{"id":17181,"date":"2023-09-25T16:09:45","date_gmt":"2023-09-25T16:09:45","guid":{"rendered":"https:\/\/cybercrime.rs\/?p=17181"},"modified":"2023-09-28T11:55:50","modified_gmt":"2023-09-28T11:55:50","slug":"da-li-su-kredencijali-naloga-e-poste-drzavnih-sluzbenika-u-ponudi-na-hakerskim-crnim-trzistima","status":"publish","type":"post","link":"https:\/\/cybercrime.rs\/en\/2023\/09\/25\/da-li-su-kredencijali-naloga-e-poste-drzavnih-sluzbenika-u-ponudi-na-hakerskim-crnim-trzistima\/","title":{"rendered":"State employees\u2019 email account credentials offered on hacker black markets?"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"17181\" class=\"elementor elementor-17181\">\n\t\t\t\t\t\t\t\t\t<section class=\"has_ae_slider elementor-section elementor-top-section elementor-element elementor-element-34d3ec8 elementor-section-boxed elementor-section-height-default elementor-section-height-default ae-bg-gallery-type-default\" data-id=\"34d3ec8\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_ae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-63551196 ae-bg-gallery-type-default\" data-id=\"63551196\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-38ee88b elementor-widget elementor-widget-spacer\" data-id=\"38ee88b\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.7.8 - 02-10-2022 *\/\n.elementor-column .elementor-spacer-inner{height:var(--spacer-size)}.e-container{--container-widget-width:100%}.e-container>.elementor-widget-spacer{width:var(--container-widget-width,var(--spacer-size));-ms-flex-item-align:stretch;align-self:stretch;-ms-flex-negative:0;flex-shrink:0}.e-container>.elementor-widget-spacer>.elementor-widget-container,.e-container>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer{height:100%}.e-container>.elementor-widget-spacer>.elementor-widget-container>.elementor-spacer>.elementor-spacer-inner{height:var(--container-widget-height,var(--spacer-size))}<\/style>\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2bcd9da4 elementor-widget elementor-widget-text-editor\" data-id=\"2bcd9da4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.7.8 - 02-10-2022 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#818a91;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#818a91;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<!-- wp:paragraph -->\n<p class=\" translation-block\">At the end of 2022 it was announced on <span style=\"color: #e3b969\"><a style=\"color: #e3b969\" href=\"https:\/\/bezbedanbalkan.net\/\" target=\"_blank\" rel=\"noopener\">Bezbedan Balkan<\/a><\/span> forum that credentials for e-mail accounts, linked to a number of Serbian state institutions and public companies were being sold on hacker black markets. The accounts contained information about contracts, redundancy notices, bank statements, public procurement, union meetings etc, and ads for the sale of the accounts included screenshots of open email inboxes as evidence for potential buyers.<\/p>\n<p>\u00a0<\/p>\n<!-- \/wp:paragraph --><!-- wp:paragraph -->\n<p>However, legal entities whose infrastructure was marked as compromised and which are ICT systems of special significance, were not ready to admit cyber security incidents - almost all of them are of the opinion that these findings do not correspond to the truth.\u00a0<\/p>\n<p>\u00a0<\/p>\n<!-- \/wp:paragraph --><!-- wp:paragraph -->\n<p>Only the network operator Elektroprivreda Srbije confirmed the incident with a compromised corporate e-mail account - after a warning from the state CERT (the regulatory body for electronic communications and postal services) it took certain security measures.<\/p>\n<p>\u00a0<\/p>\n<p class=\" translation-block\">Still, <a href=\"https:\/\/www.cert.rs\/rs\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #e3b969\">national CERT<\/span><\/a> does not have the authority to supervise the implementation of such measures. According to <a href=\"https:\/\/www.pravno-informacioni-sistem.rs\/SlGlasnikPortal\/eli\/rep\/sgrs\/skupstina\/zakon\/2016\/6\/5\/reg\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #e3b969\">Law on information security<\/span>\u00a0<\/a> inspection supervision is the responsibility of the Ministry of Information and Telecommunications, where only one inspector is currently operating.<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b807181 elementor-widget elementor-widget-spacer\" data-id=\"b807181\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4cafc58 elementor-widget elementor-widget-text-editor\" data-id=\"4cafc58\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p class=\" translation-block\">More about this in the research <em>\u2018For the Right Price\u2019: Email Credentials from Serbian State Bodies Sold Online,<\/em> by Igor I\u0161panovi\u0107<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f20cc58 elementor-widget elementor-widget-spacer\" data-id=\"f20cc58\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-692206b elementor-widget elementor-widget-text-editor\" data-id=\"692206b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Source: Balkan Insight<span style=\"color: #e3b969;\"><a style=\"color: #e3b969;\" href=\"https:\/\/balkaninsight.com\/2023\/07\/27\/for-the-right-price-email-credentials-from-serbian-state-bodies-sold-online\/\" target=\"_blank\" rel=\"noopener\"> &gt;&gt;<\/a><\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2653575 elementor-widget elementor-widget-spacer\" data-id=\"2653575\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1c9fcf8 elementor-widget elementor-widget-text-editor\" data-id=\"1c9fcf8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p class=\" translation-block\">Similar reports of security researchers are being published on Bezbedan Balkan forum. See <span style=\"color: #e3b969\"><a style=\"color: #e3b969\" href=\"https:\/\/bezbedanbalkan.net\/forum-5.html\" target=\"_blank\" rel=\"noopener\">Security of government resources<\/a><\/span> (details and discussions)<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-592ea74 elementor-widget elementor-widget-spacer\" data-id=\"592ea74\" data-element_type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>A research following the announcements on Bezbedan Balkan forum<\/p>","protected":false},"author":1,"featured_media":9975,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","footnotes":""},"categories":[30,37],"tags":[],"class_list":["post-17181","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-srbija"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts\/17181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/comments?post=17181"}],"version-history":[{"count":24,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts\/17181\/revisions"}],"predecessor-version":[{"id":17237,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/posts\/17181\/revisions\/17237"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/media\/9975"}],"wp:attachment":[{"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/media?parent=17181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/categories?post=17181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybercrime.rs\/en\/wp-json\/wp\/v2\/tags?post=17181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}