Tag Archive for: hackers

The Day – Hackers find easy prey as U.S. ignores one warning after another

/in



The ransomware attack that shut down the nation’s biggest fuel pipeline prompted an all-too familiar question in the corridors of power in Washington and boardrooms across the country: Can anyone stop debilitating hacks?

The recent assault on Colonial Pipeline Co. was a particular affront. Not only did it disrupt fuel distribution on the East Coast, it followed an effort by the Biden administration to act against cyber crime — especially ransomware, where criminals remotely disable a computer system and demand payment. Colonial was hit on day 37 of a 60-day push by the Department of Homeland Security to confront such attacks.

The administration’s campaign is the latest in a long series of cyber strategies offered by presidents and lawmakers from both parties to curb hackers. For years, security experts have offered concrete recommendations for governments, companies and other organizations to follow to ward off cyber-attacks, but they’re often ignored, or punted in favor of more pressing concerns.

“There has to be a different way of approaching this if we are going to stop this plague,” said Philip Reiner, chief executive officer of the Institute for Security and Technology. Reiner’s group recently offered 48 actions the Biden administration and the private sector could pursue against ransomware.

While President Joe Biden recently imposed sanctions on Russia over the hack of SolarWinds Corp., the threat of retaliation or prosecution from the U.S. holds little deterrence — at least so far. Many criminal hackers reside in countries that ignore them or tacitly approve of their behavior. Actions to punish state-sponsored hacking groups — including sanctions and indictments — have previously done little to counter the assaults.

The list of recent cyber-attack targets reflects both the sophistication and brazenness of the hackers. In government, the victims include the Department of Homeland Security, the Illinois Attorney General’s Office, even the Washington, D.C., police department. In the private sector, hackers infiltrated big tech companies like Microsoft Corp., the cyber-security firm FireEye Inc., San Diego-based Scripps Health and even the Houston Rockets of the…

Source…

Colonial Pipeline Paid DarkSide Hackers $5M to Restore Systems

/in


(TNS) — Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.

The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.

Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.


A representative from Colonial declined to comment, as did a spokesperson for the National Security Council. Colonial said it began to resume fuel shipments around 5 p.m. Eastern time Wednesday.

The hackers, which the FBI said are linked to a group called DarkSide, specialize in digital extortion and are believed to be located in Russia or Eastern Europe.

On Wednesday, media outlets including The Washington Post and Reuters, also based on anonymous sources, reported that the company had no immediate intention of paying the ransom.

Ransomware is a type of malware that locks up a victim’s files, which the attackers promise to unlock for a payment. More recently, some ransomware groups have also stolen victims’ data and threatened to release it unless paid — a kind of double extortion.

The FBI discourages organizations from paying ransom to hackers, saying there is no guarantee they will follow through on promises to unlock files. It also provides incentive to other would-be hackers, the agency says.

However, Anne Neuberger, the White House’s top cybersecurity official, pointedly declined to say whether companies should pay cyber ransoms at a…

Source…

Colonial paid hackers nearly $5 million in ransom, sources say

/in


Colonial Pipeline Co. paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline, according to two people familiar with the transaction.

The company paid the hefty ransom in untraceable cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the East Coast, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.

Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.

A representative from Colonial declined to comment, as did a spokesperson for the National Security Council.

The hackers, which the FBI said are linked to a group called DarkSide, specialize in digital extortion and are believed to be located in Russia or Eastern Europe.

On Wednesday, media outlets including the Washington Post and Reuters reported that the company had no immediate intention of paying the ransom. Those reports were based on anonymous sources.

Ransomware is a type of malware that locks up a victim’s files, which the attackers promise to unlock for a payment. More recently, some ransomware groups have also stolen victims’ data and threatened to release it unless paid — a kind of double extortion.

Deputy National Security Advisor Anne Neuberger on Monday acknowledged that sometimes companies may have no choice but to pay ransoms, telling reporters: “We recognize, though, that companies are often in a difficult position if their data is encrypted and they do not have backups and cannot recover the data.”

The FBI discourages organizations from paying ransom to hackers, saying there is no guarantee they will follow through on promises to unlock files. It also provides incentive to other would-be hackers, the agency…

Source…

North Korea’s army of hackers rival CIA & are ‘world’s biggest bank robbers’ who steal billions to fund Kim’s nukes

/in


NORTH Korea’s elite army of 7,000 cyber soldiers rival the CIA in their expertise and wreak chaos as “the world’s biggest bank robbers”, experts say.

The regime’s tech wizards are groomed from childhood to steal billions around the globe — which tyrant Kim Jong-un spends on weapons and his nuclear missile program.

Kim Jong-un has an army of cyber soldiers waging financial war around the world

5

Kim Jong-un has an army of cyber soldiers waging financial war around the worldCredit: Reuters
State-backed hackers are estimated to have stolen billions of dollars to fund his nukes

5

State-backed hackers are estimated to have stolen billions of dollars to fund his nukesCredit: Getty

Experts warn Kim’s expert hackers are a bigger threat to the world than Vladimir Putin’s cyber criminals in Russia.

Crippling attacks on NHS hospitals and Sony Pictures in recent years were a “wake up call” highlighting their growing reach.

Other targets in more than 150 countries have included military sites, international banks and Bitcoin investors.

And earlier this year it was reported Pyongyang’s keyboard warriors tried to hack into drug maker Pfizer to steal secrets of its Covid vaccine.

Yet a report last month in New Yorker Magazine revealed how the West had been ignoring alarm bells for years.

As long ago as 2003, one South Korean expert warned the North’s cyber operation was “on a par with the CIA” — but the US reportedly dismissed it as propaganda.

HOTHOUSED

The secretive regime has been building its army of “information soldiers” since at least the mid-1990s, experts say.

The late dictator Kim Jong-il was quick to see the internet as a threat to his dynasty – and also an opportunity to even the odds against superpowers in the digital age.

In 2005, a Korean People’s Army book quoted Kim as saying: “If the internet is like a gun, cyber attacks are like atomic bombs.”

Despite being almost totally isolated — with only a tiny number of people having internet access — North Korea has developed what is believed to be the most sophisticated criminal hacking operation in the world.

Defectors have revealed how the brightest students are plucked from primary schools and groomed as cyber warriors.

They are housed at elite schools and universities in the capital, and then sent to military bases to learn how to write viruses, program weapons guidance systems and…

Source…