Tag Archive for: escalating

Chinese Hackers Breach U.S. Commerce Secretary’s Emails, Escalating Tensions with China | by Tech Daily | Jul, 2023

/in


The hack of Gina Raimondo’s email account highlights the growing threat of cyber espionage from China and the need for stronger international cooperation to combat it.

Credits from asviral.com

Chinese hackers successfully gained access to a U.S. official’s email account in a serious cybersecurity compromise.

Gina Raimondo, Secretary of Commerce.

The attack, which took use of a flaw in Microsoft’s Exchange Server software, went unnoticed for several months before being discovered in May 2023.

The hackers, who are thought to be representing the Chinese government, obtained unlawful access to Raimondo’s emails, possibly exposing private data about trade policy, export restrictions, and China policy.

About government network security, cyber espionage, and the wider ramifications of cyber warfare, this hack exacerbates the already tense ties between the United States and China.

Credits from i.huffpost.com/

Relations between the United States and China are likely to be significantly impacted by the breach of Raimondo’s emails.

This event adds to a growing number of prior accusations that China is participating in cyber espionage, something the United States has regularly accused China of doing.

Tensions between the two countries may increase if the U.S. government responds by enacting penalties or expelling Chinese officials.

This episode highlights the urgent necessity for strong diplomatic measures to combat cyberattacks and set up distinct parameters for appropriate activity in cyberspace.

Credits from images.techhive.com

China’s cyber espionage against the United States has a long and well-documented history.

Chinese hackers have attacked a variety of government organizations, defense contractors, technology companies, and academic institutes in recent years.

Their goals include acquiring sensitive information as well as stealing intellectual property and getting tactical advantages.

Despite the Chinese government’s persistent denials of involvement in these operations, there is growing evidence that China is frequently the source of state-sponsored cyberattacks.

This historical backdrop emphasizes the ongoing difficulties the United States has in protecting its networks from…

Source…

Australian govt warns of escalating LockBit ransomware attacks

/in


Australian govt warns of escalating LockBit ransomware attacks

The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.

“ACSC has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia,” Australia’s cybersecurity agency said in a security alert issued on Thursday.

According to the agency, LockBit victims also report threats of having data stolen during the attacks leaked online, a known and popular tactic among ransomware gangs to coerce their targets into paying the ransoms.

Increasing number of attacks since July

“The majority of victims known to the ACSC have been reported after July 2021, indicating a sharp and significant increase in domestic victims in comparison to other tracked ransomware variants,” the ACSC added.

“The ACSC has observed LockBit affiliates successfully deploying ransomware on corporate systems in a variety of sectors including professional services, construction, manufacturing, retail and food.”

The agency also published a ransomware profile with additional information on the LockBit group, including initial access indicators, targeted sectors, and mitigation measures.

It added that these threat actors are opportunistic and could target organizations from any industry sector. Therefore, not being included in the list of already targeted sectors does not necessarily indicate LockBit’s target won’t switch to other industries.

The ACSC provides mitigations focused on LockBit TTPs (Tactics, Techniques, and Procedures), which include:

  • enabling multifactor authentication (MFA) on all accounts to block the use of stolen credentials
  • encrypting sensitive data at rest to block exfiltration of sensitive information
  • segmenting corporate networks and restricting admin privileges to block lateral movement and privilege escalation attempts
  • maintaining daily backups to reduce a successful attack’s impact
  • patching internet facing Fortinet device against CVE-2018-13379, a security bug heavily exploited by LockBit to breach networks

Organizations affected by these escalating ransomware attacks or who need assistance are advised to reach out using ACSC’s 1300 CYBER1 hotline.

From LockBit to…

Source…

DATA443 ANNOUNCES NEW RANSOMWARE PRODUCT FOR ENDPOINTS IN RESPONSE TO ESCALATING INFECTION COSTS AND EXTORTION RISKS

/in


Capability Removes Requirement for Physical Interaction by IT Staff, Perfect for Hospitals, Schools, Government & Manufacturing

RESEARCH TRIANGLE PARK, NC, April 01, 2021 (GLOBE NEWSWIRE) — Data443 Risk Mitigation, Inc. (“Data443®” or the “Company”) (OTCPK: ATDS), a leading data security and privacy software company, is pleased to announce that its latest privacy-centric endpoint technology – Data443 Ransomware Recovery Manager – is now available.

“The functionality of Data443 Ransomware Recovery Manager is a direct response to the escalating ransomware attacks experienced around the world on a daily basis,” said Jason Remillard, founder and CEO of Data443. “These attacks affect millions of organizations of all sizes and across all sectors – with a high number of attacks primarily targeting three sectors: financial services, healthcare and education.”

“Not only has the incident rate been increasing, the infection rates, costs, and true damages are also increasing year over year, and at an accelerated rate. It is no longer a matter of if but when a ransomware or virus attack hits a business. The Data443 Ransomware Recovery Manager solution was built for the modern enterprise with this attack landscape in mind, and its capabilities are designed to recover a workstation immediately upon infection to the last known business-operable state, without any end user or IT Administrator efforts.”

“Data security continues to be a growing concern for all stakeholders, and having a capability at hand to protect, respond and be back in full operations within minutes is a true differentiator for Data443 and our unique product stack. With the integrated power of Data Identification Manager and Data Archive Manager, we are able to ensure sensitive data is both archived and restored if there is any infection, and with virtually zero down time. Augmented with Data Classification and Data Governance capabilities within the larger Data443 product family, Ransomware Recovery Manager possesses unique capabilities unmatched in this market segment.”

“This new capability demonstrates our commitment to always deliver sophisticated and timely solutions…

Source…

Ex-CIA analyst warns of escalating global cyber-warfare – Insurance Business

/in

Ex-CIA analyst warns of escalating global cyber-warfare  Insurance Business

Expert says while Canada faces a “moderate” level of cyber espionage risk, some groups already have the country in their sights.

“cyber warfare news” – read more