Posts

Biden’s response to China hack seen as tepid due to US economic ties with Beijing | Washington Examiner

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


When the White House announced President Joe Biden rallied American allies to condemn China’s state-sponsored hacking, many in Washington were perplexed as he bypassed more punitive measures.

China’s Ministry of State Security, which U.S. intelligence officials accused of cyber spying and hacking for profit, was behind multiple “zero-day” exploits that breached the Microsoft Exchange Server, prompting Biden’s response. The attacks take advantage of security holes in widely used software, such as the Microsoft Exchange email service, and can operate undetected until the hole is patched.

WHITE HOUSE DEFENDS BIDEN’S ‘COORDINATED’ RESPONSE TO CHINESE GOVERNMENT-SPONSORED HACKERS

Asked this week why Biden seemed to hold off on a stronger condemnation of China, White House press secretary Jen Psaki said, “That was not the intention he was trying to project.”

The effort to coordinate multilateral partners from the United Kingdom, Australia, Canada, New Zealand, Japan, and NATO “was under [Biden’s] direction,” Psaki said. “He continues to feel its important to lead from a position of strength in close coordination with our partners and allies around the world, and he takes the malicious cyber activity — whether it’s from Russia or China, whomever the actors may be — quite seriously.”

She said economic ties with China wouldn’t stop further U.S. retaliation if deemed necessary.

Dmitri Alperovitch, who leads the Silverado Policy Accelerator, a Washington, D.C.-based cybersecurity think tank, questioned Biden’s inconsistent response in a blog post in light of a forceful retaliation to the SolarWinds breach that U.S. intelligence linked to Russia earlier this year.

“Having drawn a red line in the case of the SolarWinds breach … the United States ought to calibrate its responses to subsequent attacks relative to that line,” he wrote. “By every conceivable technical standard, the Exchange hacks were the more damaging and more reckless of the two actions. For the sake of both strategic and normative consistency, the administration should be prepared to impose more serious consequences.”

It is hard to say why the Biden administration has refrained from using…

Source…

Biden’s Cybersecurity Team Gets Crowded at the Top

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


(Disclosure: I have worked with nearly everyone mentioned in this article at the Aspen Institute, where most were engaged in the public-private Aspen Cybersecurity Group. I also coauthored a 2018 book on the US government’s approach to cybersecurity with John Carlin.)

With the exception of the Justice Department’s team, the key cyber players share a special background as veterans of Fort Meade, the base of the National Security Agency and US Cyber Command. Beyond Nakasone, Inglis spent nearly 30 years with the civilian side of the NSA, rising to be its deputy director. Before her appointment earlier this year, Neuberger founded and led the NSA’s Cybersecurity Directorate and previously served as its chief risk officer, carving out a unique public voice for an agency not normally known for its public engagement. Easterly, who worked in the NSA’s elite hacking team known as the Tailored Access Operations, in 2009 helped design, along with Nakasone and others, what later became US Cyber Command.

That shared NSA DNA is a belated admission, of sorts, of how long cybersecurity took a back seat in the government’s wider bureaucracy. When the Biden administration went looking post-election for senior, respected leaders who had worked and thought about these issues for years, it really only had one talent pool to draw from.

The NSA and Cyber Command, for its part, moved rapidly during the Trump administration to regularize more aggressive offensive cyber operations. Nakasone, as WIRED reported last fall, has carried out more offensive operations online in his nearly three years heading the dual-hat arrangement than the US government had ever done prior to his tenure—combined. In recent months, US Cyber Command has begun to focus its attention not just on nation-state adversaries but also on transnational organized crime, which US officials increasingly point to as having risen to a scale and sophistication that equals the threat from established online adversaries like Iran and China.

The Biden White House, though, is still very much sorting out its own approach to cyber issues, from Chinese tech companies to ransomware. While Inglis, Neuberger, Monaco, Easterly, and Nakasone are…

Source…

Russia fails to deny takedown of ReVil hacking group is connected to Biden’s pressure on Putin

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The Kremlin has failed to deny that the takedown of Russian-based hacking group ReVil is tied to US President Joe Biden’s pressure on Russian President Vladimir Putin.

Press secretary of the President of the Russian Federation Dmitry Peskov said Wednesday the state doesn’t have any information about REvil’s sudden disappearance from the internet and insisted Russia wants to ‘cooperate’ with the US in taking down cybercriminals.

REvil’s dark web data-leak site and ransom-negotiating portals have both been unreachable since about 1am on Tuesday. 

The timing of the takedown raised eyebrows coming just days after Biden demanded Putin took action following a series of devastating ransomware attacks by the Russia-based group on US businesses.

REvil, also known as ‘Ransomware evil’, was responsible for the Memorial Day ransomware attack on the meat processor JBS and the supply-chain attack this month targeting the Miami-based software company Kaseya that crippled well over 1,000 businesses globally.   

The Kremlin has failed to deny that the takedown of the websites used by Russian-based hacking group ReVil is tied to US President Joe Biden's pressure on Russian President Vladimir Putin. Biden and Putin pictured meeting at the Geneva Summit on June 16

The Kremlin has failed to deny that the takedown of the websites used by Russian-based hacking group ReVil is tied to US President Joe Biden’s pressure on Russian President Vladimir Putin. Biden and Putin pictured meeting at the Geneva Summit on June 16 

When asked Wednesday by reporters if Russia was behind REvil’s takedown from the darknet, Peskov denied having any knowledge of what had happened.  

‘I cannot answer your question, because I do not have such information. I do not know which group, where it disappeared from,’ he said, according to Russian News Agency TASS.

He said Russia believes cybercriminals ‘should be punished’ but doubled down that he was not aware if the ransomware gang had been deliberately been targeted by authorities.  

‘We believe that [cybercriminals] should be punished,’ he said. 

‘On the international level, we believe that we should all cooperate. In this case, Russia and the United States should cooperate in order to suppress such manifestations. 

‘As for the particulars about this group, I, unfortunately, with such information I don’t have it, ‘he added.

Peskov said the US and Russia had begun talks on how to work together to tackle cyber crime.

Source…

Biden’s infrastructure plan wouldn’t protect the Colonial Pipeline from another attack

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360






© Provided by NBC News


Colonial Pipeline, the United States’ largest purveyor of refined fuel, including gasoline, diesel and jet fuel, recently had a bad day. Late last Friday, the company’s information technology systems fell victim to ransomware. The company quickly shut down its operations as a precautionary measure to contain the attack and prevent long-term damage to its physical systems. As of Tuesday afternoon, the pipeline was still largely offline, though Colonial hopes to restore operations by the end of the week.

Loading...

Load Error

The attack on Colonial Pipeline is one data point in an overall trend of increased attacks from ransomware, malicious software that prevents victims from accessing their data and requires a ransom payment in order to restore their systems. The consequences can range from the economically costly to the downright dire: Businesses get locked out of their computer systems for several hours or days at a time, halting operations, disrupting supply chains and significantly harming consumer trust.

In 2020 alone, nearly 2,400 state and local governments, health care facilities and schools were victims of ransomware attacks. Additionally, the victims of these attacks paid a total of $350 million in ransom, marking a 300-plus-percent increase from the previous year.

And ransomware is just one kind of cyberthreat posed to infrastructure — one of the country’s most prevalent national security risks and one that should be at the top of priority lists for infrastructure needs. Given the severity of the danger, it was disappointing to see that the Biden administration’s current infrastructure plan falls woefully short in terms of actually securing the infrastructure it proposes to build, a failing that has raised eyebrows.

The Colonial Pipeline attack “is a play that will be run again, and we’re not adequately prepared” warned Sen. Ben Sasse, R-Neb. “If Congress is serious about an infrastructure package, at front and center should be the hardening of these critical sectors — rather than progressive wish lists masquerading as infrastructure.”

America’s critical infrastructure as traditionally defined and historically…

Source…