Tag Archive for: attempts

US attempts to break into China’s 360 internet security firm but fails: company founder

/in


Photo: headquarter of NSA in Maryland

Photo: headquarter of NSA in Maryland

CIA Used Criminal Probe of US Airline for 'Torture Flights' - Commission Photo:AP/CAROLYN KASTER

CIA Used Criminal Probe of US Airline for ‘Torture Flights’ – Commission Photo:AP/CAROLYN KASTER

Just because US intelligence agencies’ decade-long cyberattacks against China were exposed to the public, the US had attempted to break into Chinese internet security companies but it failed to penetrate the defenses of Beijing-based security company 360, Zhou Hongyi, founder of the company, revealed.

Zhou made the remark in a recent talk with founder and chairman of New Oriental Education and Technology Group Yu Minhong in a livestreaming program. 

“The biggest achievement [for 360] in these past two years was the discovery of two prominent intelligence agencies of a superpower — CIA [the Central Intelligence Agency]  and NSA [the National Security Agency] — having carried out infiltration attacks on China for 8-10 years,” Zhou said in the program. “Presumably in retaliation, the country chose to hack all the Chinese cybersecurity companies, and 360 was the only targeted company where the hacking failed.”

In a separate interview with the Global Times on Tuesday, Zhou said cyberattacks from the US against China’s key departments have been secretly ongoing for nearly 10 years until they were discoveredand revealed to the public. 

Cyberattacks occur all the time and cause havoc everywhere they reach, such as water and power in cities being cut off and businesses being extorted, as well as economic losses incurred. What 360 does is to expose these attacks and destroy them one by one, Zhou said. 

He claimed that about 99 percent of national-level attacks against China were discovered by 360. So far, about 50 national-level advanced persistent threat (APT) attacks were detected.

The cyberattacks from the CIA and NSA on China detected by 360 were exclusively released on the Global Times in March 2020 and March 2022.

The firm told the Global Times that using cyberspace weapons, a hacking organization affiliated with the CIA has been attacking Chinese organs for over a decade, including organs involving aerospace sector, scientific research institutions, internet companies, oil industry and government agencies.

For a long time, in order to achieve the…

Source…

NSA: Sanctions on Russia Having a Positive Effect on Ransomware Attacks, Attempts Down Due to Difficulty Collecting Ransom Payments

/in


National Security Agency (NSA) director of cybersecurity Rob Joyce told attendees of a recent UK security conference that ransomware attacks are down in roughly the last two months, and that trend can be traced directly to sanctions placed on Russia. Criminals that operate out of the country are struggling to find ways to cash out ransom payments and set up infrastructure, due in large part to sanctions attached to the invasion of Ukraine.

NSA director sees downward trend in ransomware attacks due to recent sanctions

The NSA cyber security director told the National Cyber Security Centre’s (NCSC) Cyber UK event in Wales that criminal attempts on government agencies and critical infrastructure had made ransomware attacks a national security priority, and that most of the serious players in this particular segment of the criminal underworld are based in Russia. New sanctions against entities in Russia are thus having a dampening effect on ransomware attacks, as the criminals lose options for doing business with the outside world.

Joyce said that this was likely not the only factor for the reduction in ransomware attacks, but was a significant contributor. Ransom payments are more difficult to process due to lack of access to assorted banking options, and inability to purchase necessary technology to set up the infrastructure for new ransomware campaigns.

Whether or not to formally ban ransomware payments has been a hot topic across the world for several years now, ever since ransomware attacks made a major resurgence. After a lull in the mid-2010s, ransomware roared back in 2017-2018 roughly concurrent with the massive rise in value of cryptocurrencies. Even larger spikes have occurred since the beginning of the Covid-19 pandemic, as both home and work internet traffic greatly increased. While there is some case to be made for cutting these attacks off at the source by banning ransom payments, an argument supported by this recent NSA announcement, many organizations feel that they have no option but to make a payment when they are unexpectedly caught by a breach. This is particularly true for companies that cannot afford even a small amount of downtime, such as health care…

Source…

Facebook parent Meta says Russians targeting Ukrainians with misinformation and hacking attempts on Facebook

/in


Facebook parent company Meta said Sunday night that it has taken down a coordinated Russian influence operation that was targeting Ukrainians across Facebook and Instagram. The company said the misinformation campaign has ties to another Russian network in the Donbas region that was previously banned from Facebook in April 2020. 

In addition to the influence operation, Meta said it also took down a coordinated hacking group attempting to target and compromise accounts within Ukraine.  

“We took this operation down, we’ve blocked their domains from being shared on our platform, and we’ve shared information about the operations with other tech platforms with researchers and with governments,” David Agranovich, director of threat disruption for Meta, told reporters.

Agranovich said the coordinated campaign used fake accounts to target high-profile Ukrainians including journalists, members of the military and public thinkers. Those behind the campaign operated fictitious personas and were also active on YouTube, Twitter, Telegram, and two Russian social media sites “to appear more authentic” and “avoid scrutiny,” Agranovich said.

The operation also ran a handful of websites, Meta said, which would publish claims about the West betraying Ukraine and Ukraine being a failed state. Agranovich said the content created by the influence operators was “primarily off of our platform.”

“The idea was they would write an article, posting that article onto their website as if they were a reporter or a commentator and then the accounts were really just designed to post links to their own websites and direct people off platform,” Agranovich said. 

While Meta described the influence operation as a “relatively small network” consisting of approximately 40 accounts, pages, and groups across Facebook — with fewer than 4,000 followers on Facebook and not even 500 on Instagram — the company would not say how many users interacted with the misinformation or how many times the posts were shared with others. 

“What we’ve generally found is that the best proxy for the size of these operations ends up being the number of people who follow them,” Agranovich said. “In general, what we saw here…

Source…

DDoS Attempts Hit Russia as Ukraine Conflict Intensifies

/in


When Russian president Vladimir Putin launched an unprovoked war against Ukraine this week, he did so with a warning that any interference from the West would be met with a response “never seen” in history. The implied nuclear threat has little if any precedent over the last several decades, and while the Kremlin is far more likely to unleash cyberattacks, it was a chilling indication of how far Putin may be willing to escalate.

Russia’s notorious Sandworm hackers, meanwhile, did not sit idly by when researchers exposed their VPNFilter malware in 2018. Intelligence agencies in the US and UK this week detailed Cyclops Blink, a hacking tool that Sandworm developed soon after VPNFilter was no longer useful. Cyclops Blink targets network devices, conscripting them into a botnet and exposing them to further infection. While UK officials said that the revelation was not directly related to the situation in Ukraine, it did come at a time of increasingly serious cyberattacks against the country.

We also took a look inside Intel’s iStare lab, where the company’s researchers work to hack chips in an effort to head off the next Spectre and Meltdown or Rowhammer attack. And we talked to security researchers who figured out how to eavesdrop on any room that has a shiny object in it within view.

If you’re looking to lock down your Chrome browsing experience, you might want to give Enhanced Safe Browsing a try; we talked you through how to set it up. And we picked the best personal safety devices, apps, and alarms for when you need a little extra protection in the real world as well.

And there’s more! We’ve rounded up all the news here that we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.

Leading up to and in the early days of Russia’s invasion of Ukraine, the Kremlin’s cyberspace strategy has included a combination of denial-of-service attacks and data wipers. This week saw several efforts to DDoS Russia in return, with mixed results. Russian government, military, and bank websites have all been hit with traffic tsunamis, though for the most part they appear to be holding steady. Mil.ru, the country’s…

Source…