Infosec in brief Within the United Nations, consensus is more often reached than full agreement, but last week a Russian proposal to curb cybercrime was unanimously approved.

The Convention on the Suppression of the Use of Information and Communication Technologies for Criminal Purposes seeks to allow countries to request information on cybercrime, ostensibly to make it easier to track online criminals. But the move has been opposed by tech companies and online privacy activists, who have rightly pointed out that one country’s crime is another country’s human right.

“Governments can argue that the treaty allows them to refuse requests for mutual legal assistance if there are substantial grounds for believing that the request is made to prosecute or punish a person on the basis of his or her sex, race, language, religion, nationality, ethnic origin or political opinions,” Human Rights Watch warned. “But the grounds for refusal are entirely discretionary and thus become the exception rather than the rule.”

British nuclear subcode outsourced to Russia

British defence supplier Rolls-Royce Submarines has admitted that its staff intranet software was developed by Russian and Belarusian programmers, posing a significant security risk.

The company that forms the backbone of the UK’s nuclear deterrent force was looking for an in-house upgrade and chose a firm called WM Reply, which accepted the contract. According to The Telegraph, the firm then outsourced the job to Eastern European programmers and kept it hidden from the Ministry of Defence by using the names of dead British citizens to circumvent national security rules.

While there is no evidence that the internal systems of British submarines have been compromised, knowledge of who worked on them provides opportunities for blackmail or coercion by those seeking to learn more about British defence operations.

BlackSuit ransomware gang asks for $500 million

In a joint advisory, the FBI and CISA warn that the BlackSuit ransomware gang is on the prowl and looking for big money.

The ransomware strain is derived from the Royal malware family and is primarily distributed via phishing emails. Ransom demands typically range from $1 to $10 million per attack, although agencies report one demand of $60 million. In total, agencies estimate that around $500 million has been demanded by the villains, which are becoming increasingly personalized.

“Recently, there has been an increase in cases where victims have received phone or email communications from BlackSuit actors regarding the breach and ransom. BlackSuit uses a leak site to publish victim information based on non-payment,” the alert reads.

As always, be careful out there.

British nuclear power plant apologises for poor security

After Britain’s largest nuclear waste repository was found guilty of serious safety breaches, a judge has asked for clemency.

Sellafield – formerly the Windscale nuclear power station and reportedly the owner of the world’s largest repository of plutonium – has admitted that 75 percent of its servers were unpatched and vulnerable because they were running Windows 7 and Windows 2008. Although management claimed there was no evidence of a serious security breach, it admitted mistakes had been made, following an investigation by The Guardian.

“On behalf of the company, I once again apologise for the matters which led to this proceeding… I sincerely believe that the issues which led to this prosecution are now in the past,” CEO Euan Hutton said through his lawyers.

Beware the Ubiquiti long tail

In 2019, serious flaws in Ubiquiti’s G4 security cameras made half a million devices easily compromised. Five years later, 20,000 are reportedly still unpatched. It’s a prime example of why old flaws can’t be ignored because many people aren’t patching.

Check Point researchers found that by sending the correct ping to the cameras, they were able to retrieve location and user information thanks to the insecure locking of ports 10001 and 7004. The visual feed, however, appears to be safe.

“This case is a reminder that simple mistakes can persist for years and that the cybersecurity industry must remain vigilant as malicious actors continue to look for ways to exploit our increasing reliance on technology in our daily lives,” Check Point warned in its research. ®