Did U.S. hack China? NSA dodges question
American cyber officials are avoiding complaints from the Chinese government that the National Security Agency hacked into China’s sensitive networks and stole intellectual property.
Tag Archive for: nsa
Microsoft & NSA expose Chinese-sponsored Volt Typhoon hacking group
❘ Published: 2023-05-26T12:29:45
❘ Updated: 2023-05-26T12:29:51
A hacker group named Volt Typhoon has been exposed by the NSA and Microsoft, as they issue a new cybersecurity warning around its actions online.
Microsoft and the NSA have published a security bulletin detailing how a hacking group, Volt Typhoon, managed to work its way into “critical infrastructure organizations in the United States”. Outside of the concern surrounding the hacks, Microsoft has stated that they are “a state-sponsored actor based in China”.
Volt Typhoon have been active since 2021, having struck Guam and the United States previously. Previous attacks have seen everything from transportation, construction, and education sectors of the US’ infrastructure attacked since they appeared on the scene.
Article continues after ad
Microsoft details hacking group’s techniques for hitting infrastructure
Microsoft / PexelsThe theorized idea behind the hack attempts appears to be the disruption of “critical communications infrastructure”. If a crisis were to occur in the future, could potentially put communication in jeopardy between the US and Asia.
A key point of entry that Microsoft has pinpointed as an issue is Fortinet FortiGuard devices. These devices are vital parts of security on networks in industries. Once Volt Typhoon has harvested credentials, it blasts the network trying to find a way into the network through SOHO (small home and home office) network devices, like home routers.
Article continues after ad
Once it has found access to the network, Microsoft says that Volt Typhoon can “expose HTTP or SSH management interfaces to the internet”. Breaking that down, it just allows external users to issue commands as if they were on the PC. Of course, the user themselves can prevent this, and have been advised to close off access.
Subscribe to our newsletter for the latest updates on Esports, Gaming and more.
An interesting thing to note about Volt Typhoon’s activity is that Microsoft says they rarely use malware in their attacks. Instead, once they’ve gained enough access, they use anything from basic to advanced command line instructions…
Biden taps Air Force General for NSA, Cyber
U.S. President Joe Biden has nominated Air Force Lieutenant General Timothy Haugh to head both the National Security Agency (NSA) and U.S. Cyber Command, a U.S. official said on Tuesday. The official confirmed a Politico report that cited an Air Force notice sent out Monday. Haugh is now the deputy commander of the military’s U.S. Cyber Command, reporting to the current NSA and Cyber Command chief, Paul Nakasone. The Associated Press has the story:
Biden taps Air Force Genral for NSA, Cyber
Newslooks- WASHINGTON (AP)
President Joe Biden has chosen a new leader for the National Security Agency and U.S. Cyber Command, a joint position that oversees much of America’s cyber warfare and defense.
Air Force Lt. Gen. Timothy Haugh, the current deputy commander of Cyber Command, would replace Army Gen. Paul Nakasone, who has led both organizations since May 2018 and was expected to step down this year, according to a notice sent by the Air Force this week and confirmed by a person familiar with the announcement. The person spoke on condition of anonymity to discuss personnel matters not yet made public.
If confirmed, Haugh will take charge of highly influential U.S. efforts to bolster Ukraine’s cybersecurity and share information with Ukrainian forces fighting Russia’s invasion. He will also oversee programs to detect and stop foreign influence and interference in American elections, as well as those targeting criminals behind ransomware attacks that have shut down hospital systems and at one point a key U.S. fuel pipeline.
Politico first reported that Haugh was picked.
It’s unclear whether Haugh will be affected by a Republican senator’s blockade of all military nominations. Sen. Tommy Tuberville of Alabama has for months objected to the Pentagon’s policy of providing travel money and support to troops seeking abortions but based in states with abortion bans.
Haugh’s nomination to lead both the NSA and Cyber Command reflects the White…
NSA Publishes Internet Protocol Version 6 (IPv6) Security Guidance
The National Security Agency (NSA) published guidance today to help Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with a transition to Internet Protocol version 6 (IPv6).
“IPv6 Security Guidance” highlights how several security issues can surface in networks that are new to IPv6, or in early phases of the IPv6 transition. Networks new to IPv6 lack maturity in IPv6 configurations and tools, and dual-stacked networks, which run on IPv4 and IPv6 simultaneously, have an increased attack surface.
“The Department of Defense will incrementally transition from IPv4 to IPv6 over the next few years and many DoD networks will be dual-stacked,” said Neal Ziring, NSA Cybersecurity Technical Director. “It’s important that DoD system admins use this guidance to identify and mitigate potential security issues as they roll out IPv6 support in their networks.”