Tag Archive for: china

How China is Hacking America

/in


The sheer scale of China’s latest attempt to infiltrate U.S. infrastructure has surprised the entire cybersecurity industry, an expert has said.

Daniel Cuthbert, who sat on the UK Government Cyber Security Advisory Board, said the Volt Typhoon hacking system is bigger than anything China has unleashed before.

The U.S. government says it is designed to cripple U.S. computer systems if America and China go to war.

FBI Director Christopher Wray told a U.S. committee hearing on January 31 that Volt Typhoon was “the defining threat of our generation”.

It has already been used in attempted hacking on emergency services, military installations and satellites.

“In essence, Volt Typhoon is a campaign, albeit a very large one, by Chinese state agents actively gaining access to industrial control systems and other critical national infrastructure,” Cuthbert told Newsweek.

How China is Hacking America
Photo-illustration by Newsweek/Getty

“Similar campaigns have been happening for a very long time, but I think what has surprised many, including myself, was the sheer scale of the campaign.”

Cuthbert said it was a mistake to think that China was only targeting the U.S.

“It doesn’t just pose a threat to the U.S. It poses a threat to anybody in the CNI [Critical National Infrastructure] world. That world has a large number of rather complex problems when it comes to security that are not trivial to fix. I feel this is where considerable investment is needed to ensure that our CNI globally is as secure as possible,” he said.

Newsweek sought email comment from the Chinese embassy in Washington, D.C.

Cuthbert believes Volt Typhoon is difficult to defeat because it uses “living off the land” technology.

According to the CrowdStrike cybersecurity company, unlike traditional malware attacks, living off the land hacking systems do not use any of their own files. That means they do not require an attacker to install any code or scripts within the target system.

Instead, it uses tools that are already present in the computer system, such as Windows Management, which makes detection much more difficult and allows hackers to stay unnoticed within a computer system for months or even years.

On February 7, the U.S. government’s cybersecurity…

Source…

Review board to issue report detailing Microsoft’s lapses in China hack: report

/in


The US Cyber Safety Review Board is expected to issue a report detailing lapses by Microsoft that led to a targeted Chinese hack of top US government officialsemails last year, the Washington Post reported on Tuesday.
The intrusion, which ransacked the Microsoft Exchange Online mailboxes of 22 organizations and more than 500 individuals around the world, was “preventable” and “should never have occurred”, the Washington Post said, citing the report.”While no organization is immune to cyberattack from well-resourced adversaries, we have mobilized our engineering teams to identify and mitigate legacy infrastructure, improve processes, and enforce security benchmarks,” Microsoft said.

Elevate Your Tech Prowess with High-Value Skill Courses

Offering College Course Website
Indian School of Business ISB Professional Certificate in Product Management Visit
Indian School of Business ISB Product Management Visit
IIM Kozhikode IIMK Advanced Data Science For Managers Visit

“Our security engineers continue to harden all our systems against attack and implement even more robust sensors and logs to help us detect and repel the cyber-armies of our adversaries. We will also review the final report for additional recommendations,” it added.

The Cyber Safety Review Board did not immediately respond to a Reuters request for comment.

Last year, the tech giant said the Chinese hack of senior officials at the US State and Commerce departments stemmed from the compromise of a Microsoft engineer’s corporate account penetrated by a hacking group it dubbed Storm-0558.

Discover the stories of your interest

The hack is alleged to have stolen hundreds of thousands of emails from top American officials including Commerce Secretary Gina Raimondo, US Ambassador to China Nicholas Burns and Assistant Secretary of State for East Asia Daniel Kritenbrink.

The Cyber Safety Review Board’s report blames shoddy cybersecurity practices, lax corporate culture and a deliberate lack of transparency over what Microsoft knew about the origins of the breach, according to the Washington Post.

Source…

China hack on MPs worse than government admitted with at least 30 targeted

/in


A Chinese cyber-attack on British MPs was more widespread than the UK Government initially revealed, i has learned.

Oliver Dowden, the deputy prime minister, announced on Monday that a group of three MPs and one peer had been targeted.

The MPs, including China hawk Iain Duncan Smith, say they were privately reassured in a briefing by Parliament’s head of security that only a small number of parliamentarians had been effected.

But it has now emerged email accounts belonging to over 30 MPs, peers, and their parliamentary staff were targeted by the same cyber hack, which was in the form of a phishing email.

Mr Duncan Smith told i: “They completely screwed up the other day. They told us that there are only three or four of us that apparently had these emails – it’s complete bollocks.

“Parliament is just a joke when it comes to security, a joke.”

The identified targets were email accounts of members of the Inter-Parliamentary Alliance on China (Ipac), a global group of parliamentarians with hawkish views on China.

It is unclear at this stage why the full effect of the hacking attack was not revealed by Mr Dowden, but sources told i the latest analysis showed around 30 individuals were effected.

Parliamentarians in the group were sent infected emails from an account posing as a democracy-focused news website under the domain nropnews.com.

The emails contained spyware hidden within the images in a spear-phishing campaign using pixel technology capable of sending personal information to an unauthorized third-party server in order to steal private data from users, i can reveal.

The same false domain was used to hack a Belgian MP during the same period. Last year, Samuel Cogolati, also an Ipac member, was named by Belgian intelligence as the victim of an identical APT31 attack during the same period, leading to questions as to how the attack on UK parliamentarians has taken so long to emerge. Parliamentary security officers are now looking into the domain linked to the emails.

Mr Dowden on Monday said British intelligence concluded it was “almost certain” that Chinese state affiliated hacking group ‘APT31’ had conducted the “malicious cyber campaign”. The Deputy Prime…

Source…

China linked to UK cyber-attacks on voter data, Dowden to say

/in


  • By James Gregory & Iain Watson, political correspondent
  • BBC News

Image caption,

Deputy Prime Minister Oliver Dowden is expected to address MPs on the threat

The UK government is expected to link cyber-attacks which accessed personal details of millions of voters to China.

The attacks on the Electoral Commission took place in August 2021 but were only revealed last year.

Several MPs and peers who have been critical of Beijing are thought to have also been targeted in cyber-attacks.

The prime minister called China “the greatest state-based challenge to our national security”.

Rishi Sunak said: “China represents an economic threat to our security and an epoch-defining challenge.

“So it is right we take steps to protect ourselves.”

The BBC understands other Western nations will set out similar concerns.

Acknowledging the attacks last August, the Electoral Commission said unspecified “hostile actors” had gained access to copies of the electoral registers and broken into its emails and “control systems”, but added that it had neither had any impact on any elections nor anyone’s registration status.

The commission said last August that they weren’t able to predict exactly how many people could be affected, but that the register for each year contained the details of around 40 million people.

Deputy Prime Minister Oliver Dowden will address Parliament on Monday about the threat.

It is now thought that Mr Dowden will suggest those behind the attack had links to Beijing, as well as laying out how the UK will respond to what it deems a wider threat.

Publicly identifying the attackers lays the groundwork for potential legal and political actions, such as sanctions or diplomatic protests.

Linking the attackers to China, a fellow member of the UN Security Council, would be an escalation in the diplomatic tension between the two countries.

The prime minister then was David Cameron, who is now the foreign secretary after taking a seat in the House of Lords last year.

China’s foreign ministry spokesperson Lin Jian said the government cracked down and punished all types of malicious cyber activities.

He called on all parties to “stop spreading false information and…

Source…