September news - scroll down for all of the articles

Federation welcomes plan to equip officers with more effective Taser

 

The Police Federation has welcomed the Government announcement that police officers

can be equipped with a more effective Taser.

Taser 7, which is more accurate, faster and compact than previous models, is now available

to all 43 forces. It will also reduce costs for forces by replacing disposable batteries with

rechargeable ones.

Reacting to the news, PFEW National Vice-Chair Ché Donald said: “We have always said

Taser is a vital piece of equipment which keeps both the public and officers on the

frontline safe.

“Policing is tough and more of my colleagues are being assaulted so it’s essential they are

given the best training, the best equipment and the support they need to do their job. Having

access to Taser with the option to carry one if they wish to do so and pass the required training is

part of that.”

Last year.  the Government announced a £10 million ring-fenced fund to significantly increase the number of officers carrying Taser.

Chief Constables will decide how many officers in their forces can carry the new devices based on strategic assessments of threats and risks in their force areas.

Officers who want to use the new device will receive updated training and guidance, whilst forces will be required to complete an additional record every time a Taser 7 device is used, to monitor the effects and performance of the device.

Mr Donald continued: ‘Taser is an extremely effective means of dealing with many dangerous situations that our officers face on the streets and is a less lethal option in comparison to conventional firearms. In 85 per cent  of cases, simply drawing the Taser from its holster de-escalates many situations safely, preventing a physical interaction.

‘The T7 is a more modern, effective and safer device so the Home Secretary’s announcement is very welcome news,’ he concluded.

Cyber criminals exploiting remote working during pandemic says Interpol

 

Interpol has warned that criminals are taking advantage of the fact that more people are working remotely during

the Coronavirus pandemic which has led to increased security vulnerabilities.

 

Cyber criminal are capitalising on this shift in working patterns and are stealing data to generate increased profits

says an Interpol report.

 

It found that in a four-month period some 907,000 spam messages, 737 incidents related to malware and 48,000

malicious URLs - all related to COVID-19 - were detected.

 

‘Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty

caused by the unstable social and economic situation created by COVID-19.’ explained Jürgen Stock, Interpol

Secretary General.

 

‘The increased online dependency for people around the world, is also creating new opportunities, with many

businesses and individuals not ensuring their cyber defences are up to date.’

 

Interpol says that the report’s findings again underline the need for closer public-private sector cooperation to help

combat the threat.

 

Key findings highlight by the Interpol assessment of the cybercrime landscape in relation to the COVID-19 pandemic

include:

 

  • Online Scams and Phishing: Threat actors have revised their usual online scams and phishing schemes. By deploying COVID-19 themed phishing emails, often impersonating government and health authorities, cybercriminals entice victims into providing their personal data and downloading malicious content.

 

Around two-thirds of member countries which responded to the global cybercrime survey reported a significant use of COVID-19 themes for phishing and online fraud since the outbreak.

 

  • Disruptive Malware (Ransomware and DDoS): Cybercriminals are increasingly using disruptive malware against critical infrastructure and healthcare institutions, due to the potential for high impact and financial benefit.In the first two weeks of April 2020, there was a spike in ransomware attacks by multiple threat groups which had been relatively dormant for the past few months.

 

Law enforcement investigations show the majority of attackers estimated quite accurately the maximum amount of ransom they could demand from targeted organisations.

 

  • Data Harvesting Malware: The deployment of data harvesting malware such as Remote Access Trojan, info stealers, spyware and banking Trojans by cybercriminals is on the rise. Using COVID-19 related information as a lure, threat actors infiltrate systems to compromise networks, steal data, divert money and build botnets.

 

  • Malicious Domains: Taking advantage of the increased demand for medical supplies and information on COVID-19, there has been a significant increase of cybercriminals registering domain names containing keywords, such as “coronavirus” or ‘COVID’.

 

These fraudulent websites underpin a wide variety of malicious activities including C2 servers, malware deployment and phishing.From February to March 2020, a 569 per cent growth in malicious registrations, including malware and phishing and a 788 per cent growth in high-risk registrations were detected and reported to INTERPOL by a private sector partner.

 

  • Misinformation: an increasing amount of misinformation and fake news is spreading rapidly among the public with unverified information, inadequately understood threats, and conspiracy theories contributing to anxiety in communities and in some cases facilitated the execution of cyberattacks.

 

  • Nearly 30 per cent of countries which responded to the global cybercrime survey confirmed the circulation of false information related to COVID-19. Within a one-month period, one country reported 290 postings with the majority containing concealed malware.

 

There are also reports of misinformation being linked to the illegal trade of fraudulent medical commodities. Other cases of misinformation involved scams via mobile text-messages containing 'too good to be true' offers such as free food, special benefits, or large discounts in supermarkets.

 

Future concerns

Interpol predicts that a further increase in cybercrime is highly likely in future.  Vulnerabilities related to working from home and the potential for increased financial benefit will see cybercriminals continue to ramp up their activities and develop more advanced and sophisticated modus operandi.

 

It also predicts that threat actors are likely to continue proliferating coronavirus-themed online scams and phishing campaigns to leverage public concern about the pandemic.  Business Email Compromise schemes will also likely surge due to the economic downturn and shift in the business landscape, generating new opportunities for criminal activities.

 

Interpol fears that when a COVID-19 vaccination is available, it is highly probable that there will be another spike in phishing related to these medical products as well as network intrusion and cyberattacks to steal data.

New powers introduced to tackle hostile state activity

 

Police officers now have powers to stop, question, search and detain individuals at UK

ports in relation to espionage and foreign interference.

 

The powers will allow specially trained police officers to stop, question, and when

necessary detain and search individuals travelling through UK ports to determine whether

they are involved in hostile state activity.

 

The new Schedule 3 powers were introduced in the Counter Terrorism and Border Security

Act 2019 and created in response to the 2018 Salisbury nerve-agent attack.

Home Secretary Priti Patel said: ‘The threat posed to the UK from hostile state activity is

growing and ever changing.’

 

‘These new powers send a clear message to those involved in it that this government has

zero tolerance for those acting against British interests,’ she continued.

 

‘But I am clear more must be done and we are developing new legislation to bring our laws up to date and create new ones to stay ahead of the threat.’

 

Following parliamentary approval, the powers have now come into effect and the police will now start bringing them into operation.

 

A code of practice setting out the processes governing how Schedule 3 will be used and overseen has been published on GOV.UK.

 

It includes safeguards such as independent oversight by the Investigatory Powers Commissioner and provides special protections for confidential material and journalistic sources.

 

The new powers are just one part of a wider effort to tackle hostile state activity.

Last year, the government announced in the Queen’s speech plans to introduce new legislation to provide the security services and law enforcement agencies with the tools they need to tackle the evolving threat of hostile activity by foreign states.

 

This includes considering whether to follow allies in adopting a form of foreign agent registration, updating the Official Secrets Acts, as well as the case for updating treason laws.

 

fact sheet explaining the powers and the codes of practice which govern their use is also available on GOV.UK.

Crime groups dismantled by infiltration of EncroChat encrypted networks

 

The NCA and UK forces have taken down organised crime gangs by infiltrating the bespoke

encrypted global communications service that is used exclusively by criminals to communicate.

Operation Venetic is the biggest ever law enforcement operation and has resulted in over 746

arrests, and £54m criminal cash, 77 firearms and over two tonnes of drugs seized so far.

Encrypted

EncroChat was one of the largest providers of encrypted communications and offered a secure

mobile phone instant messaging service, but an international law enforcement team cracked the

company’s encryption.

There were 60,000 users worldwide and around 10,000 users in the UK – the sole use was for

coordinating and planning the distribution of illicit commodities, money laundering and plotting to kill rival criminals.

Platforms

Since 2016, the National Crime Agency has been working with international law enforcement agencies to target EncroChat and other encrypted criminal communication platforms by sharing technical expertise and intelligence.

This collaboration resulted in partners in France and the Netherlands infiltrating the platform. The data harvested was shared via Europol. Unbeknown to users the NCA and the police have been monitoring their every move since then under Operation Venetic – the UK law enforcement response. European law enforcement agencies had also been targeting organised crime groups at the same time.

The EncroChat servers have now been shut down.

Experts warns users about their discovering of 29

malicious Apps in Google Play

 

Threat intelligence researchers have uncovered a new group of 29 malicious Apps

on the Google Play Store one of which has been downloaded by unsuspecting

users 3.5 million times.

The White Ops Satori threat intelligence team discovered that once installed, these

apps run rampant out-of-context ads, and even launch an OOC web browser at

random intervals while the phone is being used, generating significant fraudulent

revenues for the creator while defrauding advertisers. 

The team unearthed the find during their threat hunting investigations. They warned

users that if the app they’ve downloaded is playing hide and seek with you, the icon disappearing from your home screen, it might be bogus.

Bogus

If the only way you can open the app is by going into your Settings menu and finding it in a long list of apps, it might be bogus. And if after you download this app, you open your phone and you begin getting bombarded by ads just appearing out of nowhere, it might be bogus.

The White Ops Satori Threat Intelligence and Research Team recently identified a set of mobile apps that manifested suspiciously high volumes of ad traffic during their threat hunting investigations.

Detection

After looking more closely at those apps and their similarly developed counterparts, White Ops discovered 29 apps with code facilitating out-of-context (OOC) ads as well a pretty clever way to evade detection.

The apps they investigated during their research did not function as advertised and had more than 3.5 million downloads among them.

White Ops dubbed this investigation CHARTREUSEBLUR: the majority of apps include the word “blur” in their package name, and many purport to be photo editors allowing a user to blur sections of the image.

For more information about the team’s work go to: https://resources.whiteops.com/all-content

banner soc 1.png
Sky analyst 1.png