Tag Archive for: Examiner

Biden’s response to China hack seen as tepid due to US economic ties with Beijing | Washington Examiner

/in


When the White House announced President Joe Biden rallied American allies to condemn China’s state-sponsored hacking, many in Washington were perplexed as he bypassed more punitive measures.

China’s Ministry of State Security, which U.S. intelligence officials accused of cyber spying and hacking for profit, was behind multiple “zero-day” exploits that breached the Microsoft Exchange Server, prompting Biden’s response. The attacks take advantage of security holes in widely used software, such as the Microsoft Exchange email service, and can operate undetected until the hole is patched.

WHITE HOUSE DEFENDS BIDEN’S ‘COORDINATED’ RESPONSE TO CHINESE GOVERNMENT-SPONSORED HACKERS

Asked this week why Biden seemed to hold off on a stronger condemnation of China, White House press secretary Jen Psaki said, “That was not the intention he was trying to project.”

The effort to coordinate multilateral partners from the United Kingdom, Australia, Canada, New Zealand, Japan, and NATO “was under [Biden’s] direction,” Psaki said. “He continues to feel its important to lead from a position of strength in close coordination with our partners and allies around the world, and he takes the malicious cyber activity — whether it’s from Russia or China, whomever the actors may be — quite seriously.”

She said economic ties with China wouldn’t stop further U.S. retaliation if deemed necessary.

Dmitri Alperovitch, who leads the Silverado Policy Accelerator, a Washington, D.C.-based cybersecurity think tank, questioned Biden’s inconsistent response in a blog post in light of a forceful retaliation to the SolarWinds breach that U.S. intelligence linked to Russia earlier this year.

“Having drawn a red line in the case of the SolarWinds breach … the United States ought to calibrate its responses to subsequent attacks relative to that line,” he wrote. “By every conceivable technical standard, the Exchange hacks were the more damaging and more reckless of the two actions. For the sake of both strategic and normative consistency, the administration should be prepared to impose more serious consequences.”

It is hard to say why the Biden administration has refrained from using…

Source…

Latvian woman charged for alleged role in transnational ransomware scheme targeting 11 countries | Washington Examiner

/in


A Latvian national faces federal charges for allegedly participating in a transnational plot using ransomware to steal money and other confidential information from victims, including Americans.

Alla Witte, 55, was arraigned in the U.S. District Court for the Northern District of Ohio on Friday on 19 counts in a 47-count indictment brought against the “Trickbot Group,” named for the Trickbot malware used in the plot, according to the Justice Department.

As part of their cybercrime scheme, Witte and other conspirators, who operated in Russia, Belarus, Ukraine, and Suriname, allegedly began using the malware in November 2015 to steal from individuals, hospitals, schools, public utilities, banks, and governments in the United States, the United Kingdom, Australia, Belgium, Canada, Germany, India, Italy, Mexico, Spain, and Russia.

UPTICK IN RANSOMWARE ATTACKS SHARES ‘A LOT OF PARALLELS’ WITH 9/11: WRAY

Witte, who resided in Suriname when the cybercrimes occurred, was a developer for the group and oversaw the creation of computer code used to control the ransomware, obtain payment from victims, and store stolen information, according to court documents.

The group infected millions of computers worldwide, including those belonging to individuals and business entities within the Northern District of Ohio, to harvest credit card information, passwords, social security numbers, and addresses and to steal funds from victims’ bank accounts, the indictment said.

“The Trickbot malware was designed to steal the personal and financial information of millions of people around the world, thereby causing extensive financial harm and inflicting significant damage to critical infrastructure within the United States and abroad,” acting U.S. Attorney Bridget Brennan of the Northern District of Ohio said in a Justice Department news release.

A warrant was issued for Witte on Aug. 13, 2020, and she was arrested Feb. 6 in Miami.

Witte faces one count each of conspiracy to commit computer fraud and aggravated identity theft, conspiracy to commit wire and bank fraud, and conspiracy to commit money laundering, as well as eight counts of bank fraud and eight counts of aggravated…

Source…

Microsoft says it was hit by Chinese hackers, but Biden administration won’t point finger | Washington Examiner

/in


Microsoft and cybersecurity experts believe the massive hack against the Microsoft Exchange Server this year was conducted by a Chinese hacker group, but the Biden administration has yet to point the finger.

President Joe Biden signed a cybersecurity executive order earlier this month, naming three recent prominent cyberattacks — SolarWinds, Colonial Pipeline, and Microsoft — with a White House fact sheet saying those “recent cybersecurity incidents … are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.” The United States has said Russian intelligence is behind the SolarWinds hack and that a Russian hacker gang is behind the Colonial Pipeline attack, but it has not publicly attributed the Microsoft hack to anyone.

The tech giant announced in March that it had detected “multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks” in March and said its Threat Intelligence Center attributed the cybercampaign with “high confidence” to a hacker group dubbed “Hafnium,” which “operates primarily from leased virtual private servers in the United States.” Microsoft said the hacker group was “state-sponsored” and operating out of China. Microsoft said the hackers had used vulnerabilities to access email accounts and install additional malware “to facilitate long-term access to victim environments.”

The Microsoft Exchange Server handles the company’s email, calendar, scheduling, contact, and collaboration services.

Tom Burt, the corporate vice president of customer security and trust at Microsoft, wrote in March that “Hafnium operates from China, and this is the first time we’re discussing its activity.” He called the Chinese hacker group “a highly skilled and sophisticated actor” that “primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs.”

Jake Sullivan, Biden’s…

Source…

Cyber Warfare Market Size, Share, Driving Innovations, Future Roadmap & Growth Forecast To 2026 – Science Examiner

/in

Cyber Warfare Market Size, Share, Driving Innovations, Future Roadmap & Growth Forecast To 2026  Science Examiner
“cyber warfare news” – read more