Tag Archive for: Caused

Microsoft Exchange hack caused by China, US and allies say

/in


WASHINGTON (AP) — The Biden administration and Western allies formally blamed China on Monday for a massive hack of Microsoft Exchange email server software and asserted that criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyber operations.

The announcements, though not accompanied by sanctions against the Chinese government, were intended as a forceful condemnation of activities a senior Biden administration official described as part of a “pattern of irresponsible behavior in cyberspace.” They highlighted the ongoing threat from Chinese hackers even as the administration remains consumed with trying to curb ransomware attacks from Russia-based syndicates that have targeted critical infrastructure.

The broad range of cyberthreats from Beijing disclosed on Monday included a ransomware attack from government-affiliated hackers that targeted victims — including in the U.S. — with demands for millions of dollars. U.S officials also alleged that criminal contract hackers associated with China’s Ministry of State Security have engaged in cyber extortion schemes and theft for their own profit.

Meanwhile, the Justice Department on Monday announced charges against four Chinese nationals who prosecutors said were working with the MSS in a hacking campaign that targeted dozens of computer systems, including companies, universities and government entities. The defendants are accused of targeting trade secrets and confidential business information, including scientific technologies and infectious-disease research.

Unlike in April, when public finger-pointing of Russian hacking was paired with a raft of sanctions against Moscow, the Biden administration did not announce any actions against Beijing. Nonetheless, a senior administration official who briefed reporters said that the U.S. has confronted senior Chinese officials and that the White House regards the multination shaming as sending an important message, even if no single action can change behavior.

President Joe Biden told reporters “the investigation’s not finished,” and White House press…

Source…

BlackBerry Caused Its Own Demise, Here’s How

/in


BlackBerry devices

Anyone who knows about smartphones and tech, in general, has definitely heard of the name BlackBerry. A company whose devices were synonymous with the word smartphone in the early 2000s, with most people making use of a BlackBerry-branded device for their professional use.

The company enjoyed a lot of success in these years, providing users with a device that featured BBOS, the company’s proprietary operating system, which, when coupled with some fantastic physical mobile keyboards, made for a professional’s dream. To this day, many people can recall seeing their dad or mom’s first BlackBerry.

Things for the company were going great right until the early 2010s, and, in the ears that followed, the company lost its cult status, having been replaced by the iPhone when it came to overall popularity. The company, in 2020, announced that TCL, the current licenser and manufacturer of BlackBerry mobiles, would stop selling any devices as of August of 2020.

This intrigued quite a few users since companies such as Nokia or Motorola had cult statuses that withered over time, but things did not get as bad as they did for BlackBerry. What led to the demise of BlackBerry and, could it have been saved? Let’s discuss.

What Led To BlackBerry’s Exit From The Mobile Market?

BlackBerry

Before we delve into what caused BlackBerry’s untimely yet needful demise, one needs to know the exact role the company’s devices played for the normal user and the enterprise user. The devices were never the best at anything, often having a flaw or two, but they were dependable, sturdy devices that got the job done.

It would be a massive understatement to say that the BlackBerry brand got lucky, since, without its devices, the current state of smartphone devices would vary by a great deal. Now, with that out of the way, here are some key reasons for BlackBerry’s demise and how what happened could not have been avoided.

1. The company usually had decent offerings to showcase, but they each came with a flaw or two that hampered overall usability, especially in the latter part of its existence. From lacklustre or underwhelming specifications that would not work in a competitive market to the touchscreen-only models, which…

Source…

5 Dangers Caused by Ransomware for Businesses of All Sizes

/in


5 Dangers Caused by Ransomware for Businesses of All Sizes

What are the 5 dangers ransomware creates for enterprises and organizations? 

Ransomware remains one of the most potent, versatile, and devastating branches of malware in existence. A favorite of hackers the world over, every business regardless of size should fear what ransomware could do to their IT environment. Moreover, they must work to protect themselves against it.  

But what exactly can ransomware do? What dangers does ransomware pose? We dive into those questions here. 

 

5 Dangers Caused by Ransomware for Businesses

How Does Ransomware Work? 

Ransomware is defined by how it operates rather than how it infiltrates networks (i.e. spear-phishing). A hacker uses any of the means at their disposal to get their ransomware into the business IT environment. The ransomware then encrypts specific files, parts of the network, or the entire environment, preventing access by the victim company. 

As befits the name, the hackers responsible send a message to the victim demanding a ransom payment (often in cryptocurrency but not always) for the decryption code to regain access. Usually, they put the victim on a time limit on the ransom payment; failure to pay within the time limit may result in an increased ransom demand or the exposure of the encrypted data (or both). 

With that established, here’s how ransomware can damage your business. 

Reputational Damage

One of the underrated dangers of ransomware is appearances. Customers naturally shy away from businesses that don’t appear to have their cybersecurity under control and may abandon brands entirely after certain attacks. 

Unfortunately, there is no way to conceal ransomware; by nature, they attract attention since they need someone to notice what’s happening to get them to pay up. Trying to gain customer trust back after having lost it is a huge challenge, which can take a significant investment of time and resources. Worse, depending on how the ransomware attack occurred, your business may face compliance fines, which hurt both financially and reputationally.

Lost Files

At the end of the day, ransomware attacks files and networks. Once the hacker encrypts them, those files become the hacker’s…

Source…

Twitter hack caused by stolen VPN credentials (Includes interview)

/in


Employees were fooled by the hackers constructing the site to look exactly like the VPN login page. As a result of the hack, many high-profile Twitter accounts were compromised. According to TechRadar, the hack made headlines all over the world, with the accounts of high-profile Twitter users – including Barack Obama and Elon Musk – compromised.

Commenting on the hacking event forDigital Journal is Mark Riemer, Field CTO of Pulse Secure.

According to Riemer, the heart of the matter are virtual private networks (VPNs). These are a series of virtual connections routed over the Internet and which function to encrypt data as it travels back and forth between theclient machine and the Internet resources you’re using, such as web servers.

With this, Riemer says: “While VPNs have been used as a secure access method for many years, they are rapidly evolving to stay ahead of the attack curve. The latest Twitter hack emphasizes the need for a comprehensive remote secure access approach founded on the concept of Zero Trust.”

By Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters. There are different models and approaches for achieving this.

In terms of how the hack happened, Riemer says: “Cybercriminals tricked Twitter employees into handing over their account details by creating a site that mirrored their VPN login page and even went as far as to call staff members, claiming to be from Twitter’s IT department.”

In terms of what needs to be done, theanalyst says: “To prevent someone from logging into a VPN using stolen or compromised credentials, it is imperative that organizations remove any implicit trust and establish context-based access permissions. These are two of the driving principles of Zero Trust, which allows organizations to ensure continuous, contextual security by verifying and re-verifying users to ensure they are who they truly say they are and prevent outsiders from obtaining unauthorized access to the network.”

Riemer concludes: “The Zero Trust principle dictates that no connectivity is allowed until a user is authenticated, their endpoint is validated, and…

Source…