Tag Archive for: Tensions

Rising Global Tensions Could Portend Destructive Hacks

/in


Critical Infrastructure Security
,
Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime

CISA’s Goldstein Says Critical Infrastructure Should ‘Remain on Heightened Alert’

Chris Riotta (@chrisriotta) •
October 25, 2023    

Rising Global Tensions Could Portend Destructive Hacks
Image: Shutterstock

U.S. government agencies and private sector organizations should “remain on heightened alert” for disruptive cyberattacks targeting critical infrastructure and key sectors amid a series of escalating global conflicts, a top official for the U.S. Cybersecurity and Infrastructure Security Agency said on Wednesday.

See Also: Revealing the Secrets of Synthetic Identity Fraud: Safeguarding Your Organization Amidst a Changing Threat Landscape


Recent government analysis, including the latest annual global threat assessment of the U.S. intelligence community, indicates that cybercriminals and foreign adversaries would likely execute destructive attacks against critical infrastructure in the U.S. in the event of a Chinese conflict with Taiwan.


The U.S. is already facing major international crises – Russia’s invasion of Ukraine and the war between Israel and Hamas – that pose an “extraordinary challenge in cybersecurity” for government agencies, critical infrastructure operators and the private sector, said Eric Goldstein, CISA’s executive assistant director for cybersecurity.


“Russian cyber actors remain highly capable,” Goldstein said during an event hosted by think tank R Street Institute. There is “tremendous uncertainty” surrounding the future trajectory of Russian cyber activity around the war in Ukraine.


“We have to remain on heightened alert about how we think about the…

Source…

Chinese Hackers Breach U.S. Commerce Secretary’s Emails, Escalating Tensions with China | by Tech Daily | Jul, 2023

/in


The hack of Gina Raimondo’s email account highlights the growing threat of cyber espionage from China and the need for stronger international cooperation to combat it.

Credits from asviral.com

Chinese hackers successfully gained access to a U.S. official’s email account in a serious cybersecurity compromise.

Gina Raimondo, Secretary of Commerce.

The attack, which took use of a flaw in Microsoft’s Exchange Server software, went unnoticed for several months before being discovered in May 2023.

The hackers, who are thought to be representing the Chinese government, obtained unlawful access to Raimondo’s emails, possibly exposing private data about trade policy, export restrictions, and China policy.

About government network security, cyber espionage, and the wider ramifications of cyber warfare, this hack exacerbates the already tense ties between the United States and China.

Credits from i.huffpost.com/

Relations between the United States and China are likely to be significantly impacted by the breach of Raimondo’s emails.

This event adds to a growing number of prior accusations that China is participating in cyber espionage, something the United States has regularly accused China of doing.

Tensions between the two countries may increase if the U.S. government responds by enacting penalties or expelling Chinese officials.

This episode highlights the urgent necessity for strong diplomatic measures to combat cyberattacks and set up distinct parameters for appropriate activity in cyberspace.

Credits from images.techhive.com

China’s cyber espionage against the United States has a long and well-documented history.

Chinese hackers have attacked a variety of government organizations, defense contractors, technology companies, and academic institutes in recent years.

Their goals include acquiring sensitive information as well as stealing intellectual property and getting tactical advantages.

Despite the Chinese government’s persistent denials of involvement in these operations, there is growing evidence that China is frequently the source of state-sponsored cyberattacks.

This historical backdrop emphasizes the ongoing difficulties the United States has in protecting its networks from…

Source…

USA-China tensions could deepen over role of alleged Chinese hackers

/in


Hackers from China have allegedly been at the forefront of recent hacking incidents witnessed in the USA amid growing tensions between Washington and Beijing.

On the 16th of December, the United States government released a statement that hackers affiliated to the governments of China, North Korea, and Turkey have moved to exploit a severe vulnerability in software used by major technology companies throughout the world.

Experimentation with the flaw, integration into established hacking tools, and “exploitation against targets to meet the actor’s aims” are among the activities carried out by foreign hacker groups, as reported by CNN.

A software vulnerability has recently been discovered, according to the US Cybersecurity and Infrastructure Security Agency (CISA) and this could compromise hundreds of millions of devices worldwide.

In response to the threat, CISA has instructed all federal and civilian entities to upgrade their software. The vulnerability is in the Java-based program “Log4j,” which is used by enterprises all over the world to log data in their applications. From Cisco to Amazon Web Services to IBM, the list of vulnerable software vendors reads like a who’s who of tech behemoths. Despite the fact that US officials are on high alert as a result of the software weakness, Eric Goldstein, a senior CISA officer, told the media that there was no proof that federal networks had been hacked using this vulnerability.

Earlier this year The United States, the United Kingdom, and their allies publicly blamed the Microsoft Exchange intrusion on Chinese government actors, accusing the Chinese government of a wide range of “malicious cyber actions,” intensifying tensions between the White House and Beijing. According to this coalition of nations, the Chinese government is behind several harmful ransomware, data theft, and cyber-espionage assaults against public and commercial businesses, including the massive Microsoft Exchange compromise earlier this year. The attack was attributed to China by Australia, Canada, New Zealand, Japan, and NATO, marking it the first time that the North American-European alliance has condemned China’s cyber actions, according to a senior Biden…

Source…

Watering-hole in Hong Kong. US, EU join Paris Call. NSO C-suite turnover. ICS advisories. Rising tensions in Eastern Europe.

/in


Attacks, Threats, and Vulnerabilities

COVID-19: North Korean hackers detected searching for vaccine manufacturing secrets (Sky News) The cyber campaign comes despite the regime in Pyongyang claiming that there are no COVID-19 cases in the country and declining three million vaccine doses from UNICEF.

North Korean hackers target the South’s think tanks through blog posts (ZDNet) Responsibility for new attacks has been laid at the feet of the Kimsuky threat group.

Lazarus hackers target researchers with trojanized IDA Pro (BleepingComputer) A North Korean state-sponsored hacking group known as Lazarus is again trying to hack security researchers, this time with a trojanized pirated version of the popular IDA Pro reverse engineering application.

South Korean Users Targeted with Android Spyware ‘PhoneSpy’ (SecurityWeek) Researchers find Android malware with extensive spyware capabilities, including data theft, GPS monitoring, and audio and video recording.

PhoneSpy: The App-Based Cyberattack Snooping South Korean Citizens (Zimperium Mobile Security Blog) Zimperium has discovered the active malware campaign PhoneSpy, a spyware aimed at South Korean residents with Android devices.

macOS zero-day deployed via Hong Kong pro-democracy news sites (The Record by Recorded Future) A suspected state-sponsored threat actor has used Hong Kong pro-democracy news sites to deploy a macOS zero-day exploit chain that installed a backdoor on visitors’ computers.

Google Caught Hackers Using a Mac Zero-Day Against Hong Kong Users (Vice) “The nature of the activity and targeting is consistent with a government backed actor,” the Google researchers say.

This new Android spyware masquerades as legitimate apps (TechCrunch) The spyware has already ensnared over a thousand victims.

FBI: Iranian threat actor trying to acquire leaked data on US organizations (The Record by Recorded Future) The US Federal Bureau of Investigation says that a threat actor known to be associated with Iran is currently seeking to acquire data from organizations across the globe, including US targets.

PA alleges: NSO Group spyware used to hack foreign ministry workers’ phones (Times of Israel) Palestinian Authority asserts it has proof of…

Source…