Latest news with #EvgenyGoncharov


Daily Record
21-05-2025
- Daily Record
Experts issue warning to households that have certain type of toaster
Experts have urged UK households to heed their warning. Cyber crooks are taking their vicious acts to a whole new level as experts warn UK households with smart toasters that their devices may be susceptible to being hacked. If the scammers are successful, they will be able to access your home network. And it's not just smart toasters that are at risk of cyber attacks, other smart devices such as fridges and thermostats are also vulnerable. Experts have warned that these appliances could allow hackers to gain control over other devices in your home. This warning mainly applies to older hardware which hasn't been updated or is no longer monitored, reports the Express. This is because it is easier for hackers to take advantage of the weaker security to gain access to the home network. Evgeny Goncharov of the cybersecurity company Kaspersky, told The Times: "When having access to one device, you have the ability to connect to the server and then communicate with your other devices, and sometimes take control over them. The problems are many." Andrew Laughlin from Which? also added that zombie products - which are devices that keep working but aren't supported - leave items vulnerable to data breaches and compromises. From October last year, Google began withdrawing support for its Nest smart thermostats from 2011 and 2012. Experts say that this decision is a reminder that many devices in our homes can become a security threat as they continue to age and no longer have the required security support. Alan Woodward, professor of cyber security at the University of Surrey, said: "In some ways it might not matter that your toaster doesn't get updated." He went on to explain that if devices with a vulnerability remain connected they can be a stepping stone for cyber crooks to get into the home. Just last year, the National Cyber Security Centre issued an urgent warning that 260,000 devices from across the globe, including webcams, had been hacked by a company which has links to the Chinese Government. Many well-known retailers have also recently been subjected to cyber attacks. Marks and Spencers was the first to be targeted around Easter weekend, with online orders still being paused until the issue is resolved. Bosses from the popular retailer have now said that the fallout from the cyber attacks is expected to continue until July and is estimated to cost the company around £300 million. Customer personal data, which could have included names, email addresses, postal addresses and dates of birth, was also taken by hackers in the attack, which has resulted in Thompsons Solicitors filing a multi-million pound class action suit against the company. This was followed by the Co-op and Harrods being forced to shut down their IT systems and restrict their internet access to try and ward off further attacks. On May 2, a Co-op spokesperson revealed ongoing "sustained malicious attempts by hackers to access" their systems. They also said it was "a highly complex situation" following reports that the same cybercriminals had taken responsibility for both breaches. Join the Daily Record WhatsApp community! Get the latest news sent straight to your messages by joining our WhatsApp community today. You'll receive daily updates on breaking news as well as the top headlines across Scotland. No one will be able to see who is signed up and no one can send messages except the Daily Record team. All you have to do is click here if you're on mobile, select 'Join Community' and you're in! If you're on a desktop, simply scan the QR code above with your phone and click 'Join Community'. We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don't like our community, you can check out any time you like. To leave our community click on the name at the top of your screen and choose 'exit group'.


Daily Mirror
21-05-2025
- Daily Mirror
Warning issued to UK households over kitchen appliance that could be hacked
Cyber experts are warning that hackers could exploit weaknesses in technology, including smart toasters, to access home networks and take control of other devices UK families have been issued a cybersecurity alert about the potential risks of smart toasters being exploited by hackers to infiltrate their home networks. According to specialists, various smart appliances, including fridges, toasters and thermostats, can be easily targeted for cyber assaults that may permit unauthorised control over other gadgets in the household. This threat is particularly pertinent for older hardware devices which may not receive regular updates or are no longer under observation, with cybercriminals exploiting feeble security measures to slip into domestic networks undetected. Cybersecurity expert Evgeny Goncharov from Kaspersky brought this issue to light, speaking with The Times: "When having access to one device, you have the ability to connect to the server and then communicate with your other devices, and sometimes take control over them. The problems are many." Which?'s Andrew Laughlin highlighted the dangers of so-called 'zombie products' - outdated yet functional items that lack support - making them susceptible to breaches and compromises. Recently, Google disclosed its decision to halt updates for its early Nest smart thermostats from 2011 and 2012 starting October this year, signalling to authorities that numerous smart gadgets pose a significant security risk as they become obsolete and lack protection against digital threats, reports the Express. Alan Woodward, University of Surrey's professor of cyber security, commented on the issue saying: "In some ways it might not matter that you toaster doesn't get updated", signifying that even overlooked vulnerabilities in these supposedly insignificant devices could serve as gateways for hackers into the private sanctum of one's residence. Last year, the National Cyber Security Centre sounded the alarm that a company with ties to the Chinese government had commandeered 260,000 devices globally, including webcams. Recently, high-profile retailers fell victim to cyber attacks, including Marks and Spencer, which was initially targeted by cyber criminals just days before the Co-op and Harrods were compelled to disable some IT systems and limit internet access to ward off comparable assaults.


Biz Bahrain
16-05-2025
- Business
- Biz Bahrain
Biometrics and building automation systems were the most attacked operational technology sectors at the beginning of 2025
In Q1 2025, malicious objects were blocked on 21.9% of ICS computers globally, according to a new report by Kaspersky ICS CERT (Industrial Control Systems Cyber Emergency Response Team). Regionally this share varied: from 10.7% in Northern Europe to 29.6% in Africa. From Q4 2024 to Q1 2025, the share of ICS computers on which malicious objects were blocked increased in Russia (by 0.9 p.p.), Central Asia (by 0.7 p.p.), South Asia (by 0.3 p.p.), Western Europe (by 0.2 p.p.), Northern Europe (by 0.1 p.p.) and Southern Europe (by 0.1 p.p.). The share of ICS computers with blocked malicious objects, per region Threats by industries The biometrics sector was targeted more than any other industry vertical (malicious objects were blocked on 28.1% of ICS computers), followed by building automation (25%), electric power facilities (22,8%), construction facilities (22.4%), engineering equipment (21.7%), oil & gas facilities (17.8%), and manufacturing (17.6%). Main threat sources The OT cyberthreat landscape at the beginning of 2025 remained diverse, with threats spreading via the internet continuing as the main source of cyber risks to OT computers (these threats were blocked on 10.11% of ICS computers), followed by email clients (2.81%) and removable media at (0.52%). 'As the internet remains the primary source of threats to ICS computers, in the first quarter of 2025, the share of ICS computers attacked with malware spread via the internet increased for the first time since the beginning of 2023. The main categories of threats from the internet are denylisted internet resources, malicious scripts and phishing pages. Malicious scripts and phishing pages is the leading category of malware used for initial infection of ICS computers – they act as droppers of next-stage malware, such as spyware, crypto miners and ransomware. The rise in internet-based attacks on ICS highlights the critical need for advanced threat detection to counter sophisticated malware campaigns,' commented Evgeny Goncharov, Head of Kaspersky ICS CERT. To keep OT computers protected from various threats, Kaspersky experts recommend: • Conducting regular security assessments of OT systems to identify and eliminate possible cyber security issues. • Establishing continuous vulnerability assessment and triage as a foundation for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public. • Performing timely updates for the key components of the enterprise's OT network; applying security fixes and patches or implementing compensating measures as soon as it is technically possible is crucial for preventing a major incident that might cost millions due to the interruption of the production process. • Using EDR solutions such as Kaspersky Next EDR Expert for timely detection of sophisticated threats, investigation, and effective remediation of incidents. • Improving the response to new and advanced malicious techniques by building and strengthening teams' skills in incident prevention, detection, and response. Dedicated OT security trainings for IT security staff and OT personnel is one of the key measures helping to achieve this. The full report on ICS threats for Q1 2025 is available by the link.