All posts tagged: cyberattacks

The FCC’s Jessica Rosenworcel Isn’t Leaving Without a Fight

The FCC’s Jessica Rosenworcel Isn’t Leaving Without a Fight

Published by skeptic

As the United States scrambles to kick China out of its communications networks, Jessica Rosenworcel, the outgoing Democratic chair of the Federal Communications Commission, says it’s vital for her Republican successor to maintain strong oversight of the telecommunications industry. The government is still reeling from the Chinese “Salt Typhoon” hacking campaign that penetrated at least nine US telecom companies and gave Beijing access to Americans’ phone calls and text messages and the wiretap systems used by law enforcement. The operation exploited US carriers’ shockingly poor cybersecurity, including an AT&T administrator account that lacked basic security protections. To prevent a repeat of the unprecedented telecom intrusion, Rosenworcel used the waning days of her FCC leadership to propose new cybersecurity requirements for telecom operators. On Thursday, the commission narrowly voted to approve her proposal. But those rules face a bleak future, with president-elect Donald Trump preparing to take office and control of the FCC transferring to commissioner Brendan Carr, a Trump ally who voted against Rosenworcel’s regulatory plan. In an interview days before Trump’s inauguration, Rosenworcel is …

Cybercriminals increasingly help Russia, China, Iran target US, allies

Cybercriminals increasingly help Russia, China, Iran target US, allies

Published by Sam

WASHINGTON —  Russia, China and Iran are increasingly relying on criminal networks to lead cyberespionage and hacking operations against adversaries such as the United States, according to a report on digital threats published Tuesday by Microsoft. The growing collaboration between authoritarian governments and criminal hackers has alarmed national security officials and cybersecurity experts. They say it represents the increasingly blurred lines between actions directed by Beijing or the Kremlin aimed at undermining rivals and the illicit activities of groups typically more interested in financial gain. In one example, Microsoft’s analysts found that a criminal hacking group with links to Iran infiltrated an Israeli dating site and then tried to sell or ransom the personal information it obtained. Microsoft concluded the hackers had two motives: to embarrass Israelis and make money. In another, investigators identified a Russian criminal network that infiltrated more than 50 electronic devices used by the Ukrainian military in June, apparently seeking access and information that could aid Russia’s invasion of Ukraine. There was no obvious financial motive for the group, aside from …

A (Strange) Interview the Russian-Military-Linked Hackers Targeting US Water Utilities

A (Strange) Interview the Russian-Military-Linked Hackers Targeting US Water Utilities

Published by skeptic

She later added, somewhat confusingly, that “the Sandworm hacker group does have something in common [with us] … This is the commander-in-chief of our Cyber Army.” It wasn’t clear, however, whether that comment was referring to a shared leader overseeing the two groups—or even a kind of imagined ideological leader such as Russian president Vladimir Putin—or whether Julia meant that Sandworm itself gives the Cyber Army its orders, in contradiction to her previous statements. Julia didn’t respond to WIRED’s requests for clarification on that question or, in fact, to any questions following that comment. A Hacktivist Hype Machine Russian information warfare and influence operations experts with whom WIRED shared the full text of the interview noted that, despite Cyber Army of Russia’s claims of acting as an independent grassroots organization, it closely adheres to both Russian government talking points as well the Russian military’s published information warfare doctrine. The group’s rhetoric about changing “minds and hearts” beyond the front lines of a conflict through attacks targeting civilian infrastructure mirrors a well-known paper on “information confrontation” …

The Alleged LockBit Ransomware Mastermind Has Been Identified

The Alleged LockBit Ransomware Mastermind Has Been Identified

Published by skeptic

“If you are a cyber criminal, and you are operating in these marketplaces, or forums or platforms, you cannot be certain that law enforcement are not in there observing you and taking action against you,” says Paul Foster, the head of the NCA’s National Cyber Crime Unit. Rise of Supp LockBit first emerged in 2019 as a fledgling “ransomware-as-a-service” (RaaS) platform. Under this setup, a core handful of individuals, organized by the LockBitSupp handle, created the group’s easy-to-use malware and launched its leak website. This group licenses LockBit’s code to “affiliate” hackers who launched attacks and negotiated ransom payments, eventually providing LockBit with around 20 percent of their profits. Despite launching thousands of attacks, the group initially tried to keep a low profile compared to other ransomware groups. Over time, as LockBit became more well known and started to dominate the cybercrime ecosystem, its members became more brazen and arguably careless. The NCA senior investigator says they pulled data about 194 affiliates from LockBit’s systems and are piecing together their offline identities—only 114 of them …

Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know

Apple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should Know

Published by skeptic

Despite NSO Group’s claims, spyware has continued to target journalists, dissidents, and protesters. Saudi journalist and dissident Jamal Khashoggi’s wife, Hanan Elatr, was allegedly targeted with Pegasus before his death. In 2021, New York Times reporter Ben Hubbard learned his phone had been targeted twice with Pegasus. Pegasus was silently implanted onto the iPhone of Claude Magnin, the wife of the political activist Naama Asfari, who was jailed and allegedly tortured in Morocco. Pegasus has also been used to target pro-democracy protesters in Thailand, Russian journalist Galina Timchenko, and UK government officials. In 2021, Apple filed a lawsuit against NSO Group and its parent company to hold it accountable for “the surveillance and targeting of Apple users.” The case is still ongoing, with NSO Group attempting to dismiss the lawsuit, but experts say the problem is not going to go away as long as spyware vendors are able to operate. David Ruiz, senior privacy advocate at security firm Malwarebytes, blames “the obsessive and oppressive operators behind spyware, who compound its danger to society.” The Spyware Drain If you are …

German foreign minister summons Russia over 2023 cyber-attacks

German foreign minister summons Russia over 2023 cyber-attacks

Published by skeptic

German Minister for Foreign Affairs Annalena Baerbock speaks during a ceremony in Adelaide, Australia, May 3, 2024. Michael Errey/Pool via REUTERS MICHAEL ERREY / VIA REUTERS Germany’s top diplomat on Friday, May 3, accused Russian agents of “intolerable” hacking of the emails of a key governing party and joined NATO and European Union countries in warning that Russia’s cyberespionage would have consequences. Relations between Russia and Germany were already tense, with Germany providing military support to Ukraine in its ongoing war with Russia. German Foreign Minister Annalena Baerbock said Russian state hackers were behind the hacking of emails of the Social Democrats, the leading party in the governing coalition. Officials said they did so by exploiting Microsoft Outlook. The German Interior Ministry said in a statement that the hacking campaign began at least as early as March 2022 – a month after Russia’s full-scale invasion of Ukraine – with emails at Social Democrat party headquarters accessed beginning that December. It said German companies, including in the defense and aerospace sectors, as well as targets related …

U.S. intelligence chief warns Congress of rise in cyberattacks

U.S. intelligence chief warns Congress of rise in cyberattacks

Published by skeptic

 Director of National Intelligence Avril Haines testifies before the Senate Armed Services Committee May 2, 2024 in Washington, DC. Win Mcnamee | Getty Images News | Getty Images The top U.S. intelligence official warned Congress of an alarming rise in cyberattacks at a hearing on global threats Thursday. Director of National Intelligence Avril Haines said the number of ransomware attacks worldwide grew as much as 74% in 2023. The comments from Haines come as various companies, such as UnitedHealth Group, MGM Resorts and Clorox, have been disrupted by cyberattacks in the past year. “Although the likelihood of any single attack having a widespread effect on interrupting critical services remains low, the increased number of attacks and the actors’ willingness to access and manipulate these control systems increases the collective odds that at least one could have a more significant impact,” Haines told members of the Senate Armed Services Committee. Haines said U.S. entities were the most heavily targeted in 2023 with attacks in sectors such as healthcare doubling from the prior year. The intelligence chief …

The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics

The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics

Published by skeptic

Police and federal agencies are responding to a massive breach of personal data linked to a facial recognition scheme that was implemented in bars and clubs across Australia. The incident highlights emerging privacy concerns as AI-powered facial recognition becomes more widely used everywhere from shopping malls to sporting events. The affected company is Australia-based Outabox, which also has offices in the United States and the Philippines. In response to the Covid-19 pandemic, Outabox debuted a facial recognition kiosk that scans visitors and checks their temperature. The kiosks can also be used to identify problem gamblers who enrolled in a self-exclusion initiative. This week, a website called “Have I Been Outaboxed” emerged, claiming to be set up by former Outabox developers in the Philippines. The website asks visitors to enter their name to check whether their information had been included in a database of Outabox data, which the site alleges had lax internal controls and was shared in an unsecured spreadsheet. It claims to have more than 1 million records. The incident has rankled privacy experts …

The Dangerous Rise of GPS Attacks

Published by skeptic

The disruption to GPS services started getting worse on Christmas day. Planes and ships moving around southern Sweden and Poland lost connectivity last December 25 as their radio signals were interfered with. Since then, the region around the Baltic Sea—including neighboring Germany, Finland, Estonia, Latvia, and Lithuania—has faced persistent attacks against GPS systems. Tens of thousands of planes flying in the region have reported problems with their navigation systems in recent months amid widespread jamming attacks, which can make GPS inoperable. As the attacks have grown, Russia has increasingly been blamed, with open source researchers tracking the source to Russian regions such as Kaliningrad. In one instance, signals were disrupted for 47 hours continuously. On Monday, marking one of the most serious incidents yet, airline Finnair canceled its flights to Tartu, Estonia, for a month, after GPS interference forced two of its planes to abort landings at the airport and turn around. The jamming in the Baltic region, which was first spotted in early 2022, is just the tip of the iceberg. In recent years, …