New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Australian Emergency Services Alert System Compromised

A currently-unknown hacker briefly gained access to the database for an emergency services alert system utilized throughout Australia and was able to successfully utilize the system to message tens of thousands of people throughout Australia.  The alert was sent out through the Early Warning Network (EWN) Friday evening and read, “EWN has been hacked. Your personal data is not safe. Trying to fix the security Issues.”  This message was then followed by a link to a support email as well as a link to the EWN website.  The message was sent out via text message and email to only a portion of the EWN’s database of subscribers before EWN staff identified the attack and were able to shut down access.  It has not been confirmed at this time that either of the links in the message were malicious, but the EWN has urged anyone who received the messages to not click the links and to delete the message.  There are currently no signs that any of the information contained in the EWN’s subscriber database was exfiltrated by the attacker.  The currently-unknown attacker is believed to be operating from within Australia and appears to have gained access to the system through compromised login details from an EWN employee.  This is not the first attack on an emergency alert system. In 2017 a hacker sent out an alert for a zombie uprising, other hackers have taken control of emergency sirens, as well as a number of other incidents dating back to 2013.  Hackers will always look for ways into emergency alert systems, especially those who wish to spread panic.