What do statistics, AI, fires, scandal, aliens and sharks all have in common? The August edition of NewsScam, of course! Believe it or not: hackers don't take the summer off – and neither do sharks!! Read on to discover how hackers turn into killer sharks and read all about this month’s headlines; including how cyber-attacks may destroy lives, AI might not be able to secure and save you while the police might be in danger themselves as they sort out their own problems…
New Statistics Emerge from 2023 National Risk Register in the UK
So how could a cyber-attack destroy lives? The UK government has indicated that there is a 5-25% probability of a significant cyber-attack occurring on critical infrastructure within the country over the next two years. These statistics have emerged from the recently released National Risk Register 2023 report, which draws insights from the government’s confidential National Security Risk Assessment. This assessment covers a range of threats including cyber-attacks, terrorism, and non-malicious factors like extreme weather. The report also highlights various cyber risks, like potential attacks on areas such as gas, electric infrastructure, civil nuclear facilities, government systems, and healthcare.
Is AI a Chronic Risk?
Whilst ChatGPT and Co. proclaim themselves to be everyone’s new personal AI saviours, the UK government has declared otherwise, labelling the artificial intelligence platform as a “persistent risk” to its national security. The National Risk Register now even lists AI as a long-term security concern for the UK’s most crucial systems by calling it a “chronic risk”.
UK Electoral Commission Scandal
The new report comes on the heels of a month full of cybersecurity challenges. The headlines were full of the latest scandal around the UK Electoral Commission data breach, which exposed eight years of sensitive voter data. The revelation comes 10 months after the commission’s initial detection of the breach and two years since the breach itself, prompting questions for the reasons behind the delayed public disclosure. If you had enrolled to vote in the UK from 2014 to 2022, there is a high possibility that your personal details have been exposed.
Data Breach of Police Service in Northern Ireland and London
Speaking of saviours, police in both Northern Ireland and London are trying to protect themselves after each have been impacted by damaging data breaches. The Police Service of Northern Ireland was hit with a "monumental” breach on August 8, which compromised the personal information of all its officers – including the names and rank of every officer in Northern Ireland – raising concerns among staff regarding their safety. It turns out that the police service accidentally disclosed the details in response to a freedom of information request. This is a good example of how security also relies on your employees! Unfortunately, in this case, things really didn’t go well.
In London, the story is a bit different. The Metropolitan Police are also the victims of a data breach, but unlike the situation in Northern Ireland, this incident can be traced back to an IT supplier. The un-named supplier had access to names, ranks, photos, vetting levels, and pay numbers for officers and staff. Fortunately, it does not appear that personal information such as addresses and phone numbers were part of the leaked data.
Musk Fights More Fires
In the meantime, Elon Musk has another fire to put out. You would be forgiven for thinking that it might be another X (formerly Twitter) scandal, but this time it's at Tesla. It appears that there was an “inside job” at Tesla, which has experienced a data breach resulting in the exposure of personal details belonging to 73,735 individuals. The leaked information which dates back to 2015, encompasses names, addresses, mobile phone numbers, and email addresses.
In May, German publication Handelsblatt disclosed that Tesla had encountered a significant breach that divulged a range of data, from personal information of both current and former employees to customer grievances regarding their vehicles. The publication indicated that it had extensively reviewed the data, compromising more than 23,000 files.
Cyber-attacks Go Up to Space
Joining the ongoing whistleblowers talk, Space, and the satellites that roam it, have also been in the headlines this month – and concerns about it are growing. As the US space economy is projected to hit $1 trillion by 2030, reports indicate that spies and hackers are targeting the industry, sparking concern about foreign espionage on the American space sector and potential cyber-attacks on satellite infrastructure. The National Counterintelligence and Security Center (NCSC) suggests that tactics like cyber-attacks, shell companies, and traditional espionage could be used to acquire sensitive data on US space capabilities. The report also highlights the risk of using counterspace systems, like satellite jamming or hacking, to disrupt US satellite systems. One might wonder...will aliens be the next target?
And back here on Earth, cybersecurity experts are warning that sharks, of all things, could play a role in cyber outages. That’s correct – these creatures have unexpectedly become a factor in the realm of cybersecurity by developing an appetite for our undersea internet cables. If you’re still sceptical, continue scrolling below for all details of sharks taking a literal bite out of cybersecurity, and more industry news.
Wait, there’s more...
U.S. officials warning of potential cyber threat to U.S. infrastructure and power grid – msn.com
North Korean hackers target US-South Korea military drills, police say – databreaches.net
Data of 2.6 million Duolingo users posted on the dark web – cshub.com
Lazarus Group, APT38 Set to Try Cashing Out $40M BTC: FBI – coindesk.com
Aristocrat confirms data breach after cyber-attack – agbrief.com
Has Trump’s Patriot Legal Defense Fund Website Been Hacked? – forbes.com
Lapsus$: Court finds teenagers carried out hacking spree – BBC News
Mysterious Cyberattack Shuts Down Yet More Telescopes For Weeks – IFLScience
Discord starts notifying users affected by March data breach – bleepingcomputer.com