Record-high seizure of $4bn in stolen Bitcoin
Stolen Bitcoin worth more than $4bn (£2.9bn) has been seized by the US Department of Justice - the largest ever confiscation of its kind. Officials also charged two people on Tuesday with attempting to launder the money, stolen by a hacker who breached a cryptocurrency platform in 2016. The hacker allegedly made off with nearly 120,000 Bitcoin. Then valued at about $71m, its value now exceeds $5bn. About 94,000 Bitcoin have been recovered. According to Justice Department officials, a hacker breached the platform, made more than 2,000 unauthorised transactions and then funnelled the money into a digital wallet allegedly run by Ilya Lichtenstein, 34, of New York. A criminal complaint alleges Lichtenstein and his wife, Heather Morgan, 31, laundered about 25,000 of the stolen Bitcoin through various accounts over the past five years and used various methods to cover their tracks, from fake identities to converting their Bitcoin into other digital currencies.
How can Bechtle help you to avoid a similar threat? In what is believed to be one of the largest financial seizures, we advise for any organisations within the technology sector to invest in Identity Management, IPS and End-Point protection – this is now more important than ever. These attacks are enabled through not managing identity and access in a controlled and efficient way. At Bechtle, we can provide cyber consultancy to filter through risks that your business may face in financial breaches. Get in touch to learn more.
|
Foreign Office target of 'serious cyber incident'
The UK's Foreign, Commonwealth and Development Office (FCDO) was the target of a "serious cyber-security incident", it has emerged. The details came via a tender document published on a government website, seemingly by mistake. It revealed that cyber-security firm BAE Systems Applied Intelligence was called on for "urgent support".
The BBC understands unidentified hackers got inside the FCDO systems but were detected. A spokesperson for the FCDO told the BBC: "We do not comment on security but have systems in place to detect and defend against potential cyber incidents." It is not believed that any classified or highly sensitive material was breached. It is also not clear when the incident took place, but the contract finished on 12 January of this year. The contract was valued at £467,325. The tender details were first reported by the publication The Stack. It says that BAE Systems was "the Authority's long-term service management integrator". "Due to the urgency and criticality of the work, the Authority was unable to comply with the time limits for the open or restricted procedures or competitive procedures with negotiation." A number of foreign states have been accused of major espionage campaigns in the past, including Russia and China, and foreign ministries of a number of states are regularly targeted - and often breached. Foreign governments are frequently the target of cyber-espionage campaigns by other states seeking access to information about diplomacy and current events.
Russia and China have been accused of espionage campaigns by western countries in the past, such as the significant Solar Winds campaign by Russia unearthed a year ago.
How can Bechtle help you to avoid a similar threat? Whilst the finer details are minimal, what we can see is that a lot of best practice measures were already in place, preventing a serious breach. The question is, how could this attack have been made more visible, and a true timeline established? EDR may have been useful to track activity within folders in the estate. At Bechtle, we can guide you through optimising your cloud technology, managing visibility into applications and activity.
|
Which instance of ransomware had the best lesson for executives?
While executives can learn from any cyberattack against any industry, the lessons gleaned from attacks on critical infrastructure are most influential. The ransomware attack on Colonial Pipeline was a watershed moment for security professionals and business executives. First, it demonstrated to leaders that ransomware could disrupt business operations beyond data encryption and exfiltration. Ransomware can threaten business operations in both IT and OT environments. Because many OT systems depend on IT, an IT cyberattack can also force the disruption of OT and ICS processes.
Second, this attack was the first example for many Americans that demonstrated how cyberattacks might impact daily life (e.g., shut down gas stations, increased prices, lines at the pump). Cyberattacks against critical infrastructure and utilities have the potential to disrupt supply chains, harm the environment and even threaten human life. It forced company leaders to think critically about their responsibilities for security.
Third, the attack highlighted that paying a ransomware actor does not immediately translate into returning to normal business. Resolving issues and resuming full operations can take days or weeks. Colonial Pipeline paid the ransom, but the decrypting tool DarkSide provided was so slow that Colonial used its own backups to restore the system.
How can Bechtle help you to avoid a similar threat? The rise in modern ransomware has clearly demonstrated the threat to business operations, and the up-stream and down-stream effects on supply chain - this is one of the biggest business challenges of the decade. It clearly demonstrates the requirement for:
Get in touch to discover how we can provide consultancy services and solutions around supporting your best business security posture from cybercrime.
|
Want to know more about any of the updates listed above? Contact Alice for more information.
Phone: +44 1249 467 938
E-mail: alice.lee@bechtle.com