Security News

The US and UK governments have both accused Russia of launching a cyber attack against the Georgian government last year. The attacks, mounted on 28 October 2019, came from Russia's notorious GRU military intelligence unit, according to announcements from the US State Department and the UK's National Cyber Security Centre.

Georgian authorities on Thursday accused Russia's military intelligence of launching a large-scale cyberattack that targeted the government and private organizations with the goal of destabilizing the ex-Soviet nation. Georgia's Foreign Ministry said the Oct. 28 cyberattack was "Targeted at Georgia's national security and intended to harm Georgian citizens and government structures by disrupting and paralyzing the functionality of various organizations, causing anxiety among the general public."

"The National Cyber Security Centre assesses with the highest level of probability that on 28 October 2019 the GRU carried out large-scale, disruptive cyber-attacks," said the Foreign Office in a statement, referring to the main Russian overseas spy agency. Russia has few qualms about letting APT28 loose against foreign countries, as its attacks against Italy a few years ago showed.

Britain and the United States on Thursday accused Russia of orchestrating a "Reckless" cyber assault against Georgia last year as part of an aggressive campaign of online attacks worldwide. The British government said its National Cyber Security Centre had decided Moscow was behind the Georgia cyber attack "With the highest level of probability".

British customers of High Street banking brand Natwest are being advised not to use the domain natwest.co.uk - by none other than Natwest itself. Consumers are increasingly becoming aware of threats to their online banking security through malware and malicious apps designed to steal credentials.

During the Brexit transition period, "It will be business as usual for data protection," which means mandatory compliance with the EU's General Data Protection Regulation remains in effect, the U.K. Information Commissioner's Office said in a Jan. 29 blog post. What happens after the transition period is over? From a privacy standpoint, that remains the million-dollar - or rather, pounds-sterling - question, and "Depends on negotiations during the transition period," as noted in a Brexit FAQ issued by the ICO. Odds are good that after 2020, U.K. organizations will have to continue to comply with GDPR. Otherwise, they could be shut out of easy trading with the EU, leaving Britain at a competitive disadvantage.

Greater Manchester Police is struggling with a partial outage of a Capita-built computer system used by frontline officers to input information. The PoliceWorks systems, which form part of the force's new iOPS - a £27m project undertaken by everyone's favourite outsourcer - went down after a planned IT upgrade at midnight on Monday.

The study [PDF] shows that nearly all councils across the UK exposed data about visitors to their websites, which was then sold on to private companies. These elements enable users to be tracked around the web, scraping together whatever information it can, such as what websites and apps they're looking at, their location and their device.

Six individuals were arrested in the United Kingdom last week for their involvement in a bank cyber-heist and money laundering operation. The arrests were made in connection to the laundering of money stolen in February 2019 from Malta's Bank of Valletta, after cyber-criminals used malware to access the bank's systems and illegally remove around €13 million.

Will Britain's Huawei decision serve as a blueprint for other nations' 5G infrastructure rollouts? U.K. Prime Minister Boris Johnson on Tuesday announced that the country's four biggest telecommunications firms will be allowed to use equipment from Huawei for up to 35 percent of non-sensitive parts of their 5G and gigabit-capable networks.