Tag Archive for: authority

2,430 hacking crimes investigated; 7,092 suspects arrested since 2022, effectively safeguarding cybersecurity: public security authority

/in


hacker Photo: VCG

Photo: VCG

Since 2022, public security organs across China have investigated 2,430 hacking crimes and arrested 7,092 suspects, effectively cutting off the chain of hacking crimes, protecting network and data security, and safeguarding the normal order of cyberspace, the Ministry of Public Security announced on Thursday at a press conference.

The authority noted that according to its latest statistics, the number of hacking cases in China has been increasing for three consecutive years, with an average annual growth rate of 27.7 percent. The ministry also noted that the average age of hackers has been decreasing year by year, and there have even been cases of elementary school students proficiently using hacker tools.

The rise in hacking crimes has become increasingly prominent in recent years. During the press conference in Beijing, Shi You, the deputy director of the Bureau of Network Security Protection of the ministry, introduced that hacking crimes mainly involve illegal intrusion into computer information systems, unauthorized access to computer data, illegal control of computer information systems, providing programs and tools for illegal intrusion and control of computer information systems, as well as the destruction of computer information systems.

The ministry released 10 typical cases of hacker crimes, as part of the efforts and significant achievements by the authority during the nationwide campaign called “Clean up the Internet.”

In one typical hacking case, the Panzhihua public security bureau in Southwest China’s Sichuan Province successfully handled in January a case of making profit through illegal remote manipulation of older mobile phones, with the whole chain making illegal profits of more than 100 million yuan ($14.02 million).

The local public security authority in September 2022 uncovered multiple cases of automatic ordering of value-added services on older phones, resulting in monthly deductions of 1 to 10 yuan ($1.4) for related value-added services, indicating that the phones were remotely controlled.

After investigation, it was found that the suspects surnamed Chen and Gao colluded with vendors and manufacturers of older phones to implant Trojan programs…

Source…

Iranian Hacking Group Attacks Pennsylvania Water Authority

/in


CISA Investigating Iranian Hacking Group Attack on Pennsylvania Water Authority

Chris Riotta (@chrisriotta) •
November 28, 2023    

Iranian Hacking Group Attacks Pennsylvania Water Authority
Iranian threat actors launched a cyberattack against the Municipal Water Authority of Aliquippa. (Image: MWAA)

The U.S. Cybersecurity and Infrastructure Security Agency is investigating a cyberattack from an Iranian hacking group known as “Cyber Av3ngers” that targeted a small municipal water authority in Pennsylvania over its use of Israeli-owned software, according to officials.

See Also: Live Webinar | Generative AI: Myths, Realities and Practical Use Cases

The Municipal Water Authority of Aliquippa confirmed it had been the subject of a breach Saturday that shut down a supply pump providing drinking water to multiple municipalities, including a town in the Pittsburgh metropolitan area with nearly 3,000 residents, according to U.S. Census data.


The water authority uses pressure-monitoring equipment developed by the Israeli technology company Unitronics. When the attack occurred, a small Unitronics device in the Pennsylvania facility flashed a bright red message that read: “You have been hacked. Down with Israel. Every equipment ‘made in Israel’ is Cyber Av3ngers legal target.”


The intrusion triggered alerts to the U.S. Department of Homeland Security and sent on-call municipal workers scrambling during the holiday weekend to shut down automated systems and conduct manual operations.


Robert Bible, a Pittsburgh-area water authority official, told media outlets that local water service was not disrupted and water quality remained unaffected from the incident.

The attack is one of a handful of known cyberattacks on American water systems. The Biden administration earlier this year attempted to use existing regulatory authorities to force water systems into evaluating their cybersecurity risk, but it backed off in the face of a court ruling staying the…

Source…

Vatican urged to create “Cyber Security Authority”

/in


A group of Catholic computer experts, two whose services are employed by the Roman Curia, are calling for the creation of  a “Vatican Cyber Security Authority”. The proposal, which was made at the end of May in an article published on the LinkedIn social network, comes at a time when the Holy See has experienced an increasing number of cyber attacks. 

The authors of the article – Professors Chuck Brooks and Alessio Pecorario of Georgetown University in Washington, IT specialist Andreas Iacovou, and lawyer Yuriy Tykhovlis – aim to draw attention to two points. Firstly, the Vatican can no longer wait to take action on its own against the threats it is facing. Secondly, the Catholic Church should participate in the global reflection on the subject.

The authors say the “Catholic world” itself is in fact exposed to major threats. In particular, they say the Church runs the risk of having its “online donations” hacked. And they say Catholic healthcare facilities are prime targets from hackers who cease data in return for a ransom. Furthermore, they say the Holy See as a state-like entity is a target of “interference in diplomatic activities”.

“Weaknesses in the Vatican’s digital infrastructure”

In the face of these threats, a “Vatican cyber authority” could thus develop “policies and procedures to protect the Vatican’s digital assets, including its networks, servers, and databases”, as well as “identify potential cyber threats and weaknesses in the Vatican’s digital infrastructure” and provide internal training in the matter.

To be effective, the researchers recommend, this new Vatican authority should “be staffed by experienced cyber security professionals with expertise in a wide range of areas, including network security, incident response, and digital forensics”.

This group of experts, of which there is no equivalent in the Vatican today, should also “share information about cyber threats” with authorities in other governments, and contribute to global thinking on the subject.

“The Holy See is entitled to propose, discuss, negotiate, and promote a new normative paradigm on the governance of new technologies,” write the authors of the article,…

Source…

Los Angeles Housing Authority Hit by Ransomware Attack

/in


LA Housing Authority building at 2600 Wilshire Blvd. Los Angeles (Google Maps, Illustration by Priyanka Modi for The Real Deal with Getty)

LA Housing Authority building at 2600 Wilshire Blvd. Los Angeles (Google Maps, Illustration by Priyanka Modi for The Real Deal with Getty)

A ransomware gang is threatening to publish a large volume of data it stole from the Housing Authority of the City of Los Angeles unless a ransom is paid, the Los Angeles Times reported.

Last week, LockBit stole 15 terabytes of data from the housing authority, which provides housing and runs the federal voucher programs for 83,000 low-income families in the city, TechCrunch reported. The ransomware group threatened to release the information on Thursday if its demands were not met.

The data, according to the Times, ranged in terms of its sensitivity, from a holiday video to payroll, audit information and taxes.

HACLA said in a statement last Monday that it was assessing the damage tied to a “cyber event.”

“We are working diligently with third-party specialists to investigate the source of this disruption, confirm its impact on our systems, and to restore full functionality securely to our environment as soon as possible,” the statement said, according to the Los Angeles Times. “We remain committed to providing quality work as we continue to resolve this issue.

It’s the second recent cyber attack on a Los Angeles public agency to have been attacked recently. The Los Angeles Unified School District was targeted in September by the ransomware group Vice Society, which published stores of data, including Social Security numbers, health information and students’ psychological assessments, when the district refused to pay.

The attack on the housing authority comes at a particularly difficult time for a housing authority that is among the largest in the nation.

In October, after opening its Section 8 waitlist for the first time in five years, the housing received 223,400 applications for low-income housing, the LAist reported.

LockBit recently apologized for an attack on Canada’s largest children’s hospital, placing blame on an affiliate group.

— Ted Glanzer

Source…