Tag Archive for: Response

Scathing federal report rips Microsoft for response to Chinese hack

/in


BOSTON — 

In a scathing indictment of Microsoft corporate security and transparency, a Biden administration-appointed review board issued a report Tuesday saying “a cascade of errors” by the tech giant let state-backed Chinese cyber operators break into email accounts of senior U.S. officials including Commerce Secretary Gina Raimondo.

The Cyber Safety Review Board, created in 2021 by executive order, describes shoddy cybersecurity practices, a lax corporate culture and a lack of sincerity about the company’s knowledge of the targeted breach, which affected multiple U.S. agencies that deal with China.

It concluded that “Microsoft’s security culture was inadequate and requires an overhaul” given the company’s ubiquity and critical role in the global technology ecosystem. Microsoft products “underpin essential services that support national security, the foundations of our economy, and public health and safety.”

The panel said the intrusion, discovered in June by the State Department and dating to May, “was preventable and should never have occurred,” and it blamed its success on “a cascade of avoidable errors.” What’s more, the board said, Microsoft still doesn’t know how the hackers got in.

The panel made sweeping recommendations, including urging Microsoft to put on hold adding features to its cloud computing environment until “substantial security improvements have been made.”

It said Microsoft’s CEO and board should institute “rapid cultural change,” including publicly sharing “a plan with specific timelines to make fundamental, security-focused reforms across the company and its full suite of products.”

In a statement, Microsoft said it appreciated the board’s investigation and would “continue to harden all our systems against attack and implement even more robust sensors and logs to help us detect and repel the cyber-armies of our adversaries.”

In all, the state-backed Chinese hackers broke into the Microsoft Exchange Online email of 22 organizations and more than 500 individuals around the world — including the U.S. ambassador to China, Nicholas Burns — accessing some cloud-based email boxes for at least six weeks and downloading some 60,000 emails from the State…

Source…

Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack, ET Telecom

/in


Boston: In a scathing indictment of Microsoft corporate security and transparency, a Biden administration-appointed review board issued a report Tuesday saying “a cascade of errors” by the tech giant let state-backed Chinese cyber operators break into email accounts of senior US officials including Commerce Secretary Gina Raimondo. The Cyber Safety Review Board, created in 2021 by executive order, describes shoddy cybersecurity practices, a lax corporate culture and a lack of sincerity about the company’s knowledge of the targeted breach, which affected multiple US agencies that deal with China. It concluded that “Microsoft’s security culture was inadequate and requires an overhaul” given the company’s ubiquity and critical role in the global technology ecosystem. Microsoft products “underpin essential services that support national security, the foundations of our economy, and public health and safety.”

The panel said the intrusion, discovered in June by the State Department and dating to May “was preventable and should never have occurred,” blaming its success on “a cascade of avoidable errors.” What’s more, the board said, Microsoft still doesn’t know how the hackers got in.

The panel made sweeping recommendations, including urging Microsoft to put on hold adding features to its cloud computing environment until “substantial security improvements have been made.”

It said Microsoft’s CEO and board should institute “rapid cultural change” including publicly sharing “a plan with specific timelines to make fundamental, security-focused reforms across the company and its full suite of products.”

In a statement, Microsoft said it appreciated the board’s investigation and would “continue to harden all our systems against attack and implement even more robust sensors and logs to help us detect and repel the cyber-armies of our adversaries.”

In all, the state-backed Chinese hackers broke into the Microsoft Exchange Online email of 22 organisations and more than 500 individuals around the world including the US ambassador to China, Nicholas Burns – accessing some cloud-based email boxes for at least six weeks and downloading some…

Source…

Veeam’s New ‘Cyber Secure Program’ Teams Tech with Ransomware Response Experts — Virtualization Review

/in


News

Veeam’s New ‘Cyber Secure Program’ Teams Tech with Ransomware Response Experts

Along with purpose-built technology to combat ransomware, Veeam Software’s new Cyber Secure Program also offers up a team of experts to help organizations wield that tech to fight threat actors.

“When there is an attack, customers are connected with Veeam’s dedicated Ransomware Response Team and the program offers post-incident support to enable rapid recovery,” said the specialist in data protection and ransomware recovery.

The three-pronged approach of Veeam Cyber Secure includes the expert help for secure design and implementation along with ransomware recovery support backed up by a recovery warranty for help in all three phases of an attack: pre-incident, during incident and post-incident.

The teams of experts include a dedicated support account manager and “Ransomware SWAT Team” to help with immediate action in case of a cyber incident

The new offering comes in the wake of the company’s 2024 Data Protection Report that revealed ransomware is still plaguing IT as the No 1. cause of server outages.


Causes of Outages
[Click on image for larger view.] Causes of Outages (source: Veeam).

“Consider the past 12 months: 76 percent of organizations have been attacked at least once, with 26 percent reporting being attacked at least four times and only 13 percent believe they can recover successfully after an attack,” Veeam said. “It’s clear that organizations need a comprehensive cyber protection and support program, ultimately ensuring they are well-prepared when cyberattacks occur.”

A Jan. 31 news release further fleshed out the new program’s three key components.

  • Confident Security: Attentive and dedicated design and implementation assistance to ensure Veeam best practices in securely implementing Veeam solutions to the highest security standards. Customers receive advanced seven-phase onboarding support and rigorous quarterly security…

Source…

Hackers hit Moscow internet provider in response to Kyivstar cyber attack, ET Telecom

/in



<p>cyberattacks </p>
cyberattacks

By James Pearson and Tom Balmforth

LONDON: Hackers linked to Ukraine’s main spy agency have breached computer systems at a Moscow-based internet provider in retaliation for a Russian cyber attack against Ukrainian telecom giant Kyivstar, a source with direct knowledge of the operation told Reuters on Tuesday.

The hacking group, dubbed “Blackjack”, has previously been linked to the Security Service of Ukraine (SBU). The hackers deleted 20 terrabytes of data at M9 Telecom, a small Russian internet and TV provider, leaving some Moscow residents without internet, the source said.

The digital intrusion was a warm-up for a larger cyber attack which would be “serious revenge for Kyivstar”, the source said, citing the hackers. The source did not say when the hack took place.

M9 Telecom did not respond to an emailed request for comment. The company’s website was still online on Tuesday, despite claims by the hacking group that it had been destroyed.

Reuters was unable to independently verify the extent to which the hack was successful. Reached by phone, M9 Telecom’s CEO Andrey Pavolvsky declined to comment.

Kyivstar, Ukraine’s largest mobile network operator, was knocked offline by Russian spies last month in what appeared to be the largest cyber attack since Moscow launched its war on the country in February 2022.

Russian hackers were inside Kyivstar’s systems for months before the attack, Ukraine’s cyber spy chief, Illia Vitiuk, told Reuters last week. The hack caused “disastrous” destruction at the company, he said.

Separately, Ukraine’s military intelligence agency, the GUR, said late on Monday that it had received a large cache of classified Russian military data from the Special Technology Centre (STC), a sanctioned Russian company which produces the Orlan drone and a range of intelligence equipment for Moscow.

Source…