Tag Archive for: American

Chinese hackers are going after American routers

/in


Your router is a crucial part of your home’s connection. It’s the primary way the internet gets into your house, and it sends out the Wi-Fi signal that connects all your wireless devices.

Has it been years since you updated your router? We put together a quick quiz to help you choose the perfect model for your home and needs. This is a must if your connection is spotty and your router isn’t equipped with the latest security standards. Tap or click here to take our router-finder quiz.

Even if your firmware is up to date, your router is still vulnerable to attack. No system is impenetrable, and the issue gets compounded when professional hackers from other countries get involved. Read on to see why Chinese hackers are targeting routers here in the U.S. and what you can do about it.

American networks are under attack

You might think your house is of no particular value to Chinese hackers. While that might be true, it isn’t always about what’s on the network but more about what it connects to. According to joint research from the FBI, NSA and the Cybersecurity and Infrastructure Security Agency (CISA), Chinese hackers have been poking around U.S communication networks for over two years.

This includes home Wi-Fi routers, telephone networks and online storage. The goal isn’t to hack into these devices but to use them as part of a massive network of compromised infrastructure. Hackers can then use the combined power to launch attacks on critical and military targets, steal login credentials or hijack banking information.

According to the research paper, the People’s Republic of China has been exploiting “a wide variety of targets worldwide, including public and private sector organizations” since 2020. The majority of the targets are in the U.S.

What you can do about it

In its report, the U.S. cybersecurity agency says Chinese hackers exploit known and unpatched vulnerabilities, tunneling their way through the network to collect and redirect traffic.

Hacking is complex, but there is one crucial thing you can…

Source…

Breaking down the Strengthening American Cybersecurity Act

/in


The Cyber Incident Reporting Act, which was signed into law on March 15, is federal legislation aimed at bolstering the ability to prevent and more rapidly respond to cybersecurity attacks. While it won’t take effect until final rules are determined, it’s one of three parts of the Strengthening American Cybersecurity Act that is aimed at bolstering the cybersecurity of critical infrastructure and the federal government. The need for such an act has become intensified by the situation in Eastern Europe, as cyber warfare has proven to be a key and effective attack tactic for Russian nation-states.

Under the Cyber Incident Reporting Act specifically, critical infrastructure operators and federal agencies are required to report cyberattacks to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours, and ransomware payments within 24 hours.

The overarching Strengthening American Cybersecurity Act will update current federal government cybersecurity laws to improve coordination between federal agencies, ensure the government takes a risk-based approach to cybersecurity, and require all civilian agencies to report all cyberattacks to CISA.

Overall, the act demonstrates increased recognition of the need for better policy in place to prevent attacks on a larger scale, and highlights the impact the US government can have on cybersecurity efforts within organizations.

But to truly understand the magnitude of the act’s potential impact, we must first gain insight into the current threat environment, while acknowledging the legislation’s benefits and limitations. Let’s explore.

Cyber Threats Show No Signs of Slowing Down
The recent cyber threats against Ukraine have signaled the need for heightened protection measures, while also demonstrating the large-scale consequences of a cybersecurity attack on an entire country. For example, several Ukrainian government and bank websites were recently offline as a result of a massive distributed denial-of-service (DDoS) attack.

Shortly following these attacks, a new “wiper” malware targeting Ukrainian organizations was discovered on hundreds of machines. These security incidents are suspected to be carried…

Source…

American Dental Association hit in ‘cybersecurity incident’ • The Register

/in


In brief The Black Basta crime gang has claimed it infected the American Dental Association with ransomware.

While the professional association confirmed to The Register it was the victim of a “cybersecurity incident” that occurred on or around April 21, it did not disclose the nature of the attack.

As of Friday last week, the organization “is currently executing an ongoing, active and vigorous investigation into the nature and scope of the technical difficulties in cooperation with federal authorities,” we’re told. “The ADA recognizes unsubstantiated reports are being circulated by organizations with no connection to this investigation.”

In an earlier email sent to a member and shared with The Register, the ADA said the attack disrupted some of its email, phone, and chat systems. We note that the ADA’s website suggests people contact a gmail.com address if they have any queries, indicating the extent of the cyber-assault.

The association also notified federal law enforcement and hired third-party security specialists “to investigate the impact on ADA systems and restore full system functionality,” the email said. “At this time, there is no indication any member information or other data has been compromised, however our investigation is still underway.” 

The Malware Hunter Team tweeted that Black Basta, a new ransomware gang, was behind the attack, and showed a screenshot in which the crooks claimed to have leaked 30 percent of the data stolen in the attack. 

The same group of miscreants also claimed responsibility for a blow against German wind turbine company Deutsche Windtechnik, which was hit by a cyberattack in April. That biz hasn’t said if that was a ransomware attack.

Because of the crime gang’s emergence, and its preference for double-extortion ransomware techniques, some security researchers have suggested this could…

Source…

United, American, Southwest Airlines and Others Say Masks No Longer Required – NBC Chicago

/in


Monday, U.S. District Judge Kathryn Kimball Mizelle voided the Centers for Disease Control and Prevention’s current national mask mandate on airplanes and mass public transit.

The 59-page ruling from the Florida judge said the CDC failed to justify its decision and did not follow proper rulemaking procedures that left it fatally flawed.

The CDC had recently extended a federal mask mandate on public transit and in public transportation hubs until May 3, to allow more time to study the BA.2 omicron subvariant of the coronavirus now responsible for the vast majority of cases in the U.S.

Regarding the ruling, a White House administration official on Monday said, “The agencies are reviewing the decision and assessing potential next steps. In the meantime, today’s court decision means CDC’s public transportation masking order is not in effect at this time.

Therefore, TSA will not enforce its Security Directives and Emergency Amendment requiring mask use on public transportation and transportation hubs at this time.”

Based on that ruling, here’s a look at which major U.S. airlines are lifting their mask mandates for domestic flights.

American Airlines: Masks No Longer Required

“In accordance with the Transportation Security Administration no longer enforcing the federal face mask mandate,” American Airlines said in a statement Monday. “Face masks will no longer be required for our customers and team members at U.S. airports and on domestic flights. Please note face masks may still be required based on local ordinances, or when traveling to/from certain international locations based on country requirements.”

Alaska Airlines: Masks No Longer Required

“Face masks have been like boarding passes for nearly two years — you couldn’t fly without one,” Alaska Airlines said in a statement. “But, as of today, masks are optional in airports and onboard aircraft, effective immediately.” 

“Due to a judicial decision in our federal court system, the mask mandate has been overturned, which means our guests and employees have the option to wear a mask while traveling in the U.S. and at work.”

Delta: Masks No Longer Required

“Following the ruling of a…

Source…