Tag Archive for: government

Government facilities were third largest ransomware target in 2023, FBI says


Government facilities were the third largest critical infrastructure sector targeted by ransomware attacks in 2023, according to cybercrime statistics released Wednesday by the FBI.

The agency’s Internet Crime Complaint Center, or IC3, unveiled the findings in its annual report that unpacks complaints, financial losses and other metrics used to determine the severity of cybercrime activities reported to federal authorities.

Of the 1,193 complaints IC3 received from organizations belonging to U.S.-designated critical infrastructure sectors, government facilities came in third place with 156 complaints, while critical manufacturing and healthcare centers took the second and top spots, respectively.

“Of the 16 critical infrastructure sectors, IC3 reporting indicated 14 sectors had at least 1 member that fell to a ransomware attack in 2023,” the report adds.

LockBit, ALPHV/BlackCat, Akira, Royal and Black Basta were the top ransomware gangs tied to those critical infrastructure complaints, the report added. ALPHV, which recently claimed responsibility for its attack on Change Healthcare that has caused widespread logjams in the prescription drug market, reportedly staged a takedown after hauling away a $22 million ransom payment from the company.

Ransomware operatives targeted companies around the world last year, with the number of firms targeted reaching an all-time high compared to findings in previous years, according to a January Check Point analysis.

The U.S. has been working with international partners to take a firm stance against ransom payments, though experts have not agreed on a single policy.

“The FBI does not encourage paying a ransom to criminal actors. Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. Paying the ransom also does not guarantee that an entity’s files will be recovered,” IC3 says.

The IC3 report also found $350 million were lost from scams in which hackers impersonated government officials attempting to collect money. Older adults are overwhelmingly targeted in such scams, according to the data.

A total of 14,190…

Source…

U.S. Government Disrupts Botnet People’s Republic Of China Used To Conceal Hacking Of Critical Infrastructure


FBI News:

A December 2023 court-authorized operation has disrupted a botnet of hundreds of U.S.-based small office/home office (SOHO) routers hijacked by People’s Republic of China (PRC) state-sponsored hackers.

The hackers, known to the private sector as “Volt Typhoon”, used privately-owned SOHO routers infected with the “KV Botnet” malware to conceal the PRC origin of further hacking activities directed against U.S. and other foreign victims.

These further hacking activities included a campaign targeting critical infrastructure organizations in the United States and elsewhere that was the subject of a May 2023 FBI, National Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), and foreign partner advisory.

The same activity has been the subject of private sector partner advisories in May and December 2023, as well as an additional secure by design alert released recently by CISA.

The vast majority of routers that comprised the KV Botnet were Cisco and NetGear routers that were vulnerable because they had reached “end of life” status; that is, they were no longer supported through their manufacturer’s security patches or other software updates. The court-authorized operation deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet.

“The Justice Department has disrupted a PRC-backed hacking group that attempted to target America’s critical infrastructure utilizing a botnet,” Attorney General Merrick B. Garland said. “The United States will continue to dismantle malicious cyber operations – including those sponsored by foreign governments – that undermine the security of the American people.”

“In wiping out the KV Botnet from hundreds of routers nationwide, the Department of Justice is using all its tools to disrupt national security threats – in real time,” Deputy Attorney General Lisa O. Monaco said.  “Today’s announcement also highlights our critical partnership with the private sector – victim reporting is key to fighting cybercrime, from home offices to our most critical…

Source…

Government agrees law to protect confidential journalistic material from state hacking


The government has agreed to bring in legislation to require MI5 and GCHQ to seek independent authorisation before accessing confidential journalistic material obtained through the bulk hacking of phones or computer systems.

The Investigatory Powers (Amendment) Bill, which was debated in the House of Commons yesterday (Monday 19 February), will require the intelligence services to seek independent approval from the investigatory powers commissioner before accessing journalistic material or material that could identify a confidential journalistic source.

The concession follows a seven-year legal challenge brought by human rights organisation Liberty with the support of the National Union of Journalists (NJU).

It follows separate warnings from technology companies and rights organisations that proposed changes to the Investigatory Powers Act would disrupt the ability of technology companies to apply security updates and introduce end-to-end encryption.

The government has asked Liberty to drop legal proceedings against it in the light of a proposed amendment to the Investigatory Powers Bill 2016 that will require an independent body to review all requests to search and retain confidential journalistic information obtained through bulk hacking of computers, phones and tablets.

Journalists exposed to state surveillance and interference

Under current law, security and intelligence agencies and other state bodies can search for confidential journalist material, including emails, calls and texts, among data obtained through bulk hacking operations without the need for prior authorisation from a judicial commissioner.

The government introduced similar protections for journalistic material obtained through bulk interception in March 2023 following a landmark ruling by the European Court of Human Rights in the case of “Big Brother Watch and others v UK”,  which found that bulk interception of communications data breached the privacy rights of UK citizens.

Megan Goulding, a lawyer for Liberty, said journalists have been exposed to state surveillance and interference for more than a decade with few safeguards or protections.

“The introduction of a new requirement for an independent…

Source…