Tag Archive for: Biden

Microsoft says it was hit by Chinese hackers, but Biden administration won’t point finger | Washington Examiner

/in


Microsoft and cybersecurity experts believe the massive hack against the Microsoft Exchange Server this year was conducted by a Chinese hacker group, but the Biden administration has yet to point the finger.

President Joe Biden signed a cybersecurity executive order earlier this month, naming three recent prominent cyberattacks — SolarWinds, Colonial Pipeline, and Microsoft — with a White House fact sheet saying those “recent cybersecurity incidents … are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.” The United States has said Russian intelligence is behind the SolarWinds hack and that a Russian hacker gang is behind the Colonial Pipeline attack, but it has not publicly attributed the Microsoft hack to anyone.

The tech giant announced in March that it had detected “multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks” in March and said its Threat Intelligence Center attributed the cybercampaign with “high confidence” to a hacker group dubbed “Hafnium,” which “operates primarily from leased virtual private servers in the United States.” Microsoft said the hacker group was “state-sponsored” and operating out of China. Microsoft said the hackers had used vulnerabilities to access email accounts and install additional malware “to facilitate long-term access to victim environments.”

The Microsoft Exchange Server handles the company’s email, calendar, scheduling, contact, and collaboration services.

Tom Burt, the corporate vice president of customer security and trust at Microsoft, wrote in March that “Hafnium operates from China, and this is the first time we’re discussing its activity.” He called the Chinese hacker group “a highly skilled and sophisticated actor” that “primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs.”

Jake Sullivan, Biden’s…

Source…

Joe Biden signs executive order to beef up federal cyber defenses following pipeline hack

/in


RICHMOND, Va. — President Joe Biden signed an executive order Wednesday meant to strengthen U.S. cybersecurity defenses in response to a series of headline-grabbing hacking incidents that highlight how vulnerable the country’s public and private sectors are to high-tech spies and criminals operating from half a world away.

The order will require all federal agencies to use basic cybersecurity measures, like multi-factor authentication, and require new security standards for software makers that contract with the federal government.

Officials are hoping to leverage the federal government’s massive spending power to make widely used software safer for the private sector as well.

“The federal government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life,” Biden said in his executive order.

His actions come as the administration has been grappling with its response to a massive breach by Russia of federal agencies and ransomware attacks on private corporations.

Biden’s executive order was announced shortly after the nation’s largest fuel pipeline restarted operations Wednesday, days after it was forced to shut down by a gang of hackers. The disruption of Colonial Pipeline caused long lines at gas stations in the Southeast.

And the U.S. sanctioned the Kremlin last month for a hack of several federal government agencies, known as the SolarWinds breach, that officials have linked to a Russian intelligence unit and characterized as an intelligence-gathering operation. The AP previously reported that Russian hackers gained access to an email account belonging to the Trump administration’s acting homeland security secretary, Chad Wolf.

“The United States is simply not prepared to fend off state-sponsored or even criminal hackers intent on compromising our systems for profit or espionage,” Sen. Mark Warner, the Virginia Democrat who leads the Senate Intelligence Committee, said in a statement.

Warner praised the executive order but said Congress needs to do more to address the country’s vulnerabilities in cyberspace.

The order also creates a pilot program to develop a rating system, similar to how New York City…

Source…

Biden to step up cybersecurity after hackers hit vital oil pipeline

/in


The Biden administration is to step up cybersecurity measures after a ransomware attack crippled the biggest oil pipeline on the American east coast.

n executive order is expected within weeks, instructing federal agencies and contractors to plug security gaps that have left them vulnerable to a wave of cyber attacks in recent months.

The latest assault, on the 5,500-mile Colonial Pipeline which provides nearly half the fuel used on the east coast, is thought to have been carried out by DarkSide, a cybercriminal group believed to operate between Russia and Eastern Europe.

It wrought havoc on the company’s computer network, forcing the shutdown of the pipeline, which runs from Texas to New Jersey.

It is feared the attack, one of the most damaging ever reported, could cause a further spike in fuel prices in the US, which have already been increasing in recent months.

Colonial, which normally carries 2.5 million barrels a day, serves consumers…

Source…

Biden declares state of emergency over fuel cyber-attack – BBC News

/in


  1. Biden declares state of emergency over fuel cyber-attack  BBC News
  2. Cyber attack shuts major US pipeline system  Financial Times
  3. Colonial Pipeline cyber attack: Fuel, energy company halts operations  USA TODAY
  4. ‘Jugular’ of the U.S. fuel pipeline system shuts down after cyberattack  POLITICO
  5. US pipeline company halts operations after cyberattack  Greeley Tribune
  6. View Full Coverage on Google News

Source…