Tag: official | SpinSafe

U.S. still finding victims of advanced China-linked hacking campaign, NSA official says

March 15, 2024/in Computer Security

The U.S. is still identifying victims targeted by an extensive China-backed hacking campaign that became the subject of a recent FBI takedown operation and other advisories from officials over the past year, a top NSA cyber official said.

Rob Joyce, the agency’s outgoing cybersecurity director, said on Friday that the U.S. is still finding victims of the Volt Typhoon hacking collective that’s been latching onto critical infrastructure through compromised equipment including internet routers and cameras, and that NSA is not yet done with efforts to eradicate such threats.

The clandestine activities, which are said to be backed by the Chinese government, have allowed the hackers to conceal their intrusions into U.S. and foreign allies’ systems for at least five years, officials have previously said.

The FBI in January announced it had jettisoned a significant portion of the group’s operations from compromised equipment it had burrowed into. These claims were subsequently affirmed by analysis from the private sector. But Friday’s remarks indicate there is still a way to go before Volt Typhoon is completely eradicated from U.S. networks.

Joyce, who was speaking to a group of reporters, declined to give a precise account of how many victims were remaining, but said the Chinese cyberspies are using tradecraft that’s difficult to uncover because of its reliance on stolen administrator credentials which allow them to more easily mask exploits.

The Volt Typhoon group has been carrying out “station keeping” activities, in an effort to preposition themselves to take down key infrastructure like transportation networks, he said. As for when the dismantling order would come down from Chinese authorities, the agency assesses it would be a “pretty high bar” reserved for major conflict like a possible Chinese invasion of Taiwan, he said.

The Volt Typhoon hackers have been using “living off the land techniques” that allow them to hide inside systems and bypass detection, previous U.S. reports said, noting that they have breached American facilities in Guam, as well as other key infrastructure in facilities both inside and outside the U.S.

Joyce added that NSA has been able to…

Source…

A Green Energy Giant Was Defrauded Of $800,000–The Hackers Sent $50,000 To A Nigerian Oil Official, FBI Says

November 7, 2023/in Internet Security

Nordex, one of the world’s largest wind turbine makers, was defrauded by hackers, who sent some of their loot to a Nigerian official, according to a federal court document.

getty

This is the web version of this week’s edition of The Wiretap newsletter, which every Tuesday brings exclusives and other news about surveillance, privacy and cybercrime, straight to your inbox. Click here to get on the newsletter list!

In June last year, hackers took control of an email account belonging to an employee at heavy machinery manufacturer Mountain Crane. The hackers used their access to send an invoice totalling $1.75 million to one of the company’s customers, wind turbine giant Nordex, which then unwittingly paid the hackers over $800,000. A month later, Nordex realized it had been defrauded and contacted the FBI.

The fraud, outlined in a search warrant obtained by Forbes, was a classic case of what’s known as Business Email Compromise (BEC), one of the most common and financially devastating cyberattacks, costing the U.S. $2.7 billion in 2022 alone. But something strange caught the FBI’s attention: $50,000 of the stolen funds were sent to the bank account of Dr. Kelechi Ofoegbu, a Nigerian government official and regulator of the oil and gas industry. Ofoegbu is currently an executive commissioner at the Nigerian Upstream Petroleum Regulatory Commission, and previously worked at energy giants Shell and Eland Oil & Gas.

Ofoegbu has strenuously denied any wrongdoing and said funds from his bank account were wrongly seized. “I am completely innocent and would crave an opportunity to prove this,” he told Forbes. He said he has been banned from travelling to the U.S. and was only made aware of the Nordex fraud after Forbes contacted him about the allegations.

The Department of Justice declined to comment any further on the case. Mountain Crane didn’t respond to requests for comment. Nordex spokesperson Antje Eckert said the company was working with law enforcement on the case, adding that the company had been told the FBI recovered the full amount paid.

Why Ofoegbu allegedly had the money in his account remains a mystery, however. You can read the court document on the case

Source…

Week 36 in review: Oppo A38 announced, Moto G54 goes official, more iPhone 15 rumors

September 10, 2023/in Mobile Security

10 September 2023

The first week of September brought more to the rumor mill for the usual suspects. The iPhone 15 series will offer camera upgrades across the board with the 15 and 15 Plus getting all-new 48MP Sony sensors with a stacked design and an f/1.6 aperture. The second shooter on the back will be the same old 12MP, f/2.4 ultrawide. We prepared a more detailed what to expect article which you can check out here.

The 15 Pro will retain the 48MP main shooter from its predecessor but it’s rumored to be joined by an improved 13MP f/2.4 ultrawide lens. The 15 Pro Max will get the biggest update with a new 12.7MP periscope lens (1/1.9″ sensor; f/2.8 aperture) with 5x optical zoom. We also got to see dummy units for all four of the iPhone 15 series devices confirming Dynamic Islands on the non-Pros and the new Action Buttons on the Pro models.

Google showcased the Pixel 8 Pro in full glory on its own website in detailed render form. The flagship Pixel will be available in Licorice, Porcelain and Sky colors and we got more confirmation of the previously leaked design. Google is also rumored to release Android 14 at the Pixel 8 launch event on October 4.

Samsung announced Thom Browne Editions of its Galaxy Z Fold5 and Watch6. The Samsung Galaxy S24 is rumored to get a titanium frame, upgraded 200MP main and 50MP telephoto cameras and a Snapdragon 8 Gen 3 chip.

Oppo launched its A38 midranger with a Helio G85 chipset, 50MP main cam, 90Hz IPS LCD and a 5,000 mAh battery with 33W fast charging. The device comes in Black and Gold colors but we still don’t have any pricing and availability details.

Motorola launched the G54 with two version – one for China and a slightly different model for India. Both Motos feature 6.5” IPS LCDs (120Hz), MediaTek’s Dimensity 7020 chipset and 50MP main cams. The Indian model brings a larger 6,000 mAh battery with 33W charging while the Chinese version relies on a 5,000 mAh cell with 15W charging.

Xiaomi will launch its 13T lineup on September 26 and we got confirmation both the 13T and 13T Pro will receive 4 Android updates and 5 years of security patches. Motorola will announce its Edge 40 Neo on September 14.

Here are all the…

Source…

Surge in Hospital Hacks Endangers Patients, Cyber Official Says

September 7, 2023/in Internet Security

BOSTON—A record year for cyberattacks on U.S. hospitals is putting patients in danger, as hospitals struggle to cope with disabled equipment and frozen data, an official from the American Hospital Association warned Thursday.

Hackers, especially ransomware groups, are routinely taking down medical applications and internet connections, and freezing up patient and operations data, John Riggi, national adviser for cybersecurity and risk at the AHA, said, speaking at a meeting of the Healthcare Information and Management Systems Society.

“Email and phones go down. Backup computers generally don’t work or have only about three days of data on them,” Riggi said. “We have seen this consistently,” he told the audience of healthcare technology and cyber leaders.

Healthcare companies, including well-known national hospital operators, continue to be battered by hackers. Services remain disrupted at hospitals owned by private-equity firm Prospect Medical Holdings since a cyber incident in early August. Prospect didn’t immediately respond to a request for comment.

Scripps Health, a large San Diego-based care provider, sent some patients to two emergency departments at two area hospitals when it was hit with ransomware in 2021. The move caused care delays and increased patient wait times at those facilities, a study in the Journal of the American Medical Association showed.

Since January, the medical data of more than 61 million people has been stolen or exposed in more than 400 cyberattacks, according to statistics from the U.S. Department of Health and Human Services. This vastly outpaces activity in 2022 and 2021.

The average number of patients affected in a hack is 180,000, tripling in the past three years, Riggi said. Most of the data is stolen from network servers and email accounts, as opposed to electronic medical records, he said, which indicates hospitals aren’t taking care to encrypt most of the information.

That these attacks also disable radiology, scanning and other equipment used to diagnose strokes and treat…

Source…

Tag Archive for: official

This is the web version of this week’s edition of The Wiretap newsletter, which every Tuesday brings exclusives and other news about surveillance, privacy and cybercrime, straight to your inbox. Click here to get on the newsletter list!