Tag Archive for: america

How China is Hacking America

/in


The sheer scale of China’s latest attempt to infiltrate U.S. infrastructure has surprised the entire cybersecurity industry, an expert has said.

Daniel Cuthbert, who sat on the UK Government Cyber Security Advisory Board, said the Volt Typhoon hacking system is bigger than anything China has unleashed before.

The U.S. government says it is designed to cripple U.S. computer systems if America and China go to war.

FBI Director Christopher Wray told a U.S. committee hearing on January 31 that Volt Typhoon was “the defining threat of our generation”.

It has already been used in attempted hacking on emergency services, military installations and satellites.

“In essence, Volt Typhoon is a campaign, albeit a very large one, by Chinese state agents actively gaining access to industrial control systems and other critical national infrastructure,” Cuthbert told Newsweek.

How China is Hacking America
Photo-illustration by Newsweek/Getty

“Similar campaigns have been happening for a very long time, but I think what has surprised many, including myself, was the sheer scale of the campaign.”

Cuthbert said it was a mistake to think that China was only targeting the U.S.

“It doesn’t just pose a threat to the U.S. It poses a threat to anybody in the CNI [Critical National Infrastructure] world. That world has a large number of rather complex problems when it comes to security that are not trivial to fix. I feel this is where considerable investment is needed to ensure that our CNI globally is as secure as possible,” he said.

Newsweek sought email comment from the Chinese embassy in Washington, D.C.

Cuthbert believes Volt Typhoon is difficult to defeat because it uses “living off the land” technology.

According to the CrowdStrike cybersecurity company, unlike traditional malware attacks, living off the land hacking systems do not use any of their own files. That means they do not require an attacker to install any code or scripts within the target system.

Instead, it uses tools that are already present in the computer system, such as Windows Management, which makes detection much more difficult and allows hackers to stay unnoticed within a computer system for months or even years.

On February 7, the U.S. government’s cybersecurity…

Source…

Entérate de cuáles son los 5 grupos más activos de ransomware en América Latina en 2023

/in


ESET advierte que la actividad de los grupos de ransomware en la región se incrementó este año con un foco: los ámbitos corporativos y gubernamentales.

Según el ESET Security Report, el 96% de las organizaciones manifestó preocupación por el ransomware, y el 21% informó haber experimentado un ataque de este tipo en los últimos dos años. De estos, el 77% logró recuperar su información a través de políticas de respaldo, mientras que el 4% admitió haber pagado un rescate. Además, el 84% de las organizaciones encuestadas se negó a negociar el pago por la recuperación de datos.

Suscríbete a nuestro newsletter

ESET resalta la importancia de enfrentar desafíos futuros, como el aumento de campañas de spearphishing dirigidas a objetivos específicos. Menciona la necesidad de mejorar la conciencia de seguridad entre los colaboradores de las empresas, dada la creciente utilización de tecnologías en el período pospandemia.

En cuanto a las preocupaciones de seguridad en América Latina, el robo o fuga de información encabeza la lista con un 66% de preocupación, relacionado con accesos indebidos a sistemas, ataques de phishing dirigido (spearphishing) y la instalación de ransomware o troyanos de acceso remoto.

Los grupos de ransomware más activos en la región son:

  1. SiegedSec: Conocido por asediar a sus víctimas, extorsionando para pagar un rescate o vendiendo la información en la Dark web. Han afectado a diversos sectores en América Latina, incluyendo atención sanitaria y entidades gubernamentales.
  2. Nokoyawa: De origen ruso y con un cifrado sofisticado, ha obtenido una gran cantidad de información en el sector de salud de Brasil.
  3. ALPHV (Blackcat): Opera mediante Ransomware-as-a-Service y se dirige a objetivos específicos, con ataques personalizados.
  4. Stormous y su alianza con GhostSec: Grupo árabe que inicialmente atacaba a Estados Unidos pero se asoció con GhostSec para atacar a países de América Latina, incluyendo el gobierno de Cuba.
  5. Vice Society: Activo en el sector de educación y atención médica, también apunta a la industria manufacturera en varios países. Se destaca por su generador de ransomware…

Source…

Os 5 grupos de ransomware mais atuantes na América Latina em 2023

/in


Cibercrime

A atividade dos grupos de ransomware na América Latina aumentou em 2023, com um crescimento nos ataques direcionados aos setores corporativos e governamentais da região. Saiba quais são os principais grupos criminosos e como as empresas e instituições devem se preparar.

23 Oct 2023
 • 
,
8 min. read

Os 5 grupos de ransomware mais atuantes na América Latina em 2023

A atividade dos grupos de ransomware na América Latina aumentou este ano em comparação com o ano anterior, com um disparo nos ataques direcionados aos setores corporativos e governamentais. Um dos principais desafios a enfrentar no futuro próximo será o aumento das campanhas de spearphishing (direcionadas a um alvo específico). Deve-se levar em consideração o aumento dos riscos associados ao maior uso de tecnologias no período pós-pandemia, bem como a necessidade de aumentar o nível de conscientização dos colaboradores das empresas em todos os níveis.

Neste cenário, a implementação de medidas de cibersegurança varia de acordo com o tipo de organização, e de acordo com informações do ESET Security Report, existem questões em que há uma convergência para todo o setor. O roubo ou vazamento de informações nas empresas representa um dos maiores desafios, atingindo 66% das empresas, e está associado ao acesso indevido a sistemas. Ou seja, o aumento dos ataques busca explorar alguma vulnerabilidade por meio de campanhas de spearphishing ou a instalação de códigos maliciosos como ransomware ou trojans de acesso remoto.

Os cibercriminosos (grupos ou indivíduos) buscam ganhar mais dinheiro em menos tempo e oferecem seus serviços a custos muito acessíveis para todos os tipos de usuários, desde profissionais técnicos até novatos ou pessoal descontente que procura lucrar com as informações da organização em que trabalham. É por isso que eles se popularizam no mundo do crime cibernético, gerando uma oferta e demanda cada vez maiores.

De acordo com o ESET Security Report, 96% das organizações apontaram sua preocupação com o ransomware como uma ameaça latente; 21% admitem ter sofrido um ataque com esse tipo de malware nos últimos dois anos. Dentre…

Source…

The Impact of Passwordless Authentication on Internet Security in North America

/in


Exploring the Impact of Passwordless Authentication on Internet Security in North America

The advent of passwordless authentication has been a game-changer in the realm of internet security in North America. This innovative technology has been instrumental in addressing the perennial problem of password-related breaches, which have been a significant concern for businesses and individuals alike.

Passwordless authentication is a security method that verifies users without requiring them to enter a password. Instead, it uses other forms of validation such as biometrics, hardware tokens, or magic links sent via email or SMS. This approach has been gaining traction due to its potential to enhance security while improving user experience.

One of the most significant impacts of passwordless authentication on internet security is the reduction in the risk of password-related breaches. Traditional password-based systems are vulnerable to a variety of attacks, including brute force, dictionary attacks, and phishing. By eliminating the need for passwords, these threats are effectively mitigated.

Moreover, passwordless authentication eliminates the risk associated with poor password practices. A study by the Ponemon Institute found that 51% of respondents reuse passwords across multiple accounts, a practice that significantly increases the risk of a security breach. By removing the need for users to remember and manage multiple passwords, passwordless authentication reduces the likelihood of such risky behavior.

In addition to enhancing security, passwordless authentication also improves user experience. Remembering multiple complex passwords can be a daunting task for users, often leading to frustration and decreased productivity. Passwordless authentication simplifies the login process, making it quicker and more convenient for users. This improved user experience can also have a positive impact on businesses by increasing user engagement and customer satisfaction.

However, like any technology, passwordless authentication is not without its challenges. One of the main concerns is the potential for biometric data breaches. Biometric data, such as fingerprints or facial recognition, is…

Source…