U.S. defense officials say Israel is responsible for cyberattack which shut down Iranian gas stations in October
Earlier this week two U.S. defense officials anonymously claimed that Israel was responsible for a cyberattack in October which paralyzed the gas subsidy network of Iran and caused massive lines at gas stations across the country in the hours following the attack. The attack was part of an escalating cyberconflict between Iran and Israel. Iran quickly blamed Israel, saying outsiders were seeking to create disorder and disruption. Weeks later, the Iranian cybercriminal group Black Shadow compromised the servers of the Israeli internet company Cyberserve and gained access to a trove of sensitive consumer data. After the effected companies refused to pay a ransom, Black Shadow released the data including the HIV statuses of users of the LGBTQ dating app Atraf. Civilian populations in both countries are increasingly being targeted in the shadow conflict between Israel and Iran.
Planned Parenthood Los Angeles suffers breach, over 400,000 patient records exposed
Planned Parenthood Los Angeles suffered a cyberattack it announced Wednesday, which may have exposed the records of hundreds of thousands of patients. The intrusion and data leak, which were first discovered on October 17, have been characterized as a ransomware attack, according to The Washington Post. The data stolen contains highly personal information, including patient names, addresses, and the procedure performed. The ransomware attack comes as abortion has taken center stage in U.S. politics, and as the healthcare sector has become a focus of cybercriminals and state-sponsored groups since the onset of the COVID-19 pandemic.
Israel cracks down on spyware vendors
Israel reduced the number of countries that spyware vendors based in Israel can sell to from 102 to 37 earlier this week. The change is part of the ongoing fallout of revelations that Pegasus, spyware developed by the Israeli NSO Group, was used by authoritarian regimes to spy on dissidents, human rights activists, and journalists. Several of the countries implicated in the NSO Group spying case are now prohibited from buying spyware from Israeli vendors, including Saudi Arabia, Mexico, and Morocco, among others. The changes significantly constrain the ability of Israeli vendors to sell spyware in countries with poor human rights records. The 37 remaining countries are mostly allies of Israel, including most of Europe along with members of the Five Eyes intelligence alliance.
Panasonic reveals four month long server breach
Japanese technology company Panasonic announced that it had identified a breach in its networks on November 11. The attackers apparently had access to the company’s networks for more than 5 months, although it is unclear what the breach entailed, as Panasonic’s statement said only that “some data on a file server had been accessed during the intrusion.” Panasonic India was hit by a ransomware attack last year which resulted in the release of 4 gigabytes of sensitive supplier data, including outstanding balances and lists of passwords for software systems.
Henan Province commissions a sprawling surveillance system targeting journalists
On November 29, Reuters reported that China’s Henan Province commissioned a massive surveillance system that targets journalists, foreign students, and otherwise “suspicious people.” The report was based on a July 29 document from the procurement department of Henan’s provincial government, soliciting tendering from Chinese companies to build the system. Though physical construction of the system cannot be confirmed, bidding was won by NeuSoft on September 17. The proposed system divides suspicious individuals into categories illustrating their level of risk and would notify authorities of “security concerns.” Although Beijing’s crackdown on journalists isn’t exactly a new development, the recent revelations illustrate its desire for a highly granular approach to categorization and data ownership.