Tag Archive for: navy

What we know about China’s hacking of Navy systems

/in


Chinese-backed hackers breached American infrastructure, including technology systems belonging to the U.S. Navy, government officials confirmed this past week. 

Technology company Microsoft first reported on the hack, identifying the group and the techniques used to pull it off. The operation aimed to gain access to communications systems in the United States and U.S. Navy infrastructure on Guam. The island is home to several military installations, including a large contingent of B-52 bombers and U.S. Navy submarines. 

In response the United States and allies published a report on how to detect and protect against such intrusions. 

Subscribe to Task & Purpose Today. Get the latest military news and culture in your inbox daily.

Who is behind it?

Microsoft Corp. first reported the apparent hack on Wednesday, May 24. It identified the perpetrators with “moderate confidence” as Volt Typhoon, a “state-sponsored actor based in China that typically focuses on espionage and information gathering.” The group has been active since at least 2021.

This specific hack saw Volt Typhoon using legitimate credentials to gain access to the systems, getting inside and then using small-office routers to disguise where the intrusion is coming from. Cybersecurity experts call this approach “living off the land.” They obtained initial access by targeting Fortinet cybersecurity devices, taking advantage of a flaw in the system to gain credentials.

The Chinese government has denied the allegations, calling them a “collective disinformation campaign” by the countries that make up the Five Eyes intelligence sharing organization, the United States, United Kingdom, Canada, Australia and New Zealand.

What was affected?

The full extent of the hack is not clear, but the infrastructure targeted “span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors,” Microsoft said

“Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the…

Source…

Navy veteran warns of online scam that cost him his life savings

/in


John McKendrick said he missed all the warning signs. He may be 80, but the U.S. Navy veteran has a master’s degree and is quite tech-savvy. But still, he said scammers wiped out his bank account. Hear McKendrick tell his story in the video above. “This money that they took, it was money I was living on. It was my main account,” McKendrick said through tears. It all started in March when McKendrick spotted an odd charge on his credit card for what he thought was Norton Security Protection. He said he Googled the company and called a number he found. The person who answered said he needed remote access to his computer to check whether their software was installed. “So I gave them access to my computer to check and they said, ‘No, you don’t have Norton installed, but look what we found. We found all these hackers,” McKendrick said. McKendrick says he was convinced that he needed their expertise. “He said, ‘Well, what we are going to do is we are going to put money into your bank account and that will be what triggers the hackers,” he said. His desktop was suddenly flooded with pop-up scam tabs so McKendrick gave Thomas the deceptive expert his account info and watched what he thought was his bank balance go up by $10,000. “Then, my job was to go and withdraw that money from my account. What I would do to return the money would be to go to a Bitcoin machine,” he said. McKendrick repeated that process every day for a week, each time scanning and sending a receipt to the agent. “So he was assured he would get his money back. Well, as it turns out, that was my money he was getting back,” McKendrick said. By the time he caught on, $94,000 was gone. Money he’s been saving for a final goodbye to his late wife. “I was planning out things where I was going to spend part of it on a lovely celebration in London, the funeral service we were going to have,” he said through tears. McKendrick filed a police report and has spoken to his local representatives and reached out to his bank. He said even if he doesn’t get his money back, he hopes his story will stop someone else from making the same mistakes.

WEST PALM BEACH, Fla. —

John McKendrick said he…

Source…

As NATO celebrates 74th anniversary, Royal Navy a crucial ally of the organization — MercoPress

/in


As NATO celebrates 74th anniversary, Royal Navy a crucial ally of the organization

Tuesday, April 4th 2023 – 21:38 UTC


Relations between the Royal Navy and NATO have ‘never been closer’ as the alliance marks 74 years since its creation this month amid continued global instability. British warships spent nearly 10,000 hours – 60 weeks – on NATO operations in 2022 and that pace has continued unabated in the first four months of 2023.

The Royal Navy is at the heart of galvanized NATO efforts as Russia’s unprovoked war in Ukraine continues, securing Europe’s crucial waterways and chokepoints for the prosperity of allies and partners.

“While the Royal Navy has always supported NATO maritime operations, since the illegal invasion of Ukraine by Russia over a year ago, we have worked even more closely with our NATO allies at sea,” said Deputy Assistant Chief of Staff at the Maritime Operations Centre in Northwood, Captain Steve Banfield.

“Collaboration between NATO and the RN has never been closer; in particular in the execution of coordinated Maritime Security operations and exercises in the Norwegian Sea, North Sea, Baltic and the Mediterranean.”

From the freezing Arctic and Baltic, to the endless grey of the North Atlantic and azure waters of the Mediterranean, Royal Navy warships, submarines and aircraft have operated side by side with allies and partners so far in 2023, supporting peace and prosperity in Europe.

Patrol ship HMS Mersey recently operated in the Baltic to ensure the security and stability of the region as part of the Joint Expeditionary Force, a multinational defense framework complementary to NATO which is committed to Euro-Atlantic security with the Baltic region as one of its focus areas.

Amphibious flagship HMS Albion, HMS Somerset and RFA Mounts Bay have just returned from the Arctic where they were at the heart of an allied task group working on Norwegian security and NATO’s ability to protect its northern flank. 

Elsewhere in the Arctic Circle, Royal Marines and Commando…

Source…

CISA hires Navy cyber expert to help oversee vulnerability management

/in


The Cybersecurity and Infrastructure Security Agency tapped a Navy leader in cyber and network operations Wednesday to lead its efforts to mitigate potential vulnerabilities and information security weaknesses. 

The nation’s cyber defense agency named Sandy Radesky as the associate director of vulnerability management in a statement posted to CISA’s official Twitter account.

Radesky, who previously served as the deputy command information officer for the U.S. Fleet Cyber Command since December 2020, is a longtime veteran of cyber operations, has spent most of her career supporting the Department of Defense.

She served as the director of analytics for the COVID-19 Countermeasures Acceleration Group beginning in June 2021, where she led a team of “data scientists, logisticians and technologists” to help optimize the process of distributing 400 million vaccinations as part Operation Warp Speed, according to her Navy profile

Prior to that, Radesky served as deputy director of operations at Joint Force Headquarters Department of Defense Information Network at Fort Meade, Maryland, helping oversee enterprise-wise command and control and cyberspace missions. 

A seven-year tenure at the Defense Information Systems Agency ultimately saw her lead the Global Operations Command Defensive Cyber Operations Security Center, its largest operational command tasked with safeguarding the DODIN network. 

The news comes as CISA and the entire federal government face an ever-increasing threat landscape of cyber vulnerabilities. Radesky’s appointment was announced just days after the agency added another Microsoft zero day vulnerability to its catalog of known vulnerabilities that the company said can allow an attacker to gain system privileges after successfully logging in and running a specially crafted application. 

CISA has given all federal agencies until January 31 to patch the bug, titled CVE-2023-21674.

Radesky has also worked as an engineer and project manager for multiple information security and cybersecurity firms in the private sector, including as an engineer for MITRE and an information security analyst at CSC. She previously served as a communications operator in the U.S. Air…

Source…