New research into teenage hacking from NCA suggests 20% of children aged 10-16 have engaged in behaviours that violate the Computer Misuse Act, which criminalises unauthorised access to computer systems and data. The figure is higher for those who game, standing at 25%.
💻 Do your children know about the Computer Misuse Act?
It's there to protect us all from cybercrime, but children might not understand the consequences of their actions online.
Visit our webpage to help them make positive choices ➡️
#DitchTheScript
I’m on a flight in US and an old lady has caused confusion, hilarity and then amazement as the crew expected her to be an infant. She is actually 101 and the computer can’t handle an age that high so just put her down as a 1 year old on the manifest. She laughed it off. Legend.
It gets better! Her daughter tells me this is the second time a computer has failed to believe her mum’s 1922 date of birth. Earlier on their connecting flight the crew didn’t come and help them off the plane with a wheelchair as the records showed she would be a babe in arms 🙃
Congratulations to the two lads who sneakily ruined my best piece to camera from a recent filming assignment in Germany. Honestly I’m not even mad, this is inspired. Didn’t even spot it until in the edit. 👏 👏 👏 😂
NEW: Anonymous: How hackers are trying to undermine Putin. I spoke directly to 5 of the main Anon groups about their ‘cyber war’ on Putin and why they are escalating their attacks in the coming days.
This video shows probably the most eye-catching thing Anonymous has done so far - a 'broadcast signal intrusion' on Russian TV. Almost all channels were made to play Ukraine war footage. I was sceptical it happened but spoke to the original source of the video and confirmed it.
Two observations I expand upon in this piece -
Anonymous has probably never been bigger with groups around the world rallying to the Ukraine cause and the collective. And their tactics have evolved from disrupting & embarrassing their target to speaking direct to Russia people.
This an extraordinary response to a ransomware attack. And a commendable one.
- Good backup systems in place ✅
- Transparent with the public ✅
- Not paying hackers ✅
- Release the ransom note fo researchers! ✅
💪🤖
@CDPROJEKTRED
The 15yr old millionaire Fortnite player Jaden Ashman and his mum Lisa Dallman. He came second with his teammate on the duos and will split $2.25m! His mum says accepting him as an e-sports player has been very hard and she’s even thrown out an X-Box in past!!
#FortniteWorldCup
Video game culture is fascinating. A streamer has been trying to get his 100th win on Fortnite for nearly 5hrs. He's stuck on 99. 150k people are watching. Fans are 'stream sniping' him (gatecrashing his game) to attack whilst others are protecting him.
The internet really is marvellous. The two teen boys who pranked me have just contacted me on Insta to say 'sorry if we caused you any inconvenience'! I told them: 'yes you did but you gave us a big laugh too so fair play!'
Congratulations to the two lads who sneakily ruined my best piece to camera from a recent filming assignment in Germany. Honestly I’m not even mad, this is inspired. Didn’t even spot it until in the edit. 👏 👏 👏 😂
We just posted this around our street. So important - a friend did the same nearby today and an elderly lady phoned her immediately in tears saying she really needed a prescription collected, but all her friends were also elderly and she didn’t know what to do. She got help. 😁
BREAKING: A London court has found 2 teenagers from the UK carried out a hacking spree as part of the international cyber crime gang Lapsus$. The hacks of Nvidia, Uber, Revolut and most famously Rockstar Games shocked the cyber security word in 2021/22.
NEW: Spam website set up to reach millions of Russians. More than 22m emails about the war have been sent by volunteers to random Russian email addresses. The Norwegian who set it up tells me it’s “a modern version of dropping leaflets from planes”.
Very interesting - NCA says that whilst searching through seized servers of LockBit they found data belonging to some victims who had already paid the gang's ransom. So - more evidence that paying these criminals does not mean that your data is deleted as they promise.
BREAKING: 2 of the 7 teenagers arrested in connection with a police investigation into the Lapsus$ hacking group have been charged. A 16yr-old and 17yr-old charged and remain in police custody. Both charged with multiple counts unauthorised access to a computers. More to come.
Evil Corp: 'My hunt for the world's most wanted hackers'. Many people on the FBI's Cyber Most Wanted list are Russian. If they left Russia they'd be arrested but at home they appear to be given free rein. Me and
@skazal_on
went to try to find them
The job layoffs keep coming in cyber security with Proofpoint, Rapid7 and Secureworks announcing mass job cuts in the last few months. But I’ll give it 3 months until the press releases start complaining again about a ‘skills shortage crisis’ in cyber.
Some of documents we’ve seen are marked as NATO SECRET - the second highest security label. I also learned that the highest rating of NATO classification has a hilariously geeky name:
Personal news: extremely excited to be (re)joining the BBC as its first ever full-time Cyber Security Specialist. Leaving Sky News in a couple of weeks after 5 brilliant years. Looking forward to investigating cyber issues for the World Service and other outlets. Start late Oct!
A bizarre one from Reading courts - an IT Security worker pleads guilty to piggy-backing off a cyber attack against his own firm. Liles switched the ransom payment details to his own Bitcoin wallet and changed the hacker's email to secretly apply pressured on bosses to pay up.
EXCLUSIVE: Disney shuts down all unofficial versions of its former hit childrens' game Club Penguin after BBC investigation finds 'appalling' activity. Kids being exposed to 'penguin e-sex', racism, anti-Semitism.
#clubpenguin
#CPO
Confirmed by Facebook. These 2 breaches in 2019 were indeed separate. So there was one in April that led to 500m users data exposed and another in September (the one we are all taking about now) which was initially 400m users. 🤯
But hang on. Facebook says this 'old breach' relates to this September 2019 case. So am I right in thinking that there were two separate Facebook data breaches in 2019 involving hundreds of millions of customer records? I literally can't keep up.
Trump Twitter ‘hack’: Police accept attacker's claim. Dutch prosecutors have found a hacker did successfully log in to Donald Trump's Twitter account by guessing his password - "MAGA2020!"
On the evening of Thursday 22 September 2022, the City of London Police arrested a 17-year-old in Oxfordshire on suspicion of hacking, as part of an investigation supported by the
@NCA_UK
’s National Cyber Crime Unit (NCCU).
He remains in police custody.
Why is it so rare to hear about Western cyber-attacks? A hack that took over iPhones at a Russian tech firm is being blamed on US government hackers. Could the attack and the response be rewriting the narrative of the ‘good guys and bad guys’ of cyber?
Only 3 days in and Fortnite has raised more money than some countries for Ukraine. I think the most of any private company in the world too. Still 10 days left of this unbelievable campaign.
As of today, we’ve raised $50 million USD together in humanitarian relief funds to support people affected by the war in Ukraine.
To see more about how the funds are being distributed visit
This is wrong. Heathrow tells me everything is running fine. BA has 'had IT issues' but apparently under control. Waiting for confirmation from BA but good reporters who've checked say it's just an IT issue.
🧵State of play in the social media info wars between Russia and Silicon Valley:
YouTube (Alphabet) has demonetised and algorithmically demoted Russian state-owned media “in light of extraordinary circumstances in Ukraine”. Russia is demanding 'access' to its channels returned
Scene in MGM Grand according to a TikTok user who said slots machines down and casino floor empty after cyber attack. She also says staff had to make and distribute physical room keys and an admin error caused her to walk in on another guest. Source:
Incredible work by
@kaspersky
researchers on this saga. They discover an apparent US espionage attack on their own staff. Then find and help Apple patch not 1, not 2, but 3 major vulnerabilities to protect users around the world from the attacks.
Prosecution: “Rashid’s suggestions included injecting poison into ice creams stocked in super market freezers and targeting
#PrinceGeorge
as he attended his first day of school.”
BREAKING: 7 Russians have been named as being behind some of the most infamous cyber crime groups of recent years. The UK’s FCO has sanctioned the alleged members of notorious gangs Conti and Ryuk which have hacked 149 British organisations according to UK authorities.
Judge now praising Muslim Welfare House Imam Mohamed Mahmoud, the man who stopped people beating Osborne and told an "angry crowd of about 100 people to not seek vengeance... this shows true leadership."
#FinsburyPark
So hard to keep up with and crucially, verify all the DDoSing, defacing and leaking taking place. It might not be 'cYB3r W4r' but it is certainly cyber chaos right now.
In case you're lost, here's all Facebook's data breaches that affected more than 1m users.
- June 2013: 6m users
- 2016: 90m (Cambridge A)
- May 2018: 14m
- Sept 2018: 50m
- March 2019: 600m
- April 2019: 540m
- Sept 2019: 419m
- Dec 2019: 309m
What were they doing in 2019?
BREAK: Ongoing NHS cyber attack confirmed as being ransomware. IT firm Advanced says 7 of its products used by health services are disrupted and it could take 4 weeks to recover. Firm not saying what data hackers have or if they are negotiating.
Yesterday I got a tip (thanks - you know who you are) about IHG Hotel Group being hacked. I contacted the company and they claimed to know nothing about it. They’ve just disclosed it to the London Stock Exchange…
Prosecution laying out their case against Rachid: “He provided an unstoppable and hatefilled flow of encouragement for others to commit acts of terror... attacks with vehicles, explosive devices, bombs, chemicals, any attack you can imagine one person committing on their own.”
BREAK: The Information Commissioner’s Office (ICO) has fined Clearview AI Inc £7,552,800 for using images of people in the UK collected from the web. The ICO has also issued an enforcement notice, ordering the company to stop obtaining and using the personal data of UK residents.
I'm at the long-delayed sentencing of GTA hacker Arion Kurtaj and his 17 year old accomplice who joined him on a hacking spree of tech giants last year for the Lapsus gang. For the first time during the court case Kurtaj is appearing via video link.
In November last year I travelled to Russia to try to track down and speak to alleged members of the hacking group Evil Corp. We travelled thousands of miles and got close, but ultimately, we failed. But perhaps I should have gone to Sochi... 🧵
Interesting shift appearing to happen. China is now starting to publicly attribute cyber attacks to US. 2 stories so far this month in the Global Times about western nation-state hacking:
Romania's ongoing hospital ransomware attack is getting worse. Cyber security centre said last night that 21 hospitals have had computers encrypted. A chidren's hospital was the first to get hit but now it's spread. Computers in 79 other medical facilities have been unplugged
France bans not just TikTok but ALL social media/ gaming apps from government devices. Feels like a landmark moment in data privacy. “No recreational apps have sufficiently robust security for them to be deployed on government-owned devices.”
Just had this confirmed by Coop Sweden - roughly 500 stores closed due to this cyber attack. It's taken point of sale tills offline as well as self-service checkouts.
NEW: The mysterious 'Robin Hood' hackers donating stolen money. Darkside hackers claim to have extorted millions of dollars from companies, but say they now want to "make the world a better place". A strange first for cyber-crime that's puzzling experts.
Metropolitan Police confirm one man involved in the website
@_CPOnline
has been arrested on suspicion of possession of indecent images of children and possession of indecent images of children. The man from London is on bail pending further enquiries.
Putting finishing touches to a report for tomorrow about a 19 yr old hacker who’s made a $1m... legally. A rare positive story about a teen hacker. Santiago Lopez is the first bug bounty hunter to hit the money milestone on
@Hacker0x01
by finding 1600 different 🐛s!
#hacking
SCOOP on the IHG hotels hack: 'Vindictive' couple deleted hotel chain data for fun. Cyber crime couple from Vietnam launched destructive wiper attack deleting huge amounts of data after defenders foiled their ransomware attempt.
Confirmed: influential hacker forum Raid Forums was seized by US/ Europol. The site mysteriously went offline last month and now cops confirm they were involved. Another big hit to cyber crime in what is proving to be a stellar 2022 for enforcement.
Bounty hunter hackers earn more than $40m thanks to pandemic boost. HackerOne saw 9 new hackers cross the £1m earnings mark in 2020. Other platforms also saw massive growth thanks to lockdowns and an abundance of bugs from corporations rushing to digitise
Hackers accessed the FTSE 100 firm's most critical databases after finding the login for the companies password vault. The password for the vault was extremely weak: Qwerty1234.
Prosecution says Rashid was in contact with Omar Ali Hussain, the high profile jihadi who was a Morrison’s security guard from High Wycombe. Now in Syria with IS.
#PrinceGeorgeTerror
Police bust 'world's biggest' video-game-cheat operation. Roughly $76m (£55m) in revenue was made by the organisation which charged a subscription fee to clients. Police seized assets worth $46m, including several luxury cars.
Installed in my new newsroom! Day 1 as the BBC’s first dedicated Cyber Security Reporter. Looking for things to investigate worldwide around cybercrime, hacking, data handling and internet safety. Get in touch! (Encrypted channels coming ASAP).
$600m Crypto hacker is still going on the Q n As and is now offering a gift/ reward to any hackers who can identify him. He seems to be enjoying drip-feeding clues about himself and says it's 'a game'.
Hydra: How German police dismantled Russian darknet site. The Frankfurt prosecutor who led the operation tells me that taking down the infamous site gave his whole team “goosebumps”.
NEW: Pegasus spyware seller: Blame our customers not us for hacks. The maker of powerful spyware allegedly used to hack the phones of innocent people tells me that blaming the company is like "criticising a car manufacturer when a drunk driver crashes".
Of all the hacktivist anarchist activity around Ukraine/ Russia, this has to be the most creative and highly irritating campaign of them all. Can you imagine the annoyance of being on the end of this?! (Spotted as a snippet in
@WIRED
)
The clocks go back tonight in the U.K. and I always give a virtual salute 🫡 to all the night shift workers. If you’ve never witnessed the crushing moment this is what it looks/ feels like. (This is from a Sky News night shift years ago.)
Final moments of the
#FinsburyPark
terror trial. Darren Osborne's sentencing is imminent for murder and attempted murder after killing Makram Ali and injuring several others last June in an "horrific act of terrorism".
Just back from a filming assignment to Russia. We’re making a mini documentary about the effects (or not) of increasing cyber sanctions imposed on Russian hackers. 🎥 📺 🎤 🇷🇺
HUGE. REvil arrested IN RUSSIA. "The FSB, after appealing from the United States, detained a group of hackers who sent out viruses to extort money. This was reported to TASS on Friday at the Public Relations Center (DSP) of the FSB of Russia."
At 4pm on
@BBCRadio4
I’m presenting The Media Show. My 1st time! The show’s about the gaming boom & we’ve got an expert panel to discuss how games are the future of the net. Thanks to
@amolrajan
for lending me his presenter’s chair. Wish I could borrow his dapper waistcoats too..
So many people getting in touch who've been hit by this. The reason this is so serious is that it flips one of the biggest rules of cyber security: ignore texts/ emails/ calls and go direct to the horses mouth - ie - the official app. In this case the hackers are inside the app.
Voluntary temperature checking at BBC NBH. Just a trial at the moment but perhaps the norm going forward. Bosses consulting staff. Not sure how I feel about it yet.
Cyber reporting can, in theory, be done all remotely but I’m so glad it’s not. Currently in Kazakhstan investigating the huge and controversial rise of Bitcoin mining. I’ve learned more in 5 days about crypto than in the past 5yrs. Feature
@BBCOurWorld
doc due in Jan.
#Bitcoin
BREAKING: U.K. hacker Joseph James O’Connor, aka PlugwalkJoe pleads guilty to multiple hacking charges including the huge Twitter hack of 2020. The now 23 year old has admitted to offences that carry a total max sentence of over 70 years in prison.
Now Houseparty is dead, I've got permission to share something insane that an insider told me last March. Remember that viral nonsense about the app 'hacking people's phones'. A classic piece of bs viral misinformation. Well it led to more than 1 MILLION people deleting the app.