Tag Archive for: phase

Chinese hacking operations have entered a far more dangerous phase, US warns

/in


China’s cyber activity is moving beyond the last decade’s spying and data theft toward direct attacks on U.S. critical infrastructure, the directors of the FBA, NSA, and the Cybersecurity and Infrastructure Security Agency, or CISA, told lawmakers on Wednesday. 

The Volt Typhoon hacking group is planting malware on network routers and other internet-connected devices that, if triggered, could disrupt water, power, and rail services, possibly causing widespread chaos or even injuring and killing Americans, they said. 

While Russia is known for cyber attacks that cause real-world harm—for example, targeting U.S. political campaigns and Ukrainian power plants—China is viewed as far more risk-averse. It’s best known for cyber theft, of intellectual property or government information, such as the Office of Personnel Management hack uncovered in 2015. But Volt Typhoon, which Microsoft revealed last May, represents something far more threatening. 

At a meeting with reporters last week, a senior NSA official put the issue in starker terms. 

“They’re in places that they are not there for intelligence purposes. They are not there for financial gain. Those are two hallmarks of Chinese intrusions in other sets and other lanes,” the official said. 

China is still undertaking those activities, “but this is unique in that it’s prepositioning on critical infrastructure, on military networks, to be able to deliver effects at the time and place of their choosing so that they can disrupt our ability to support military activities or to distract us, to get us to focus on, you know, a domestic incident at a time when something’s flaring up in a different part of the world and they don’t want us facing the foreign aspects of that,” the official said.

FBI Director Christopher Wray underscored the seriousness to lawmakers on the House Select Committee on the CCP on Wednesday. 

“There has been far too little public focus on the fact that PRC hackers are targeting our critical infrastructure, our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems, and the risk that poses to every American requires our attention. Now, China’s…

Source…

Strategies for Businesses in the Phase of Growing Cyber Extortion Threats

/in


In the rapidlyadvancing digital age, businesses find themselves in an ongoing struggle against an invisible adversary called ransomware attacks. As cyber threats become more sophisticated and frequent, organizations are under increasing pressure to fortify their defenses and develop robust strategies to counter the growing menace of cyber extortion.

Ransomware, malicious software designed to block access to a computer system or files until a ransom is paid, has evolved into a pervasive and lucrative method for cybercriminals to exploit vulnerabilities in organizational networks. The consequences of falling victim to such attacks go beyond financial losses, encompassing severe operational disruptions, reputational damage, and compromised sensitive data. In fact, human error stands out as a primary entry point for ransomware attacks.

Therefore, in order to mitigate the risk, organizations are investing in comprehensive cybersecurity awareness training for employees. They are educating staff about the dangers of phishing emails and suspicious links, as well as the importance of robust password practices to reduce the risk of falling victim to ransomware.

Mr. Pallav Agarwal, Founder and CEO, HTS Solutions Pvt. Ltd., believes that ransomware resilience has become a significant concern as businesses navigate an era marked by escalating cyber threats. The growing sophistication of cybercriminals demands a proactive approach to safeguarding sensitive data and critical systems. As a result, in order to combat the menace of ransomware, businesses must adopt multi-faceted strategies. This is where updating and patching software, operating systems, and security applications regularly surfaced as significant ways to close the potential entry point for ransomware attackers.

Automated patch management systems streamline this process, ensuring timely updates and a more secure digital infrastructure. Furthermore, putting strong endpoint security in place—including cutting-edge antivirus and anti-malware software—offers a crucial line of defense against constantly changing cyber threats. Having current, safe backups is crucial in case of a ransomware attack. Thus, by regularly backing up important…

Source…

Army taps Lockheed for second phase of long-range EW, surveillance program

/in


Land Warfare, Networks / Cyber

Silhouette Electronic Warfare

U.S. Army Soldiers assigned to “Wild Bill” Platoon, 1st Squadron, 7th Cavalry Regiment and 1st Battalion, 4th Infantry Regiment conduct electronic warfare training during Combined Resolve XV, Feb. 23, 2021 at the Hohenfels Training Area. (U.S. Army photo by Sgt. Julian Padua)

WASHINGTON — Lockheed Martin will move onto the second phase of building out a prototype meant to provide formations larger than the brigade level with longer-range electronic warfare (EW) systems and situational awareness capabilities, beating out competitor General Dynamics Missions Systems (GDMS.) 

Under the contract, announced Tuesday by the Army, Lockheed will take its Terrestrial Layer System-Echelons Above Brigade (TLS-EAB) prototype from “design and lab-based demonstrations to a tangible form factor able to be tested in a relevant environment,” Lt. Col. Kris Haley, product manager for terrestrial spectrum warfare said. The award is worth up to $36.7 million for a 21-month period of performance. 

“The TLS-EAB is an extended-range, terrestrial sensing, collection, and electronic attack system providing integrated [signals intelligence], EW and cyber capabilities for situational awareness, situational understanding, Intelligence & Warning, command post survivability, critical asset protection operations, and supports the delivery of lethal and non-lethal effects in a holistic, synchronized manner for Multi-Domain Operations (MDO),” according to the announcement. Translation: It’s meant to better let commanders know the various threats they’re facing at a greater distance.

Lockheed will build the prototype TLS-EAB system at its facility in Syracuse, NY, “in the coming months,” according to a company press release. During the first phase of TLS-EAB development, both Lockheed and GDMS conducted “soldier touch points” to take feedback and incorporate it into their design phase. 

“Moving into this next phase, we are going to continue to embrace Soldier Touch Points to drive the design while leveraging a proven DevSecOps pipeline and an open architecture that will enable a highly interoperable, configurable 21st Century Security…

Source…

Ransomware Attacks Have Entered a ‘Heinous’ New Phase

/in


In February, attackers from the Russia-based BlackCat ransomware group hit a physician practice in Lackawanna County, Pennsylvania, that’s part of the Lehigh Valley Health Network (LVHN). At the time, LVHN said that the attack “involved” a patient photo system related to radiation oncology treatment. The health care group said that BlackCat had issued a ransom demand, “but LVHN refused to pay this criminal enterprise.” 

After a couple of weeks, BlackCat threatened to publish data stolen from the system. “Our blog is followed by a lot of world media, the case will be widely publicized and will cause significant damage to your business,” BlackCat wrote on their dark-web extortion site. “Your time is running out. We are ready to unleash our full power on you!” The attackers then released three screenshots of cancer patients receiving radiation treatment and seven documents that included patient information.

The medical photos are graphic and intimate, depicting patients’ naked breasts in various angles and positions. And while hospitals and health care facilities have long been a favorite target of ransomware gangs, researchers say the situation at LVHN may indicate a shift in attackers’ desperation and willingness to go to ruthless extremes as ransomware targets increasingly refuse to pay.

View more

 “As fewer victims pay the ransom, ransomware actors are getting more aggressive in their extortion techniques,” says Allan Liska, an analyst for the security firm Recorded Future who specializes in ransomware. “I think we’ll see more of that. It follows closely patterns in kidnapping cases, where when victims’ families refused to pay, the kidnappers might send an ear or other body part of the victim.”

Researchers say that another example of these brutal escalations came on Tuesday when the emerging ransomware gang Medusa published sample data stolen from Minneapolis Public Schools in a February attack that came with a $1 million ransom demand. The leaked screenshots include scans of handwritten notes that describe allegations of a sexual assault and the names of a male student and two female students involved in the incident.

“Please note, MPS has not paid…

Source…