•   
  •   
  •   

US Critical entities targeted in suspected Chinese cyber spying

07:40  15 june  2021
07:40  15 june  2021 Source:   msn.com

Hit by a ransomware attack? Here's who to call

  Hit by a ransomware attack? Here's who to call The list of high-profile ransomware attacks grows longer and more alarming by the week, impacting everything from gas pipelines and meat supplies to ferries. Those companies and agencies that get hit must scramble to protect their systems and a tough decision on whether to pay hackers to remove the disruption. © Shutterstock In the face of that situation, affected companies may rush to reach out to their IT teams, police, crisis PR, lawyers and law enforcement. But, frequently, one of the first calls is to their insurance provider.

“ China ’s cyber -espionage operations have included compromising telecommunications firms, providers of managed services and broadly used software, and other targets potentially rich in follow-on opportunities for intelligence collection, attack, or influence operations,” the intel agencies warn. Chinese -associated threat actors typically conduct cyber -espionage operations to gather information in support of wider economic goals such as the Belt and Road Initiative and the ‘Made in China 2025’ program. Part of this involves spying on foreign governments. They also seek competitive intelligence

Chinese cyber -attacks seem to target strategic industries in which China lags;[36] attacks on defense companies target weapons-systems information, and attacks on technology companies seek source code critical to software applications.[36] Operation Aurora emphasized what senior U.S The protection of the South China Sea is highly important to the U.S. because a Chinese Cyber Unit has already succeeded in an intrusion into the Philippine's government and military networks. Military documents, internal communications, and other sensitive materials related to the dispute were lost

RICHMOND, Va. (AP) — A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost internet security to penetrate the computers of critical U.S. entities.

An Icon for the Pulse Secure smartphone app, right, and a computer desktop info page, left, are seen in Burke, Va., on Monday, June 14, 2021.  Suspected state-backed Chinese hackers penetrated the computer systems of critical U.S. entities in what cybersecurity experts are calling a major Chinese cyberespionage campaign, an episode that’s gone largely under the radar amid the clamor of worsening ransomware attacks. The campaign was carried out by exploiting the widely used Pulse Connect Secure networking devices. Pulse Secure is used by numerous companies and governments for secure remote access to their networks. (AP Photo) © Provided by Associated Press An Icon for the Pulse Secure smartphone app, right, and a computer desktop info page, left, are seen in Burke, Va., on Monday, June 14, 2021. Suspected state-backed Chinese hackers penetrated the computer systems of critical U.S. entities in what cybersecurity experts are calling a major Chinese cyberespionage campaign, an episode that’s gone largely under the radar amid the clamor of worsening ransomware attacks. The campaign was carried out by exploiting the widely used Pulse Connect Secure networking devices. Pulse Secure is used by numerous companies and governments for secure remote access to their networks. (AP Photo)

The hack of Pulse Connect Secure networking devices came to light in April, but its scope is only now starting to become clear. The Associated Press has learned that the hackers targeted telecommunications giant Verizon and the country’s largest water agency. News broke earlier this month that the New York City subway system, the country’s largest, was also breached.

Ransomware is the top cybersecurity threat we face, warns cyber chief

  Ransomware is the top cybersecurity threat we face, warns cyber chief NCSC CEO Lindy Cameron issues warning over growing danger of cyber criminal ransomware operations and how improving cyber reliance is needed to prevent attacks.Ransomware is one of the key cybersecurity threats facing the UK and the cyber criminal groups behind them are becoming more dangerous, the UK's cyber chief is to warn.

Chinese government-linked hackers are suspected to be behind an ongoing global cyber -espionage campaign that U.S. officials are actively tracking, CyberScoop has learned. Malicious software used in the campaign, which the departments of Defense and Homeland Another U.S. government source said the hackers are suspected of having ties to Beijing, while a third government official described the group as operating a concerted hacking campaign based in China . Each person spoke with CyberScoop on the condition of anonymity because they were not authorized to speak to the media.

A cyber espionage group is believed to be targeting key countries for China ’s Belt and Road Initiative with a particular focus on sectors such as engineering, transport and defence, a US security firm has warned. In its “M-Trends 2019” report, FireEye, which has been active in exposing Chinese “ Target countries are concentrated in Southeast Asia or are host to global entities involved in maritime issues, such as shipping or naval technology,” the report said. The research report, which is released annually, said that APT40 targeted government-sponsored projects and was collecting “business intelligence

Security researchers say dozens of other high-value entities that have not yet been named were also targeted as part of the breach of Pulse Secure, which is used by many companies and governments for secure remote access to their networks.

It’s unclear what sensitive information, if any, was accessed. Some of the targets said they did not see any evidence of data being stolen. That uncertainty is common in cyberespionage and it can take months to determine data loss, if it is ever discovered. Ivanti, the Utah-based owner of Pulse Connect Secure, declined to comment on which customers were affected.

But even if sensitive information wasn’t compromised, experts say it is worrisome that hackers managed to gain footholds in networks of critical organizations whose secrets could be of interest to China for commercial and national security reasons.

Biden's cyber budget good, but still insufficient to meet the threats

  Biden's cyber budget good, but still insufficient to meet the threats America needs proactive, forward-looking investment that both mitigates the past year’s problems and prevents next year’s.The White House is requesting a 14 percent increase in federal civilian cybersecurity spending, or $9.8 billion all together. This comes on top of the FY2021 11 percent spending growth among major civilian departments and agencies. The $1.2 billion annual increase includes an additional $750 million for "agencies affected by recent, significant cyber incidents.

Suspected state-backed Chinese hackers exploited widely used networking devices to spy for months on dozens of high-value government, defence industry and. A suspect in the JAXA case, a Chinese systems engineer based in Japan, allegedly gained access to a rental server by registering himself under a false identity to launch the cyber attacks, Mr Kato said, citing the police investigation. NHK public television said another Chinese national with suspected links to the PLA unit who was in Japan as an exchange student was also investigated in the case.

Suspected state-backed Chinese hackers exploited widely used networking devices to spy for months on dozens of high-value government, defence industry and financial sector targets in the US and Europe, according to FireEye, a prominent cybersecurity firm. FireEye said today that it believes two hacking groups linked to China broke into several targets through Pulse Connect Secure devices, which numerous companies and governments use for secure remote access to their networks. After FireEye released a blog post detailing its findings today, the Department of Homeland Security’s

“The threat actors were able to get access to some really high-profile organizations, some really well-protected ones,” said Charles Carmakal, the chief technology officer of Mandiant, whose company first publicized the hacking campaign in April.

The Pulse Secure hack has largely gone unnoticed while a series of headline-grabbing ransomware attacks have highlighted the cyber vulnerabilities to U.S. critical infrastructure, including one on a major fuels pipeline that prompted widespread shortages at gas stations. The U.S. government is also still investigating the fallout of the SolarWinds hacking campaign launched by Russian cyber spies, which infiltrated dozens of private sector companies and think tanks as well as at least nine U.S. government agencies and went on for most of 2020.

China has a long history of using the internet to spy on the U.S. and presents a "prolific and effective cyber-espionage threat," the Office of the Director of the National Intelligence said in its most recent annual threat assessment.

Senate confirms Chris Inglis as Biden's top cyber adviser

  Senate confirms Chris Inglis as Biden's top cyber adviser Inglis, a former NSA deputy director, will confront the mammoth task of streamlining the government's approach to a growing crisis.As head of the new Office of the National Cyber Director inside the White House, Inglis will coordinate federal agencies’ disparate work on cyber issues and oversee the development of the U.S.’ digital defense strategy.

China has denied accusations of cyberwarfare,[8] and has accused the United States of engaging in cyber -warfare against it, accusations which the United States denies.[9] Wang Baodong of the Chinese Embassy in the United States responded that the accusations are a result of Sinophobic paranoia.[8] He states that " China would never do anything to In April 2021 FireEye said that suspected Chinese hackers used a zero-day attack against Pulse Connect Secure devices, a vpn device, in order to spy on dozens of government, defense industry and financial targets in the U.S. and Europe.[44][45][46][47].

“This is the most extensive operation we have ever reported by a Chinese APT group,” the cyber researchers at Check Point told me, warning just how “ targeted and sophisticated” this five-year campaign had been. Multiple overseas governments have been compromised by this threat group’s The malware-laced communications might be sent from an overseas embassy to ministries in its home country, or to government entities in its host country. “The group has introduced a new cyber weapon crafted to gather intelligence on a wide scale, but also to follow intelligence officers directives to look

Six years ago Chinese hackers stole millions of background check files of federal government employees from the Office of Personnel Management. And last year the Justice Department charged two hackers it said worked with the Chinese government to target firms developing vaccines for the coronavirus and stole hundreds of millions of dollars worth of intellectual property and trade secrets from companies across the world.

The Chinese government has denied any role in the Pulse hacking campaign and the U.S. government has not made any formal attribution.

In the Pulse campaign, security experts said sophisticated hackers exploited never-before-seen vulnerabilities to break in and were hyper diligent in trying to cover their tracks once inside.

“The capability is very strong and difficult to defend against, and the profile of victims is very significant,” said Adrian Nish, the head of cyber at BAE Systems Applied Intelligence. “This is a very targeted attack against a few dozen networks that all have national significance in one way or another.”

Company at heart of Arizona's election 'audit' exists mostly in virtual reality

  Company at heart of Arizona's election 'audit' exists mostly in virtual reality Cyber Ninjas, the company running Arizona Senate's controversial election 'audit,' is one man - Doug Logan - whose spouting of debunked conspiracy theories about 2020 election fraud may bring him more such 'audits' in other states.In recent weeks, GOP lawmakers from at least 16 states have flocked to Phoenix for a first-hand look at a controversial, partisan "audit" of the 2020 vote in Arizona's largest county.

The Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency, or CISA, issued an April alert about the Pulse hack saying it was aware of “compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations.” The agency has since said that at least five federal agencies have identified indications of potential unauthorized access, but not said which ones.

Verizon said it found a Pulse-related compromise in one of its labs but it was quickly isolated from its core networks. The company said no data or customer information was accessed or stolen.

“We know that bad actors try to compromise our systems,” said Verizon spokesman Rich Young. “That is why internet operators, private companies and all individuals need to be vigilant in this space.”

The Metropolitan Water District of Southern California, which provides water to 19 million people and operates some of the largest treatment plants in the world, said it found a compromised Pulse Secure appliance after CISA issued its alert in April. Spokeswoman Rebecca Kimitch said the appliance was immediately removed from service and no Metropolitan systems or processes were known to have been affected. She said there was “no known data exfiltration.”

Will Putin's Hackers Launch a Cyber Pearl Harbor—and a Shooting War?

  Will Putin's Hackers Launch a Cyber Pearl Harbor—and a Shooting War? As cyber criminals linked to Russia increase their attacks on U.S. targets, there's a rising risk the next big strike could trigger a war—and not the virtual kind, but one involving troops, tanks, missiles and, in the worst-case scenario, even nuclear weapons.Most Americans seem to assume that a cyber attack, even by an avowed adversary like Russia or Iran, would be answered in kind—that the U.S. would cause an annoying power outage or a brief internet failure. But experts and former intelligence and cyber-security officials tell Newsweek that hackers linked to Russia have launched cyber attacks on the U.S.

The Metropolitan Transportation Authority in New York also said they’ve not found evidence of valuable data or customer information was stolen. The breach was first reported by The New York Times.

Nish, the BAE security expert, said the hackers could have broken into networks but not stolen data right away for any number of operational reasons. He compared it to a criminal breaking into a house but stopping in the hallway.

“It’s still pretty bad,” Nish said.

Mandiant said it found signs of data extraction from some of the targets. The company and BAE have identified targets of the hacking campaign in several fields, including financial, technology and defense firms, as well as municipal governments. Some targets were in Europe, but most in the U.S.

At least one major local government has disputed it was a target of the Pulse Secure hack. Montgomery County, Maryland, said it was advised by CISA that its Pulse Secure devices were attacked. But county spokesman Scott Peterson said the county found no evidence of a compromise and told CISA they had a “false report.”

CISA did not directly respond to the county's statement.

The new details of the Pulse Secure hack come at a time of tension between the U.S. and China. Biden has made checking China’s growth a top priority, and said the country's ambition of becoming the wealthiest and most powerful country in the world is “not going to happen under my watch.”

Dam releases, bank failures and poisoned water: Cyber pros warn worst cases are possible .
Cyberattacks could be far more devastating than anything seen so far unless the US girds its critical systems against a digital intruders.Another hacker was in the process of trying to poison the water supply in a Florida town in February when a worker noticed and stopped it.

usr: 4
This is interesting!