Infosec in brief The United Nations often reaches consensus rather than complete agreement, but last week a proposal from Russia to cut down on cyber crime was unanimously approved.

The Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes aims to allow countries to request information on cyber crimes, ostensibly to make it easier to track down online felons. But the move was opposed by tech companies and online privacy activists, who correctly pointed out that one country's crime is another's human right.

"Governments may argue that the treaty leaves room to refuse requests for mutual legal assistance where there are substantial grounds to believe that the request has been made to prosecute or punish a person based on their sex, race, language, religion, nationality, ethnic origin, or political opinions," warned Human Rights Watch. "But the grounds for refusal are entirely discretionary and so become the exception rather than the rule."

British nuclear sub code outsourced to Russia

British defence supplier Rolls-Royce Submarines has admitted that its staff intranet software was built by Russian and Belarusian coders - posing something of a security challenge.

The business that provides the backbone to the UK's nuclear deterrent force was looking for an internal upgrade and picked an outfit called WM Reply, which accepted the contract. According to The Telegraph, the firm then outsourced the job to Eastern European programmers and hid it from the Ministry of Defence by using the names of dead British citizens to get around national security rules.

While there's no suggestion that the internal systems of British submarines were compromised, knowing who worked on them creates opportunities for blackmail or coercion by those interested in learning more about the UK’s defence operations.

BlackSuit ransomware gang begs for $500M

In a joint advisory, the FBI and CISA have warned that the BlackSuit ransomware gang is on the prowl and asking for big bucks.

The ransomware strain is derived from the Royal malware family and is spread primarily with phishing emails. Ransom demands typically range from one to ten million dollars per attack, although the agencies report one demand for $60 million. In total the agencies estimated that around $500 million is being sought by the scumbags, who are getting more personal.

"Recently, an uptick was observed in the number of instances where victims received telephonic or email communications from BlackSuit actors regarding the compromise and ransom. BlackSuit uses a leak site to publish victim data based on non-payment," the warning reads.

As ever, be careful out there.

UK nuclear facility apologizes for shoddy security

After pleading guilty to serious security lapses, Britain's premier nuclear waste repository has asked for leniency from its judge.

Sellafield - formerly the nuke dump known as Windscale and reputedly the holder of the world's largest store of plutonium - has admitted that 75 percent of its servers were left unpatched and vulnerable as they were running Windows 7 and Windows 2008. While management claimed there was no evidence of a serious security intrusion, it admitted that mistakes had been made, following an investigation by The Guardian.

"I again apologize on behalf of the company for matters which led to these proceedings … I genuinely believe that the issues which led to this prosecution are in the past," pleaded CEO Euan Hutton via his lawyers.

Beware the Ubiquiti long tail

In 2019 serious failings in Ubiquiti's G4 security cameras meant that half a million devices were exposed to easy hijacking. Five years on and 20,000 are reported to be still unpatched. It's a good example of why old flaws can't be ignored - because many folk don't patch.

Check Point researchers found that by sending the right ping to the cameras they could find location and user information thanks to insecure lockdown of ports 10001 and 7004. The visual feed appears to be safe, however.

"This case serves as a reminder that simple mistakes can persist for years and the cyber security industry must remain vigilant as threat actors continue to look for ways to exploit our increasing dependency on technology in our daily lives," Check Point warned in its study. ®

https://www.theregister.com//2024/08/12/in_brief_infosec/