Tag: capabilities

DOD Annual Report Details China’s Growing Cyber Capabilities

November 9, 2023/in Internet Security

The report says Beijing is looking to create a “highly informatized force capable of dominating all networks.”

South China Sea, Feb. 11, 2023. Photo credit: DVIDS / Seaman Carson Croom

A recently released report on the People’s Republic of China lays out an array of military and security developments, drawing attention to the increasing pressure campaign against Taiwan and the continued advancement of the country’s cyber capabilities.

The annual unclassified report to Congress details the current and probable future course of the People’s Liberation Army, Chinese military and security strategy and organizations supporting military goals and developments for the next 20 years.

As Beijing is growing its military arsenal, it is also expanding and investing in its cyber capabilities as it moves toward a “highly informatized force capable of dominating all networks and expanding the country’s security and development interests.”

“The PRC has publicly identified cyberspace as a critical domain for national security and declared its intent to expedite the development of its cyber forces,” the report states.

The threat landscape is becoming increasingly complex and widespread, the report reads, as China’s focus is expanding beyond cyber espionage on other governments and private companies. It is diversifying its focus toward the U.S. defense sector, key critical infrastructure sectors and influence operations campaigns.

“The PRC seeks to create disruptive and destructive effects – from denial-of-service attacks to physical disruptions of critical infrastructure – to shape decision-making and disrupt military operations beginning in the initial stages and throughout a conflict. The PRC can launch cyberspace attacks that, at a minimum, can cause localized, temporary disruptions to critical infrastructure within the United States, and the PRC believes these capabilities are even more effective against military superior adversaries that depend on information technologies,” the report reads.

“As a result, the PRC is advancing its cyberspace attack capabilities and has the ability to launch cyberspace attacks – such as disruption of natural gas pipelines for days to…

Source…

In Cyberattacks, Iran Shows Signs of Improved Hacking Capabilities

October 31, 2023/in Computer Security

Iranian hackers are waging a sophisticated espionage campaign targeting the country’s rivals across the Middle East and attacking key defense and intelligence agencies, according to a leading Israeli-American cybersecurity company, a sign of how Iran’s quickly improving cyberattacks have become a new, important prong in a shadow war.

Over the past year, the hackers struck at countries including Israel, Saudi Arabia and Jordan in a monthslong campaign linked to Iran’s Ministry of Intelligence and Security, according to a new report by the company, Check Point.

The Iranian hackers appeared to gain access to emails from an array of targets, including government staff members, militaries, telecommunications companies and financial organizations, the report said.

The malware used to infiltrate the computers also appeared to map out the networks the hackers had broken into, providing Iran with a blueprint of foreign cyberinfrastructure that could prove helpful for planning and executing future attacks.

“The primary purpose of this operation is espionage,” security experts at Check Point wrote in the report, adding that the approach was “notably more sophisticated compared to previous activities” that Check Point had linked to Iran.

Iran’s mission to the United Nations did not respond to an inquiry on Monday about the hack. But Iran’s minister of defense, Brig. Gen. Mohammad Reza Ashtiani, said last week in a speech to his country’s defense officials that given the current complex security situation in the Middle East, Iran had to redefine its national defenses beyond its geographic borders.

He said that meant utilizing new warfare strategies to defend Iran, including the use of space, cyberspace and other ways. “Our enemies know that if they make one mistake, the Islamic Republic of Iran will respond with force,” General Ashtiani said, according to Iranian media.

Although the report did not specify what, if any, data Iran had taken, Check Point said the hacking campaign successfully broke into computers associated with the Saudi Arabian ministry of defense, and agencies, banks and telecom firms in several other Middle Eastern countries including Jordan, Kuwait and…

Source…

Hacking Capabilities of Iranian Dissidents Adds to Tehran’s Woes

October 2, 2023/in Internet Security

Just over a year ago, the Islamic Republic of Iran experienced one of its most serious cybersecurity breaches, resulting in the temporary inaccessibility of several government websites and the disruption of power grids, surveillance cameras, and other digital infrastructure. Contrary to what one might have expected, the attacks came not from any of Tehran’s foreign adversaries but rather from a group of anti-government hacktivists known collectively as Gyamsarnegouni, or “Uprising Until Overthrow.”

Cybersecurity researchers discerned the domestic origins of the hack mainly based upon the fact that the operation also saw the release of vast quantities of government documents detailing personnel and financial records, secret strategic communications by regime authorities The leak involved such a tremendous amount of data that it likely would have been impossible to access remotely from outside the Islamic Republic, partly because Iranian internet access is notably slow, with frequent outages, and partially because the systems targeted by the underlying hack were effectively cut off from the global internet.

Our research pointed out that that not only that individuals inside the Islamic Republic carried out the attacks but also that they almost certainly required the participation of figures inside the regime itself, who would have had direct access to the systems in question.

It would be difficult to overstate the damage these attacks have done to Iran’s ruling system by opposition hacktivists alongside finely-honed modern cyber espionage and digital sabotage tools. The damage should be evident from the scale and diversity of Iranian hacktivists’ achievements in recent years, especially in the immediate aftermath of the killing of Mahsa Amini by morality police in September 2022, which sparked an immediate, nationwide uprising that many have called the clerical regime’s greatest challenge in all of its 44 years.

An attack on the Islamic Republic of Iran Broadcasting penetrated highly secure networks, typically isolated from the internet, and allowed hackers to briefly broadcast opposition messaging on state media, including some of the uprising’s defining slogans, like…

Source…

OODA Loop – North Korean Hackers Caught Using Malware With Microphone Wiretapping Capabilities

June 23, 2023/in Computer Security

Read more: https://www.securityweek.com/north-korean-hackers-caught-malware-with-microphone-wiretapping-capabilities/Cybersecurity firm AhnLab has reported that a hacking group, identified as APT37 and linked to the North Korean government, has been using new wiretapping malware in recent surveillance attacks. The group employed a Go-based backdoor exploiting the Ably messaging platform, as well as an information stealer with microphone wiretapping capabilities. Spear phishing emails delivering a password-protected document and a disguised CHM payload were used to lure victims into executing the malicious script. The malware exfiltrates files, takes screenshots, steals data from removable devices, logs keystrokes, and conducts unauthorized wiretapping. APT37 has targeted North Korean defectors, human rights activists, journalists, and policymakers for surveillance purposes.

Source…

Tag Archive for: capabilities