Tag Archive for: Departments

State, Commerce Departments Breached by Hackers

/in


(TNS) — Hackers breached Microsoft Outlook email accounts linked to government agencies in the United States, including State and Commerce departments, and others in Western Europe, according to government officials and Microsoft Corp., which described the attackers as being based in China.

Last month, the U.S. State Department identified anomalous activity and alerted Microsoft to the attack, according to a spokesperson. A subsequent investigation by the company determined that the hackers accessed and exfiltrated unclassified Exchange Online Outlook data from a small number of accounts,” according to a statement from the U.S. Cybersecurity and Infrastructure Security Agency, known as CISA.

The U.S. Commerce Department was also breached and took immediate action after being notified by Microsoft, a spokesperson said. The department is monitoring its systems and would respond promptly if additional activity is detected, the spokesperson added.


It wasn’t known which other U.S. agencies were affected by the breach, but a senior official said the number was in the single digits.

In an interview with ABC News on Wednesday morning, national security adviser Jake Sullivan said, “We detected it fairly rapidly, and we were able to prevent further breaches. The matter is still being investigated.”

In a blog post published Tuesday night, Microsoft described the group behind the attack as China-based and named it Storm-0558. The hackers were able to remain undetected for a month after gaining access to email data from around 25 organizations in mid-May.

“We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection,” Charlie Bell, an executive vice president at Microsoft, wrote in another post.

It also wasn’t clear which European governments were affected. Italian cybersecurity officials said they were in contact with Microsoft “in order to identify potential Italian subjects involved in the latest attacks.”

Asked about the findings, China’s Foreign Ministry spokesman Wang Wenbin, at a regular briefing Wednesday, accused the U.S. of being the world’s…

Source…

Metro Detroit police departments targeted in ransomware attacks

/in


Downriver police agengies targeted in malware attack, prevent data breach

Several Downriver police communities were targeted in a data breach this week but, thanks to quick actions, were able to stop the attack before it became a data breach.

WYANDOTTE, Mich. (FOX 2)Multiple Wayne County police agencies were targeted on Friday in a ransomware attack but were able to thwart a data breach thanks to quick actions.

The details of what agencies were impacted and when by a cyberattack are still emerging, but Wyandotte Police Lt. Neil Hunter said they noticed a lot of phishing emails this week sent to officers and city workers.

According to Hunter, a records management system that supports several downriver police agencies was hit with malware. They’re still determining which departments all had to deal with the mess but FOX 2 has learned that servers had to be shut down temporarily to fix the issue

“(It) made things a little painful for us for a minute, but they were really quick with their response in taking care of the issue. We’re back full running normally,” Hunter said.

The good news is that this was not a data breach. 

“Our IT identified it rather quickly. They took care of the problem before it became a bigger problem,” Hunter said.

Darrin Hanna is a cybersecurity and hardware expert out of Oakland University and says criminals working online can get to secure systems more easily than you think.

“Malware is planted, typically, the simplest way is by sending emails and having you download attachments or clicking on a link that takes you to a website that actually isn’t the website you think it is,” he said.

In the end, it comes down to being vigilant before you click or tap on that email attachment.

“The methods people are using to perform these attacks is evolving and changing at all times. Protecting yourself requires a plan, implementing that, and it also requires continuously changing things,” Hanna said.

Source…

DHS and 5G security. US State Department’s first cyber ambassador. China’s cybersecurity regulations.

/in


At a glance.

  • DHS and 5G security.
  • US State Department’s first cyber ambassador.
  • China’s cybersecurity regulations.

US Department of Homeland Security’s quest to secure 5G tech.

SIGNAL Magazine offers a look at the US Department of Homeland Security’s (DHS)’s progress in filling security gaps presented by 5G technology identified by the Cybersecurity and Infrastructure Security Agency (CISA). 5G has become increasingly critical to DHS’s goals, and its Science and Technology Directorate leads the Secure and Resilient Mobile Network Infrastructure program (SRMNI) and the sister program Emergency Communications Research and Development. Brent Talbot, a program manager within the Science and Technology Directorate’s Office of Mission Capability and Support, explains, “CISA is our customer, and they are looking to get some research and development performed to fill some cybersecurity gaps in the mobile 5G infrastructure. They’re looking to secure those venues for not only the general public but for the government, for the nation. We’re trying to push the boundaries of what is known, and we’re looking to protect those communications venues, especially for our frontline workers, the emergency responders.” SRMNI’s goal is to provide solutions and knowledge that will help officials to make risk- and cost-informed decisions regarding capability gaps, threat identification, architectural frameworks and potential mitigations. Already, 4K Solutions LLC has developed GovSecure, a protected domain name system available on Google Play store and the Apple App Store that allows secure, untraceable communications for sensitive but unclassified messages.

US State Department names its inaugural cyber ambassador. 

CyberScoop reports that the US State Department has selected Nathaniel Fick as its first Ambassador-at-Large for Cyberspace and Digital Policy, pending confirmation from the US Senate. Launched in April, the Bureau of Cyberspace and Digital Policy is focused on supporting the White House’s effort to provide digital aid to allies and US leaders as they set global cyber standards. Currently the general manager of information security for internet search company Elastic, Fick…

Source…

Canada Revenue Agency, other government departments take some services offline due to security ‘vulnerability’

/in


A number of government departments have taken some services offline as a preventative measure following the discovery of a software flaw that Defence Minister Anita Anand  says “has the potential to be used by bad actors.”

Groups using the popular Apache Log4J system should “pay attention to this critical, internet vulnerability affecting organizations across the globe,” Anand said in a statement.

“Given the critical nature of this vulnerability and reports of active exploitation, we are urging Canadian organizations of all types to follow the recommended guidance,” she said, adding any incidents should be reported to the Canadian Centre for Cyber Security, part of the Communications Security Establishment.

On Friday the Canada Revenue Agency took some services offline as a precaution after it learned of a global security vulnerability. It says there is no indication its systems have been compromised or that there was any unauthorized access to taxpayer information. 

Quebec shut down nearly 4,000 government sites

Over the weekend, Quebec shut down close to 4,000 government websites out of precaution, including those related to health, education and public administration.

Éric Caire, Quebec’s minister for government digital transformation, said Sunday there is no indication the government was the victim of a successful cyber attack.

“Out of an abundance of caution, some departments have taken their services offline while any potential vulnerabilities are assessed and mitigated,” said Anand.

“At this point, we have no indication these vulnerabilities have been exploited on government servers.”

‘People are scrambling to patch’

The vulnerability — located in open-source software used to run websites and other web services — has been described as one the worst computer vulnerability discovered in years.

Unless it’s patched, it allows grants hackers access to impose code, meaning they could steal valuable data and unleash malware.

“The internet’s on fire right now,” Adam Meyers, senior vice president of intelligence at the cybersecurity firm Crowdstrike, told The Associated Press.

“People are scrambling to patch,” he said, “and all kinds of people…

Source…