US Marshals Service target of 'major' cyber-attack
The US Marshals service revealed that it recently fell victim to a ransomware security breach that resulted in the compromise of sensitive law enforcement information. According to a spokesperson for the agency, the cyber-attack occurred on February 17th, when the Marshals service "discovered a ransomware and data exfiltration event affecting a stand-alone system". The affected system was then disconnected from the network in order to prevent any further damage.
The spokesperson for the Marshals service did not provide details on the nature of the compromised information or whether the agency had paid the ransom demanded by the hackers.
This incident underscores the importance of cybersecurity measures for all organisations, including government agencies. It also highlights the need for vigilance in detecting and responding to potential cyber threats. While it is not always possible to prevent cyber-attacks, prompt detection and response can help mitigate the damage and prevent further compromises.
LockBit want £33 million from the Royal Mail after leaking data
According to its deep web blog, the LockBit ransomware group has released data that allegedly belongs to Royal Mail International, over a month after the company confirmed the attack. Despite originally demanding a ransom of £65 million, LockBit is now asking for £33 million instead.
The leaked data is available for download in a 44GB compressed 7-Zip file, and there is also a separate plaintext document containing a manifest of the file's contents. Upon initial analysis of the documents, it appears that sensitive files related to different aspects of the business have been leaked. These files include HR records for one employee, salary and overtime payment information for various employees, a file referencing the 'network layout', and several files that relate to contracts with third parties.
Russia Considers Decriminalising Hacking (If it benefits Russia)
The Russian government is reportedly considering decriminalising hacking but only for those who carry out attacks that benefit the country's interests in the ongoing conflict in Ukraine. This new exemption would apply to a broader group of attackers, including individuals in Russia and abroad, many of whom left the country after it announced mobilisation last year.
Currently, in Russia, anyone involved in the development, deployment, and circulation of harmful software can face a maximum prison sentence of seven years, with no exceptions. This has led to a significant number of pro-Kremlin hacker groups operating outside the law and facing legal action.
Despite their usefulness in the Ukrainian conflict and an unspoken understanding between these groups and the government, this situation could change if Vladimir Putin's regime is ousted. If approved, the exemption would provide pro-Kremlin hacktivists with a legal carte blanche to carry out attacks. Hacktivist groups such as Killnet, XakNet, NoName057(16), CyberArmyRussia, and FRwL Team may be among those most likely to benefit from this new rule.
