A grand jury indicted the seven alleged cyberattackers, who had links to the Iranian government, for an "extensive campaign" which lasted just shy of six months. During their campaign, they are said to have carried out numerous distributed denial-of-service (DDoS) attacks, with one of the attackers separately gaining unauthorized access to a dam's industrial automation control (SCADA) system. The seven men are accused of disabling bank websites, preventing customers from gaining access to their online accounts, and costing the companies "tens of millions of dollars in remediation costs" in fending off the attacks in various incidents spanning 2011 to 2013. Court papers say Bank of America, Capital One, ING, PNC Banks, and the New York Stock Exchange were targets. One of the men charged, Hamid Firoozi, was indicted on a separate count of hacking into a system the Bowman Dam in New York, which according to the Justice Dept.
The Abu Dhabi National Oil Company (ADNOC) is transforming its business through digital projects that range from deciding where to drill for oil and gas, to helping the company decide where to sell its final products. The state-owned oil company has driven the United Arab Emirates' economy since it was founded almost half a century ago, and its head of digital, Abdul Nasser Al Mughairbi, has been driving digital transformation since 2017. Each day, ADNOC produces three million barrels of oil and processes billions of cubic feet of gas. It has businesses involved in the extraction of raw materials upstream as well as the processing of materials to add value downstream. Add to this the transportation, sales and marketing of oil and gas, and you have a large, complex organisation.
New Zealand has blocked a mobile company from using telecoms equipment made by Chinese firm Huawei over national security concerns. Wellington's international spy agency blocked a proposal for Spark to use the tech giant's hardware in its planned 5G upgrade, saying it posed a "significant network security risk". It is the latest in a string of blows to the tech giant, which has already come under scrutiny by countries including the US, UK, Canada and Japan. In August, Australia blocked the company from rolling out its 5G network due to security concerns. New Zealand denied banning the company from the network roll-out because it was Chinese, saying the problem was a technological one.
Iran's government-backed hackers are trying to infect US military veterans with malware with the help of a malicious website, researchers from security firm Cisco Talos reported on Tuesday. The website, located at hiremilitaryheroes[.]com (pictured above), offers a fake desktop app for download, in the hopes that US military veterans would download and install it, presumably to gain access to job offerings. But Cisco Talos researchers say the app only installs malware on users' systems and shows an error message, indicating that the installation failed. Behind the scenes, the malware continues to operate on victims' computers, gathering information about the system's technical specs, and sending the data to an attacker-controlled Gmail inbox. The type of data the malware collects includes information on the system, the patch level, the number of processors, the network configuration, the hardware, firmware versions, the domain controller, the name of the admin, the account list, date, time, drivers, etc.. "This is a significant amount of information relating to a machine and makes the attacker well-prepared to carry out additional attacks," said Warren Mercer, Paul Rascagneres, and Jungsoo An, the three Cisco Talos researchers who analyzed the malware.