Heathrow total shutdown

[Chuk_Chuk]

You mean, like a retaliation for the 2 LAPSUS$/Scattered Spider/ShinyHunters key members being arrested and charged.

Teenagers charged over Transport for London cyber attack

The police say the hack caused "significant disruption" and "millions in losses" for TfL.

www.bbc.co.uk

United Kingdom National Charged in Connection with Multiple Cyber Attacks, Including on Critical Infrastructure

A complaint filed in the District of New Jersey was unsealed today charging Thalha Jubair, a United Kingdom national, with conspiracies to commit computer fraud, wire fraud, and money laundering, in relation to at least 120 computer network intrusions and extortion involving 47 U.S. entities.

www.justice.gov

The hacks I was thinking of (M&S and some other company at the same time) happened months before. They may be connected but I don’t know

 

[Mint8]

In somer ways these hacks are actually good news - hopefully it forces complacent companies into having actual adequate security and easy to implement recovery systems.

M&S still not fully up to speed for example, months after their attack - totally clueless and quite rightly the IT head has fallen on her sword.

 

[Chuk_Chuk]

In somer ways these hacks are actually good news - hopefully it forces complacent companies into having actual adequate security and easy to implement recovery systems.

M&S still not fully up to speed for example, months after their attack - totally clueless and quite rightly the IT head has fallen on her sword.

The IT head probably did warn them but the CEO didn’t want to open the cheque book

 

[Ali195]

Maybe time the West started doing similar things. Maybe they already are?

 

[NickK]

Too many big hacks this year to be a coincidence. Something is going down.

Also Red Sea underwater cable cut too.

 

[NickK]

The IT head probably did warn them but the CEO didn’t want to open the cheque book

Years of zero investment. In a 'it's a data centre hence it's secure' mentality. I remember one org spent over $1M to ensure all their SSL certificates were upgraded from v1.1 to v1.2.

 

[gary996]

Not Heathrow's fault to be fair, seems a 3rd party who provides check-in systems has been hacked and its hitting airports across Europe

Yes but someone has to pick up the bill

 

[Hagar]

There comes a time when somebody thinks is all this worth it? Shopping and living your life online. Or spending hours at airports.

Today, we bought two brand new 90" x 90" lined curtains original price £190 for £20 to cover our front door during winter. Only one is needed but the point i make is this was a venture into a high street store not an online bargain from China.

 

[chrismscotland]

Honestly if you're not prepapring for a multiday power black out at this point I don't know what will get you motivated. JLR had SAP ransomware attacked and so many companies use it for finance, stock control, work planning and safty rules. Don't know what has taken out Heathrow yet but let's face it I don't think anything connected to the internet is genuinely 100% safe if National Grid can't control the grid flexibly then they'd have to whack off all the wind and solar and rely on dispatchable gas, biomass and nuclear and that would be only just enough for winter demand and even then events could cause a cascade failure. I think events like this highlight the limits of resilience in essential infrastructure.

You would like to think that our core infrastructure is more secure but I suspect its as susceptible to cost cutting and profit taking as anything else is, I am starting to see that even in smaller SME size firms that cyber security is starting to get more money allocated.

It sounds like JLR might have dropped the ball somewhere as it seems their hack was carried out via a known exploit in the SAP Netweaver platform which seems like something that its likely should have been patched at some point.

 

[jpaul]

Doesn't NATO have a cybercrime policy/arm - was surprised airport electronic incursions weren't being discussed alongside recent physical one.
Ironically airport hacked company does(did?) have new contract for nato battleplan management.

Similarly for JLR under mgmt of TCS - China(Maga?) - I hadn't seen any specific ananlyis but presumably shared between likes of SAP and leaving the frontdoor/letterbox open.

 

[Fubsy]

There comes a time when somebody thinks is all this worth it? Shopping and living your life online. Or spending hours at airports.

Today, we bought two brand new 90" x 90" lined curtains original price £190 for £20 to cover our front door during winter. Only one is needed but the point i make is this was a venture into a high street store not an online bargain from China.

Doesn't matter.

At some point along the supply chain, there will be a vulnerability that could seriously impact a high street store.

Being proactive, putting the hard graft in and spending the money to protect systems is the only way forward. Security is still not taken seriously enough, evidently.

 

[jpaul]

ergh it did impact M&S
Seems LOLworthy discussion of government helping JLR suppliers, if they are not going to offer tax payers money to other cyber-crime impacted businesses,
M&S was 2/300M I thought - jlr's only clocked up 100M

Amazon has its's knock down section Amazon resale

 

[Hagar]

Doesn't matter.

At some point along the supply chain, there will be a vulnerability that could seriously impact a high street store.

Being proactive, putting the hard graft in and spending the money to protect systems is the only way forward. Security is still not taken seriously enough, evidently.

Looking at the London, Brussels and Berlin airport scenarios it is the software supplier that has been targeted to find the holes through which the chaos can be enacted on the end user, the airport.
Airports are reacting by stepping back to manual logging of passengers, unwieldy but safe. Businesses should be able to buy safe software immune to attack or at least failing safe. It strikes me that software suppliers are overstating the efficacy if their solutions and therefore blindsiding their customers.
The hackers are exploiting the inadequacy of software designers and companies selling solutions to mega corporations which obviously are faulty in one way or another. I'm not sure if these businesses can determine this for themselves.

Re post office horizon etc., etc.not hacking but generally incompetence, sods law in action.

 

[mysticsniper]

The Muse systems at impacted airports will likely be down the rest of the week. Airlines are being advised to continue contingency measures.

Heathrow is at 80% flight delays, Brussels 79%, Dublin 74%, Berlin 84% - all are vMuse

Berlin Airport ran at 70% delays yesterday

Long delays at Berlin airport as authority confirms ransomware attack

Disruption at airports in Berlin and other European cities persisted on Monday, with 70% of departures from the German capital

www.dailyfinland.fi

 

[jpaul]

Encrochat was an example of state organised phone hack - lots of inadequate software designers;
still waiting for the first hack on heralded OTT vehicle software systems, Tesla musty be an attractive scalp.

wasn't clear why they didn't shoot the drone down over Copenhagen airport (need one of those Israeli lasers)

 

[Hagar]

Encrochat was an example of state organised phone hack - lots of inadequate software designers;
still waiting for the first hack on heralded OTT vehicle software systems, Tesla musty be an attractive scalp.

wasn't clear why they didn't shoot the drone down over Copenhagen airport (need one of those Israeli lasers)

Copenhagen is probably more densely populated thanTel Aviv, less desert. Plus they would likely get more complaints on things falling from the sky.