Tag: china | Page 7

Pentagon’s Unclassified Cyber Strategy is Influenced by Russia-Ukraine War, China

September 29, 2023/in Internet Security

The newly unclassified strategy anticipates election security issues and suggests an independent cyber service.

Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang talks to members of the press in Washington, D.C., Sept. 12, 2023. Photo credit: Senior Airman Cesar Navarro / DVIDS

The Defense Department’s unclassified summary of its 2023 cyber strategy presents a broad-ranging plan informed by the lessons learned from the Russia-Ukraine war, as well as the growing tensions between the U.S. and China in cyberspace.

“There are some shifts that reflect our real-world experience for the department in the time period between 2018 and 2023 to include our experiences of observing the conflict in Russia-Ukraine that have shaped and refined our understanding of the role of cyber in warfare, the ways in which we defend the homeland, and, of course, the importance of working on strengthening the cybersecurity of our partners and allies,” Deputy Assistant Secretary of Defense for Cyber Policy Mieke Eoyang told reporters at a roundtable organized by George Washington University.

The Pentagon’s unclassified cyber strategy comes on the heels of the White House’s national cybersecurity strategy implementation plan providing federal agencies with actionable steps to improve the nation’s security posture. While it is unclear whether a similar implementation plan will follow the Pentagon’s new cyber strategy, Eoyang said there are “mechanisms in the Department of Defense that we use to make sure that we are moving forward with that.”

Some lessons learned from the Russia-Ukraine war include the importance of cloud migration, the impacts of satellite communications disruption, as well as people’s ability to tell their story to the world during an armed conflict.

“The ability of Ukrainians to move their data extraterritorially, but still maintain access to it was really important,” Eoyang said. “We saw the Russian attempts to disrupt satellite communications as something that, I think, many people are still trying to understand that aggregate effect of that on the conflict. But certainly, it is something that we are looking at very carefully.”

Securing the 2024 Presidential…

Source…

China accuses the US of hacking Huawei servers for over a decade

September 21, 2023/in Computer Security

Tensions between the US and China have escalated further. Beijing has accused Washington of continuously hacking Huawei’s servers and conducting cyberattacks to steal other critical data since 2009. China’s Ministry of State Security has shared a post (spotted by Nikkei Asia) on its official WeChat account regarding this. The post that points out the US government’s efforts against the Chinese tech giant Huawei is titled: “Revealing key despicable methods by US intelligence agencies in cyberespionage and theft.”
How the US hacked Huawei
The post accuses the US of using “big, influential tech companies” to install backdoors in Huawei’s software, apps and equipment.As per the post, Washington was trying to steal vital data from countries including China and Russia.
“In 2009, the Office of Tailored Access Operations started to infiltrate servers at Huawei’s headquarters and continued conducting such surveillance operations,” the post read.
With the increase in geopolitical tensions, both the US and China have been expanding their global spying operations. In July, Beijing-linked hackers reportedly accessed the email account of the US ambassador to China. This operation is believed to have exposed hundreds of emails.
China hit with Second Date spyware
The post notes that China’s National Computer Virus Emergency Response Center has extracted a spyware called Second Date. The spyware was discovered while investigating a cyberattack on Northwestern Polytechnical University in Xi’an. This cyberattack reportedly took place last year.
The ministry found that the Second Date is “cyberespionage malware developed by the US National Security Agency, which operates covertly in thousands of networks in many countries around the world.”

The Second Date spyware was extracted with the help of a company named Qihoo 360. Chinese state broadcaster CCTV reported that this company has previously released findings about US hacking activities against China. However, Qihoo 360 didn’t report the part about Huawei.
“The U.S. had obtained control over tens of thousands of devices and stolen a substantial amount of high-value data,” the ministry said.
China recently advised central and local governmental…

Source…

‘Treat it like China’: How U.S. officials stay safe, and have fun, at the world’s biggest hacking conference

August 12, 2023/in Computer Security

When you spend three days with 30,000 people who love cracking code, you’re always just one errant click away from sheep-dom. In fact, fending off the maze of Wi-Fi sniffers, hardware hackers and social engineers at DEF CON is a little like going toe-to-toe with elite, state-backed cyber spies, according to one senior State Department official.

“Almost treat it like going to China,” said the official, granted anonymity to offer frank and colorful advice to a DEF CON first-timer. “Really treat it like going to a technologically sophisticated peer competitor.”

At this year’s conference, which wraps up Sunday, the Wall of Sheep was located in a dimly lit auditorium off the main conference floor. It included, for the first time ever, a live feed with the location of individuals who were leaking data. As of Friday afternoon, there were at least 2,000 sheep at DEF CON, per the floor-to-ceiling projection. Their personal information was, mercifully, partly blacked out for privacy reasons.

Since the first-ever convention in 1993, DEF CON has brought some of the world’s most talented computer security wizards into the Las Vegas desert to scour software, hardware and networking equipment in search of vulnerabilities.

Operating under the principle that the best way to secure computer code is to expose it, attendees have demonstrated some truly jaw-dropping research over the last three decades. They’ve taken over the controls of cars, tricked ATMs to spew out cash and sent insulin pumps into overdrive, to name a few memorable hacks.

Feats like that have turned the convention into an increasingly common pit stop for top U.S. government officials, dozens of whom are in attendance this year. DHS Secretary Alejandro Mayorkas, CISA Director Jen Easterly and Acting National Cyber Director Kemba Walden are all in Las Vegas for DEF CON and Black Hat, its more corporate-friendly counterpart.

But the convention didn’t earn its reputation as “the world’s most hostile network” just because of what happens on the main stage.

“There is a criminal ecosystem out there,” said Marc Rogers, the conference’s head of security. “You probably don’t want to access your…

Source…

Embassy of China in Canada Issues a Statement on U.S Cyber Espionage Campaigns Against Japan

August 12, 2023/in Internet Security

I just came across to a statement issued by the Embassy of China in Canada on the U.S cyber espionage campaigns launched against Japan.

What’s so special about this statement? First it does quite Wikileaks which is a bit of an outdated approach including the actual source to shed more light into a bigger problem and issue for China that the press statement on the Web site of the Chinese Embassy in Canada mentions. In this specific case the statement implies the use of the so called “hunt-forward” missions which could really mean big trouble for China if the U.S somehow manages to secure a deal with a neighbouring country next to China which could really mean big trouble for China as the U.S will then attempt to establish the foundation for a successful cyber attacks and possibly information operations interception campaigns used managed and operated by China including its partners and allies where to ultimate goal would be to measure their true capabilities and set the foundation for a successful cyber situational awareness campaign in terms of cyber attacks and the true state of China’s true cyberspace operations and cyber attack capabilities including the capabilities of some of its neighbouring countries.

The so called Hunt Forward Operations also known as (HFOs) are an early warning system for cyber situational awareness that could improve the true state of the visibility of the actual country that’s doing these missions in this specific case the U.S could really learn a lot about new tactics and techniques courtesy of the attackers based in the specific country where it’s hosting its mission which could be really bad news for China in terms of having the U.S deploy hunt forward missions in its neighbouring countries where the U.S could really get a better picture of China’s understanding and actual applicability of basic cyber warfare principles and concepts in action including the “know-how” of its neighbouring countries.

Despite the fact that the U.S is willing to share its knowledge and understanding of cyber attacks “know-how” with the host country of a hunt forward mission it could also learn a lot about the cyber attacks that originate from the…

Source…

Tag Archive for: china

Securing the 2024 Presidential…