Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label NSW. Show all posts
Vulnerabilities and Exploits
Data Theft Digital Driver License NSW User Security Vulnerabilities and Exploits

Multiple Vulnerabilities Identified in NSW Digital Driver License

 

In Australia, the government of New South Wales launched digital driver's licenses in late 2019, claiming they were more secure than a physical license. Last month, security firm Dvuln released a report on the multiple security flaws that make forging a New South Wales digital driver’s license (DDL) easy. 

The researchers demonstrated multiple vulnerabilities in the digital license, now used by nearly 4 million people – more than half the state’s drivers. The company warned the flaws undermine trust in the government by creating the risk of identity fraud and fake licenses being used by thieves and teenagers. 

The primary issue with the DDLs is that the only thing guarding their encryption is a 4-digit PIN which Dvuln brute-force in minutes. Secondly, no verification process for the DDLs on users' devices takes place. 

Furthermore, the mobile device backups include a DDL's data, which allows threat actors to edit them without jailbreaking a phone. Going through the trouble of jailbreaking a device makes forgeries even easier. The way a DDL transmits a user's age is also vulnerable. 

Combined, these vulnerabilities pave an easier path for a scammer to pull a license off of a device, edit it, re-encrypt it, and pass it off as legitimate. It may even be easier than acquiring the materials to forge a physical license like the right plastic, foil, and printer. Dvuln doesn't suggest the government scrap the DDLs, but rather fix the security loopholes. 

A ServiceNSW spokesperson said exploits are “known” but insisted it does not pose a threat to customer data. “The blogger has manipulated their own Digital Driver Licence (DDL) information on their local device,” the spokesperson told a local media outlet. “No other customer data or data source has been compromised. It also does not pose any risk in regard to unauthorized access or changes to backend systems such as Drives [one of the central systems for motor vehicle registration and driver licensing in NSW].” 

“If the tampered license was scanned by police, the real time check used by NSW Police (scanning mobipol) would show the correct personal information as it calls on DRIVES. Upon scanning the license, it would be clear to law enforcement that it has been tampered with.” 

New South Wales isn't the first place where DDLs are being tested, nor the only place where they're accepted. The British government has been testing DDLs since 2016, and Secretary of State for Transport Grant Shapps said they may arrive before 2024. Last year, Apple Wallet introduced the service to Georgia and Arizona, with plans to expand to Connecticut, Iowa, Kentucky, Maryland, Oklahoma, and Utah.
Read more »
Russia
Australia Avaddon Data Breach NSW Ransomware Russia

New South Wales Labor Party Hit By Avaddon Threat Attackers Demand Ransom


On Wednesday afternoon New South Wales (NSW) police unit has disclosed an apparent ransomware attack on the New South Wales labor party. 

Global cybercriminals group has given a 10 days timeline to the labor party to pay a ransom or else the illicitly accessed credentials will be put into the public domain including driver’s licenses, images of passports, and employment contracts.

According to the data, the ransomware operational group named Avaddon, which emerged in Russia is found to be behind the recent breach. Additionally, for further information Sydney City Police Area Command, has already begun its inquiries against the attack. 

The Avaddon ransomware was originated in the middle of 2020 in an underground forum(where participants exchange information on abusive tactics and engage in the sale of illegal goods and services, which are a form of online social network (OSN). Research suggests that Avaddon has been linked to various malicious activities, including data compromise and leaked credentials of at least 23 organizations as of February this year. 

Further, a research university, Rey Juan Carlos in Spain has published a research paper in which it disclosed that the Avaddon ransomware uses distributed denial-of-service attacks against its victims that denied to pay the ransom. 

“NSW Labor, the company does not want to cooperate with us, so we give them 240 hours to communicate and cooperate with us. If this does not happen before the time counter expires, we will leak valuable company documents…” 

“…We have a large amount of data on contracts, a lot of confidential information, confidential contracts, driver’s licenses, passports, employment contracts, information about employees, resumes, and more,” Avaddon said in a post on its website. 

Prior to this cyberattack, Austrian high profile organizations have been targeted including the email systems of the Commonwealth and West Australian parliaments that were taken offline this year. Now, a major political party has become a victim of cyber threats; however, this is the first time when cyber attackers have tried to extort an Australian political party for their financial advantages. 

Josh Lemon, managing director of digital forensics and incident response at business advisory firm Ankura, said most of the screenshots contained keywords such as “sensitive” and “confidential”. 

“Although it’s a little bit abstract, as someone who isn’t the victim, it’s intended to provide proof to the actual victim,” Mr. Lemon added. 
Read more »
Subscribe to: Posts (Atom)