Tag: calls | SpinSafe

Xi Jinping calls for China’s biggest military reorganization since 2015 – Firstpost

April 22, 2024/in Internet Security

Chinese President Xi Jinping. Source: AP

As cyber warfare between China and the United States intensifies, Chinese President Xi Jinping ordered what is being touted as the biggest reorganization of the nation’s military since 2015.

With an intention to expand its military capabilities, China terminated the Strategic Support Force and in turn created a new branch called the Information Support Force. This provides China with the ability to bolster its capabilities in several areas including cyber warfare, Xinhua News reported.

It is important to note that Beijing’s now-terminated Strategic Support Force was created more than eight years ago with the aim of enhancing capabilities in space, cyber, political and electronic warfare.

What’s new?

China’s defence ministry maintained that the aerospace and cyber units previously under the Strategic Support Force will now be organizationally parallel to the newly created Information Support Force.

The aerospace unit is expected to improve China’s capability to use space and step up the management of space crises.

While announcing the new re-organisation, Xi reiterated the Communist Party’s leadership over the army. The Chinese President insisted that the new force would provide “key support in coordinating the construction and utilization of the cyber information system.”

According to Xinhua, Li Wei, the political commissar from the now-defunct Strategic Support Force, will take over the same role with the Information Support Force.

Following the announcement, Li pledged to “resolutely” listen to Xi’s instructions. Bi Yi on the other hand was appointed the new commander of the new force.

The change amid a tense climate

The restructuring came as China continues to face off with the US in a fight for global influence with cyberwarfare emerging as a key battleground. Last month, the US, the UK and New Zealand accused China of sponsoring malicious cyber activity and targeting democratic institutions.

Interestingly, the disappearance of the previous commander of the Strategic Support Force Ju Qiansheng, has led to a rise in speculations about the growing turmoil within China’s military leadership.

While Ju recently appeared in the…

Source…

Former NCSC chief calls for ransomware payments ban, but cyber security experts aren’t keen

March 4, 2024/in Internet Security

The former chief executive of the UK’s National Cyber Security Centre (NCSC) has called for the government to ban organizations from making ransomware payments.

Writing in The Times, Ciaran Martin, who served as the NCSC’s inaugural chief executive, suggested a ban could help put a stop to the ever-increasing proliferation of ransomware, referring to the ‘apparently sanguine attitude’ of British policymakers to cyber criminals groups.

“Ransomware is by far the most damaging cyber threat to most businesses right now. We have to find a way of making a ransom payments ban work,” he wrote.

Martin suggested that any ban would need a better support network for affected companies. However, the lack of such a policy is in part down to the US’ reluctance to introduce a ban amid concerns that it would unreasonably constrain businesses.

Similar concerns have been raised that this could be a particular problem for the country’s hospitals, many of which are in the private sector.

Currently, many governments, including the UK, have a policy that they won’t pay ransoms themselves. In October 2023, 40 countries pledged their support for the International Counter Ransomware Initiative (CRI) as part of an effort to create a more aligned global approach to cyber crime.

Participating nations agreed not to make payments and pledged to share information and create a blacklist of digital wallets being used to deposit and move ransomware payments.

The official advice for UK-based companies is that they should not pay ransoms under any circumstances. The NCSC suggests that even when companies do so, there’s no guarantee that they will get access to their data or systems back, that computers will still be infected, and that those who pay are more likely to be targeted in the future.

Across the cyber security community, there are mixed feelings about whether or not a ban should be introduced.

Oliver Norman, vice president for UK and Ireland at data management firm Veritas, said that regardless of a ban, the outcome of incidents will remain the same, with organizations more likely to be targeted in future and given no guarantees of having data safely returned.

“Whether banned or not, paying not only puts a…

Source…

Deimos Calls for Bolstered Education for Cybersecurity Protection – Tech | Business

October 11, 2023/in Internet Security

…Only 24% of Africa’s financial businesses believe they have sufficient resources to counter attacks.

Deimos, a leading African cloud-focused cybersecurity company, renowned for its pivotal role in cloud-native development and security operations, is sounding the alarm for an urgent need to bolster cybersecurity awareness and education across multiple sectors.

With a diverse clientele spanning the public sector, fintech, and e-commerce, Deimos is resolute on the critical importance of proactive security measures in safeguarding businesses against cloud security vulnerabilities.

Deimos prioritises automated security processes to reduce manual reviews and controls, mitigating human errors.

In Verizon’s 2023 Data Breach Investigations Report, they estimate that 74% of breaches involved the human element, which includes social engineering attacks, errors or misuse.

As remote and hybrid work is the new normal, businesses increasingly rely on cloud technology. Deimos sheds light on three vital methods engineering teams must apply to increase their cloud security:

“Shifting left” – moving the security planning, design, and testing of key products earlier in the software development life cycle, rather than after release.
“Defending right” – Implementing firewalls and intrusion detection systems to protect products from external threats.
Utilising automated tools to establish guardrails before moving into production – such as static and dynamic application security testing, or package vulnerability scanning, to analyse source code, software packages, or web application respectively, for vulnerabilities. Utilising automated tools to establish guardrails before moving into production.

These protections are crucial for Africa’s fast-growing tech ecosystem which holds lucrative data and assets within the cloud, making unprepared businesses an attractive target for cybercriminals.

Each breach further impacts millions of Africans, across the continent and diaspora, and whilst cyber security solutions are readily available, many are not followed.

Deimos highlights the common pitfalls that startup organisations…

Source…

China Calls Hacking Report ‘Far-Fetched’ – The Diplomat

June 17, 2023/in Computer Security

China Power | Security | East Asia

The Mandiant report accused a “China-nexus threat actor” of infiltrating the email systems of a wide range of government agencies, trade offices, and academic organizations.

China’s government on Friday rejected as “far-fetched and unprofessional” a report by a U.S. security firm that blamed Chinese-linked hackers for attacks on hundreds of public agencies, schools, and other targets around the world.

A Chinese Foreign Ministry spokesperson repeated accusations that Washington carries out hacking attacks and complained the cybersecurity industry rarely reports on them.

Mandiant’s report came ahead of a visit to Beijing by Secretary of State Antony Blinken aimed at repairing relations that have been strained by disputes over human rights, security, and other irritants. Blinken’s visit was planned earlier this year but was canceled after what the U.S. government said was a Chinese spy balloon flew over the United States.

The report said hackers targeted email to engage in “espionage activity in support of the People’s Republic of China.”

“The relevant content is far-fetched and unprofessional,” said the Chinese spokesperson, Wang Wenbin.

Enjoying this article? Click here to subscribe for full access. Just $5 a month.

“American cybersecurity companies continue to churn out reports on so-called cyberattacks by other countries, which have been reduced to accomplices for the U.S. government’s political smear against other countries,” Wang said.

The latest attacks exploited a vulnerability in a Barracuda Networks email system and targeted foreign ministries in Southeast Asia, other government agencies, trade offices and academic organizations in Taiwan and Hong Kong, according to Mandiant.

It described the attacks as the biggest cyber espionage campaign known to be conducted by a “China-nexus threat actor” since a 2021 attack on Microsoft Exchange. That affected tens of thousands of computers.

Tag Archive for: calls

…Only 24% of Africa’s financial businesses believe they have sufficient resources to counter attacks.

China Power | Security | East Asia