Security Newsletter

13 Jun 2022

How a Saxophonist Tricked the KGB by Encrypting Secrets in Music

In 1985, saxophonist Merryl Goldberg found herself on a plane to Moscow with three fellow musicians from the Boston Klezmer Conservatory Band. She had carefully packed sheet music, reeds, and other woodwind supplies, along with a soprano saxophone, to bring into the USSR. But one of her spiral-bound notebooks, lined with staves for hand-notating music, contained hidden information.

Using a code she had developed herself, Goldberg had obscured names, addresses, and other details the group would need for their trip in handwritten compositions that looked, to an untrained eye, like the real melodies she’d written on other pages of the book. Goldberg and her colleagues didn’t want to give Soviet officials details of who they planned to see and what they planned to do on their trip. They were going to meet the Phantom Orchestra.

The trip was a rare and special opportunity for American and Soviet players to meet in the USSR and make music together. It was also an opportunity for the American musicians to smuggle information about aid efforts and plans to the Phantom Orchestra, and for the ensemble to send updates out, including details about individuals looking to escape the Soviet Union.

 

Conti's Attack Against Costa Rica Sparks a New Ransomware Era

For the last two months, Costa Rica has been under siege. Two major ransomware attacks have crippled many of the country’s essential services, plunging the government into chaos as it scrambles to respond. Officials say that international trade ground to a halt as the ransomware took hold and more than 30,000 medical appointments have been rescheduled, while tax payments have also been disrupted. Millions have been lost due to the attacks, and staff at affected organizations have turned to pen and paper to get things done.

Costa Rica’s government, which changed midway through the attacks after elections earlier this year, has declared a “national emergency” in response to the ransomware—marking the first time a country has done so in response to a cyberattack. Twenty-seven government bodies were targeted in the first attacks, which ran from mid-April until the start of May, according to new president Rodrigo Chaves. The second attack, at the end of May, has sent Costa Rica’s health care system into a spiral. Chaves has declared “war” on those responsible.

At the heart of the hacking spree is Conti, the notorious Russia-linked ransomware gang. Conti claimed responsibility for the first attack against Costa Rica’s government and is believed to have some links to the ransomware-as-a-service operation HIVE, which was responsible for the second attack impacting the health care system.

 

More #News

 

#Breach Log

 

#Patch Time!

 

#Tech and #Tools

Kingred Group is growing, so does the Group Security team! We're looking for new talented professionals to come join us:

• Are you a developer with a strong security passion? Be part of our Cyber Security team

Kindred is one of the largest online gambling companies in the world with over 30 million customers. You can find all our open vacancies on our career page.

This content was created by Kindred Group Security. Please share if you enjoyed!

Kindred Group in brief

Kindred Group is one of the world’s leading online gambling operators with business across Europe, US and Australia, offering more than 30 million customers across 9 brands a great form of entertainment in a safe, fair and sustainable environment. The company, which employs about 2,000 people, is listed on Nasdaq Stockholm Large Cap and is a member of the European Gaming and Betting Association (EGBA) and founding member of IBIA (Sports Betting Integrity Association). Kindred Group is audited and certified by eCOGRA for compliance with the 2014 EU Recommendation on Consumer Protection and Responsible Gambling (2014/478/EU). Read more on www.kindredgroup.com.