Tag Archive for: Bigger

Cyber thieves target local, county governments to launch bigger attacks

/in


Lindsay M. McCoy

When Webster Township in Washtenaw County was attacked by ransomware, officials had to create a new website, new emails and new anti-virus and ransomware software to resolve the problem.

It was one of 77 ransomware attacks in the United States last year that were confirmed by the cybersecurity company, Emsisoft.

To lessen such attacks, the federal government has included a new $1 billion cybersecurity grant program in the bipartisan infrastructure law passed last year. It allocates the bulk of the funding that states receive for their local governments, with 25% of the money earmarked for rural governments.

There were 77 ransomware attacks on local governments in the United States in 2021. In 2019, a ransomware attack affected about two dozen Texas communities.

Sgt. Matt McLalin, who investigates cyberattacks in the State Police’s cyber command center, said local and county governments make up a lot of the center’s victims.

“Every single week we are getting multiple reports of local governments who have been affected,” McLalin said. 

Brett Callow, a threat analyst from Emsisoft, said the discrepancy in data stems from not all attacks being reported to his New Zealand-based company or being labeled as “cyberattacks” rather than ransomware.

Source…

China’s Microsoft Hack May Have Had A Bigger Purpose Than Just Spying

/in


Steven Adair hunts hackers for a living. Back in January, in a corner-of-his-eye, peripheral kind of way, he thought he saw one in his customer’s networks — a shadowy presence downloading emails.

Adair is the founder of a cybersecurity company called Volexity, and he runs traps to corner intruders all the time. So he took a quick look at a server his client was using to run Microsoft Exchange and was stunned to “see requests that we’re not expecting,” he said. There were requests for access to specific email accounts, requests for confidential files.

He followed all this requested information to a virtual server off-site. “The hair is almost rising on my arms right now when I think about it,” Adair told NPR later. “This feeling of like, oh, crap this is not what should be going on.”

What Adair discovered was a massive hack into Microsoft Exchange — one of the most popular email software programs in the world. For nearly three months, intruders helped themselves to everything from emails to calendars to contacts. Then they went wild and launched a second wave of attacks to sweep Exchange data from tens of thousands of unsuspecting victims. They hit mom-and-pop shops, dentist offices, school districts, local governments — all in a brazen attempt to vacuum up information.

Both the White House and Microsoft have said unequivocally that Chinese government-backed hackers are to blame.

NPR’s months-long examination of the attack — based on interviews with dozens of players from company officials to cyber forensics experts to U.S. intelligence officials — found that stealing emails and intellectual property may only have been the beginning. Officials believe that the breach was in the service of something bigger: China’s artificial intelligence ambitions. The Beijing leadership aims to lead the world in a technology that allows computers to perform tasks that traditionally required human intelligence — such as finding patterns and recognizing speech or faces.

“There is a long-term project underway,” said Kiersten Todt, who was the executive director of the Obama administration’s bipartisan commission on cybersecurity and now runs the Cyber Readiness Institute….

Source…

Poly Network Gets Back The Stolen Funds In The Bigger Cryptocurrency Hack Ever

/in


Yesterday we looked into the biggest cryptocurrency hack that ever happened, today we talk about how the attackers decided to give back the money they have stolen during it.

Yes, you heard it right! The cybercriminals behind the Chinese Internet protocol Poly Network attack who have stolen approximately $600 million worth of cryptocurrency assets began to return it, as shared by the organization on Twitter.

So far, the hacker has reimbursed $256 million Binance Smart Chain (BSC) tokens, $3.3 million in Ethereum tokens, and $1 million in USD Coin (USDC) on the Polygon network, but decided to keep the rest of it for the negotiations with the cross-chain DeFi protocol.

In order to have back in its account all the assets that have been stolen, Poly still needs to receive the difference of $269 million on Ethereum and $84 million on Polygon.

Why Did the Attackers Return the Money to Poly Network?

It’s not the first time the hackers said they are willing to return the stolen assets, which made many believe that the attack may have been meant to show the Chinese company it needs better protection against cybercriminals, just like a white-hat hacker would do.

A white-hat hacker (a good hacker) is a computer security expert whose job is to breach secured networks in order to test their security.

On the other side, chief scientist at blockchain analytics firm Elliptic Tom Robinson thinks that giving back the stolen cryptocurrency shows that even if you can steal it, laundering and converting them might be an inconvenience “due to the transparency of the blockchain.”

It could also be the blockchain security company SlowMist announcement that they have identified the cybercriminal’s ID, email address, IP information, and device fingerprint.

The firm also stated that the hacker’s resources were initially in monero (XMR), but were swapped for BNB, ETH and MATIC, and other tokens that were used to sponsor the cyberattack.

Or maybe it was Poly Network’s message?

Poly Network cryptocurrency hack

Source

In an AMA (Ask Me Anything) session the attackers declared they have attacked the Poly Network platform for fun and because…

Source…

Cyber Daily: Security Chiefs See Bigger Paychecks Amid Rise in Hacking Threats

/in


Good morning. Corporate cyber chiefs’ salaries are growing amid an uptick in hacking threats and a dearth of experienced executives, WSJ Pro’s Catherine Stupp reports.

Also today: Biden’s new directive on cyber safeguards for critical infrastructure; more details on the TSA’s pipeline rules; a tool for shaming hackable websites; and cyber startups going gangbusters.

High Demand

Cha-ching: Demand for experienced cyber executives has pushed the average salary for chief information security officers to new heights.

CISOs in the U.S. earned a median salary of $509,000 this year, compared with $473,000 in 2020, according to a new survey of 354 CISOs, published Thursday by executive search firm

Heidrick & Struggles International Inc.

Total compensation, including equity grants and bonuses, rose to $936,000 from $784,000 in 2020.

High-profile ransomware attacks have caused corporate executives and boards to focus more on cybersecurity over the past year, said Omar Khawaja, CISO at Pittsburgh-based Highmark Health.

“There’s a very tangible and direct business disruption,” he said. “It’s hard to ignore.”

Read the full story.

More Cyber News

Biden urges critical infrastructure to beef up cyber safeguards. The White House directed federal agencies to develop voluntary security goals by September for companies that operate critical infrastructure, such as financial services or electric utilities. At least four successive administrations have pursued such a voluntary strategy for ensuring cyber readiness. But senior officials say the directive could be a precursor to the Biden administration issuing mandatory standards for such firms. (WSJ)

Read the full directive from the White House here.

TSA official details second pipeline security directive. The rules, which have not been publicly released, cover technical areas such as the separation of operational and information-technology systems, Administrator David Pekoske told the Senate Commerce Committee Tuesday. Mr. Pekoske said the directive would also require reviews of how…

Source…