actors, was behind the attempt.
“Accurate attribution of a cyber incident takes time and investigations are being undertaken in conjunction with the relevant security agencies,” Smith and Ryan said.
“We are not in a position to provide further information publicly at this stage. Updates will be provided to members and senators and the media as required.”
The parliamentary network is used by all MPs and their staff, including to store databases and emails.
Bill Shorten was the first politician to be publicly asked about the breach, and said he had been briefed and was satisfied from what he had ben told so far, “that our security agencies and the [Senate] president and the [House] Speaker have moved in the right way” to secure the network.
But he also said it was “a wake up call”.
“It’s not just Parliament House,” he said.
“I mean Parliament, at least, has resources to protect if people try and hack into our systems.
“But what I was thinking about this morning as we see the extent of the security necessary to restore the integrity of the system is are we doing enough in this country for small and medium businesses to help protect them?
“Of course the other thing which this is a wake-up call for is data. We give a lot of our data to the big international and multinational companies. It is very important to do more to protect our data.
“Just because you can’t see who your enemy is because they’re on the internet doesn’t mean they’re not your enemy.”
Late last year Alistair MacGibbon, the head of the Australian Cyber Security Agency, which sits under the Australian Signals Directorate, joined international condemnation against an alleged plot to steal intellectual property from the west.
Two Chinese nationals were charged in the USover their alleged membership of a hacking group operating in China known in global intelligence circles as Advanced Persistent Threat 10, or APT10.
Speaking to the ABC in December, MacGibbon described that attempted hack as “audacious”.
“It is huge and it impacts potentially thousands of businesses globally,” he said.
Last July the Australian National University, a home to defence-focused research units, reported that its computer systems had come under attack.
In 2016 the Australian Cyber Security Agency concluded foreign powers were to blame for a 2015 hack of the Australian Bureau of Meteorology network, but the government would not reveal which countries were responsible.
That attack was somewhat successful, with malicious software installed and sensitive documents stolen, leading to Australian agencies undertaking a tightening of their cybersecurity systems.
Monday, February 4, 2019
The Canada-based cryptocurrency exchange QuardigaCX has suffered a major setback after the untimely death of its founder and CEO Gerald Cotten. Apparently, Cotten had exclusive and crucial information about the exchange’s password. Now that the CEO is no more, the exchange claims to have lost access to an exorbitant virtual currency amount that totals around $145 million (CAD 190 million).
Cotton died in December last year in India. The company stated that Cotton died “due to complications with Crohn’s disease on December 9, 2018, while traveling in India, where he was opening an orphanage to provide a home and safe refuge for children in need.”
Gerald Cotten
For your information, QuadrigaCX is Canada’s leading and largest Bitcoin exchange. The exchange, unfortunately, cannot access its cold storage or offline wallets because they simply don’t know the password. The only person who knew, Cotten, is dead. As a result, the exchange has filed for legal protection in the Nova Scotia Supreme Court to address liquidity issues.
According to CoinDesk, the exchange is seeking legal protection because it cannot repay $190 million ($250 million CAD) to its creditors in client holdings.
The exchange, explains Cotten’s widow Jennifer Robertson in a sworn affidavit, has to pay funds to its creditors in cryptocurrency and fiat money but it can only access a meager amount stored in the Hot wallet. Therefore, the court should get the exchange enough time from its creditors for repayment until it finds a way to access the frozen funds. The company stored most of its funds in a cold wallet to prevent hackers and cybercriminals from stealing it. The website of QuadrigaCX is also inactive as of now.
The cold wallet is a physical device that doesn’t hold any connection to the internet. According to Robertson, her late husband didn’t share any information about the password and neither does any other member of the team can access the cold wallet. Although she has Cotton’s laptop she cannot decrypt the password and a technical expert hired by the firm also couldn’t bypass the device’s encryption. Cotten also hasn’t left behind any business records, revealed Jennifer Robert
Some people are speculating that the funds have been moved since the case received a lot of public attention but there is no evidence to prove the claim. Furthermore, people doubt that the sudden death of the firm’s CEO is also fake news circulated to create an exit scam. However, Cotten’s death certificate has already been presented to the court in the filings.
On the other hand, a crypto researcher and analyzer called Crypto Medication conducted a detailed blockchain assessment of the company’s TX IDs, coin movements, and addresses and declared that the company doesn’t own “identifiable cold wallet reserves.”
“The number of Bitcoins in QuadrigaCX’s possession is substantially less than what was reported in Jennifer Robertson’s affidavit, submitted to the Canadian courts on January 31st, 2019,” wrote Crypto Medication.
Nonetheless, one thing is clear that if the password is never decrypted, a large number of cryptocurrency owners having funds in the QuadrigaCX wallet might not be able to get their funds back.
Subscribe to:
Comments (Atom)
-
A new way for cybercriminals to create fake social media profiles and carry identity scams using Artificial Intelligence powered tool? A ... -
The Democratic Republic of Congo (DRC) has long been a battleground for complex conflicts, driven by historical betrayals, foreign interfe... -
After almost six decades with Heckler & Koch, the German Bundeswehr appears to have selected a new supplier for its assault rifle. A ...