Tag: hacking | SpinSafe

All about Volt Typhoon, the Chinese hacking group, ET Telecom

April 20, 2024/in Internet Security

China is developing the “ability to physically wreak havoc” on US critical infrastructure and its hackers are waiting “for just the right moment to deal a devastating blow”, FBI Director Christopher Wray said on Thursday.

The comments were in relation to a Chinese government-linked hacking campaign dubbed Volt Typhoon. The campaign was disclosed by the US and its key allies in May 2023, when analysts at Microsoft found it had targeted everything from US telecommunication networks to transportation hubs.

On Thursday, Wray said Volt Typhoon had successfully gained access to American targets across the telecommunications, energy, water and other critical sectors.

Here is what is known about Volt Typhoon and its potential threat:

‘Future crises’

Nearly every country in the world uses hackers to gather intelligence. Major powers like the United States and Russia have large stables of such groups – many of which have been given colourful nicknames by cybersecurity experts, such as “Equation Group” or “Fancy Bear.”

Experts begin to worry when such groups turn their attention from intelligence gathering to digital sabotage. So when Microsoft Corp said in a blog post in May last year that Volt Typhoon was “pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” it immediately brought to mind escalating tensions between China and the United States over Taiwan.

Any conflict between those two countries would almost certainly involve cyberattacks across the Pacific.

Taiwan botnet

Does this mean a group of destructive hackers is preparing to sabotage US infrastructure in the event of a conflict over Taiwan?

Microsoft qualified its assessment last year as “moderate confidence,” intelligence jargon that typically means a theory is plausible and credibly sourced but has yet to be fully corroborated. Different researchers have identified various aspects of the group.

It is now clear that Volt Typhoon has functioned by taking control of swathes of vulnerable digital devices around the world – such as routers, modems, and even internet-connected…

Source…

What is Volt Typhoon, the Chinese hacking group the FBI warns could deal a ‘devastating blow’?

April 19, 2024/in Internet Security

China is developing the “ability to physically wreak havoc” on US critical infrastructure and its hackers are waiting “for just the right moment to deal a devastating blow”, FBI Director Christopher Wray said on Thursday.
The comments were in relation to a Chinese government-linked hacking campaign dubbed Volt Typhoon. The campaign was disclosed by the US and its key allies in May 2023, when analysts at Microsoft found it had targeted everything from US telecommunication networks to transportation hubs.
On Thursday, Wray said Volt Typhoon had successfully gained access to American targets across the telecommunications, energy, water and other critical sectors.
Here is what is known about Volt Typhoon and its potential threat:
‘Future crises’
Nearly every country in the world uses hackers to gather intelligence. Major powers like the United States and Russia have large stables of such groups – many of which have been given colourful nicknames by cybersecurity experts, such as “Equation Group” or “Fancy Bear.”
Experts begin to worry when such groups turn their attention from intelligence gathering to digital sabotage. So when Microsoft Corp said in a blog post in May last year that Volt Typhoon was “pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” it immediately brought to mind escalating tensions between China and the United States over Taiwan.
Any conflict between those two countries would almost certainly involve cyberattacks across the Pacific.
Taiwan botnet
Does this mean a group of destructive hackers is preparing to sabotage US infrastructure in the event of a conflict over Taiwan?
Microsoft qualified its assessment last year as “moderate confidence,” intelligence jargon that typically means a theory is plausible and credibly sourced but has yet to be fully corroborated. Different researchers have identified various aspects of the group.
It is now clear that Volt Typhoon has functioned by taking control of swathes of vulnerable digital devices around the world – such as routers, modems, and even internet-connected security cameras – to hide later, downstream attacks…

Source…

How China is Hacking America

April 16, 2024/in Internet Security

The sheer scale of China’s latest attempt to infiltrate U.S. infrastructure has surprised the entire cybersecurity industry, an expert has said.

Daniel Cuthbert, who sat on the UK Government Cyber Security Advisory Board, said the Volt Typhoon hacking system is bigger than anything China has unleashed before.

The U.S. government says it is designed to cripple U.S. computer systems if America and China go to war.

FBI Director Christopher Wray told a U.S. committee hearing on January 31 that Volt Typhoon was “the defining threat of our generation”.

It has already been used in attempted hacking on emergency services, military installations and satellites.

“In essence, Volt Typhoon is a campaign, albeit a very large one, by Chinese state agents actively gaining access to industrial control systems and other critical national infrastructure,” Cuthbert told Newsweek.

How China is Hacking America — Photo-illustration by Newsweek/Getty

“Similar campaigns have been happening for a very long time, but I think what has surprised many, including myself, was the sheer scale of the campaign.”

Cuthbert said it was a mistake to think that China was only targeting the U.S.

“It doesn’t just pose a threat to the U.S. It poses a threat to anybody in the CNI [Critical National Infrastructure] world. That world has a large number of rather complex problems when it comes to security that are not trivial to fix. I feel this is where considerable investment is needed to ensure that our CNI globally is as secure as possible,” he said.

Newsweek sought email comment from the Chinese embassy in Washington, D.C.

Cuthbert believes Volt Typhoon is difficult to defeat because it uses “living off the land” technology.

According to the CrowdStrike cybersecurity company, unlike traditional malware attacks, living off the land hacking systems do not use any of their own files. That means they do not require an attacker to install any code or scripts within the target system.

Instead, it uses tools that are already present in the computer system, such as Windows Management, which makes detection much more difficult and allows hackers to stay unnoticed within a computer system for months or even years.

On February 7, the U.S. government’s cybersecurity…

Source…

Quantum hacking is a looming privacy threat. Companies should start worrying now

April 15, 2024/in Computer Security

Now that everyone else has had a turn, quantum hackers are coming for your data.

Well, not quite yet. But they’re working on it.

Quantum computers, which are still in development by players such as Google, IBM, and Microsoft, hold enormous promise to do good as well as harm. The U.S. and Chinese governments are pouring billions into them.

For a primer on this new breed, I turned to Martin Lee, technical lead of security research and EMEA lead at Cisco Talos, the networking giant’s threat intelligence and response group.

Traditional computers operate on binary digits, or bits, that are either one or zero. In a quantum machine, “the bits are one, zero, or everything in between, all at the same time,” Lee says. So it “has the possibility of being able to calculate and consider many different solutions to a problem all at the same time to find the correct answer.”

That’s ideal for calculating the shapes of proteins to discover new drugs, Lee notes, or the thermodynamics of an engine.

It’s also perfect for stealing data.

Because a quantum computer makes calculating the factors of prime numbers much easier, it could swiftly crack many existing encryption algorithms, Lee says.

How soon? Maybe next year, maybe in five years, or maybe never, Lee reckons. But it’s time to start considering the problem so it doesn’t become an emergency, he warns. “Certainly, CIOs and CTOs need to think about ‘How do we prepare for a post-quantum world?’”

In response, companies are already developing and deploying quantum security. One is QuSecure, a California startup whose clients include Cisco, Dell, and the U.S. military.

Hackers are harvesting data now for quantum decryption later, says cofounder, chief product officer, and CTO Rebecca Krauthamer. Prime targets include electronic health and financial records, as well as national security data, Krauthamer adds. “All those kinds of things, they have a shelf life, and that’s why for some sectors, it’s a very urgent problem.”

To ward off quantum attacks, you fight fire with fire, right? Actually, no.

QuSecure’s software sits atop a client’s existing encryption, explains Skip Sanzeri, cofounder, chair, and COO. Besides some…

Source…

Tag Archive for: hacking