Weekly Cyber Reports

This Week in Cyber 30th December 2022

Latest news & views from our Cyber Analysts

Written by

Team Nucleus

Content
Written on

30th December, 2022

SHARE ARTICLE


International Operation Takes Out DDoS-for-hire Service

On the 14th of December, 48 of the worlds most popular 'booter' sites, including one which has been used to carry out over 30 million cyber attacks, have been taken down by the joint collaboration of the FBI, National Crime Agency (NCA), Netherlands Police and Europol under an operation they call 'PowerOFF'. These sites were previously used by cyber criminals to easily set up and execute Distributed Denial of Service (DDoS) attacks within minutes, to overwhelm and bring down websites and servers of what could be critical infrastructure. These sites allowed users with little to no cyber experience, to purchase packages costing between $10 and $2500 a month and carry out potentially devastating attacks, making it an attractive entry level cyber crime. When these sites are visited now, a law enforcement splash screen appears stating 'This website has been seized', making it unavailable for use. 7 site administrators were arrested around the same time, with 6 being from the US and the other being an 18 year old man from Devon. While this has removed a large proportion of the DDoS-for-hire sites, operation 'PowerOFF' is still ongoing and other UK based admins and users have already been identified, with the NCA's National Cyber Crime Unit warning of visits from the police in coming months.



Epic Games Fined $275 Million For Breaking Privacy Laws

Epic Games are an American based video game company responsible for some of the most popular games amongst children such as Fortnite and Fall guys. Due to the immense popularity of these games, Epic Games must manage and secure a massive amount of customer data all whilst complying with different international laws. The Federal Trade Commission (FTC) have issued a fine of $275 million for storing data of players under the age of the 13 without explicitly asking the parents permission. This fine is within a total $520 million package which has also found the company guilty of using ‘dark practices’ to trick children into purchasing items again without the parents’ consent. The gaming company has accepted the fine and have come out to say ‘we want Epic to be at the forefront of consumer protection and provide the best experience for our players’. The exceedingly large fine is due to the amount of data the company had processed unlawfully however it serves as a reminder to any corporation that data must be captured, processed and secured within the legal limits of the country that said corporation is working in.



The Guardian Newspaper Has Been Hit By Ransomware

Ransomware has been by far one of the most popular malware types in 2022 and this week the Guardian have confirmed that they have fallen victim too it. The Guardian media executive stated on Tuesday ‘There has been a serious incident which has affected our IT network and systems in the last 24 hours, we believe this to be a ransomware attack but are continuing to consider all possibilities’. The extent of the damage is still yet to be known however employees have been asked to work from home for the remainder of the week whilst investigations continue. The newspapers online functionalities are unaffected, and the printing of physical newspapers is all set to continue.

NUCLEUS

Recommended Posts

Subscribe to Nucleus blog updates.

Subscribe to our newsletter and stay updated.

Subscribe to Nucleus