Tag Archive for: russian

Kent County Council computers targeted by ‘millions’ of Chinese and Russian hackers

/in


Millions of Chinese and Russian hackers have tried to infiltrate the cyber defences of Kent County Council during the coronavirus crisis.

Activists across the world made 76 million unsuccessful attempts at harvesting information stored at County Hall, Maidstone, between October to December last year.

County Hall at Maidstone has been under cyber attack
County Hall at Maidstone has been under cyber attack

Experts have revealed there were 38 million attacks by hackers from Vladimir Putin’s Russia and another 30 million from Xi Jinping’s China.

Andy Cole, head of technology strategy and commissioning at KCC, told a virtual panel of Kent councillors earlier today : “This is significant. It is like 76 million knocks on your door.”

The council, supported by the National Cyber Security Council, has imposed a “zero-trust” approach tightening up on data loss protection, identity management and additional auditing.

Mr Cole, a former IT manager at the Kent Messenger Group, said: “There has been an increase in cyber activity over the last 12 months. Some have been raised by the pandemic and people taking advantage of the public wanting information on Covid.

“There has been an increase in phishing and spam emails, between 40% and 50% of all emails received.

Computer code on a screen with a skull representing a computer virus attack
Computer code on a screen with a skull representing a computer virus attack

“We have been getting persistent attempts from activists to penetrate our ICT borders.”

He said the council’s IT cloud services had “substantially” reduced the impact of cyber security attacks and helped protect staff during the pandemic.

There have also been software updates including Microsoft Office 365.

The news comes eight months after an anonymous criminal gang demanded an £800,000 Bitcoin ransom from KCC-owned Kent Commercial Services Group and then leaked private information on the dark web.

They encrypted a “significant number” of systems and data but no ransom was paid. No personal data was stolen.

County Hall, Maidstone
County Hall, Maidstone

Meanwhile, there were several high-profile UK cases of successful cyber-attacks over the past year including the publication of personal details of council staff and residents from Hackney Council last October

Mr Cole added: “We continue to mitigate current and emerging cyber threats by…

Source…

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

/in


Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities.

“The purpose of the attack was the mass contamination of information resources of public authorities, as this system is used for the circulation of documents in most public authorities,” the National Security and Defense Council of Ukraine (NSDC) said in a statement published on Wednesday.

The NSDC’s National Coordination Center for Cybersecurity (NCCC) termed it a supply chain attack aimed at the System of Electronic Interaction of Executive Bodies (SEI EB), which is used to distribute documents to officials.

Calling it a work of threat actors with ties to Russia, the NSDC said the malicious documents came embedded with a macro that, when opened, stealthily downloaded malicious code to control the compromised system remotely.

“The methods and means of carrying out this cyberattack allow to connect it with one of the hacker spy groups from the Russian Federation,” the agency said.

While the NSDC did not take any names, it’s not immediately clear when the attack took place, how long the breach lasted, and if any of the infections were successful.

The development comes two days after the NSDC and NCCC warned of massive distributed denial-of-service (DDoS) attacks singling out websites belonging to the security and defense sector, including that of the NSDC.

“It was revealed that addresses belonging to certain Russian traffic networks were the source of these coordinated attacks,” the NSDC said, while stopping short of directly accusing the country.

The NCCC also stated the “attackers used a new mechanism of cyberattacks” that involved using a previously undocumented strain of malware that was planted on vulnerable Ukrainian government servers, and in the process, coopted the devices into an attacker-controlled botnet.

The infected systems were then used to carry out further DDoS attacks on other Ukrainian sites, the agency said.

Source...


[the_ad_group id="27628"]

Suspected Russian hack fuels new US action on cybersecurity

/in


WASHINGTON (AP) — Jolted by a sweeping hack that may have revealed government and corporate secrets to Russia, U.S. officials are scrambling to reinforce the nation’s cyber defenses and recognizing that an agency created two years ago to protect America’s networks and infrastructure lacks the money, tools and authority to counter such sophisticated threats.

The breach, which hijacked widely used software from Texas-based SolarWinds Inc., has exposed the profound vulnerability of civilian government networks and the limitations of efforts to detect threats.

It’s also likely to unleash a wave of spending on technology modernization and cybersecurity.

“It’s really highlighted the investments we need to make in cybersecurity to have the visibility to block these attacks in the future,” Anne Neuberger, the newly appointed deputy national security adviser for cyber and emergency technology said Wednesday at a White House briefing.

The reaction reflects the severity of a hack that was disclosed only in December. The hackers, as yet unidentified but described by officials as “likely Russian,” had unfettered access to the data and email of at least nine U.S. government agencies and about 100 private companies, with the full extent of the compromise still unknown. And while this incident appeared to be aimed at stealing information, it heightened fears that future hackers could damage critical infrastructure, like electrical grids or water systems.

President Joe Biden plans to release an executive order soon that Neuberger said will include about eight measures intended to address security gaps exposed by the hack. The administration has also proposed expanding by 30% the budget of the U.S. Cybersecurity and Infrastructure Agency, or CISA, a little-known entity now under intense scrutiny because of the SolarWinds breach.

Biden, making his first major international speech Friday to the Munich Security Conference, said that dealing with “Russian recklessness and hacking into computer networks in the United States and across Europe and the world has become critical to protecting our collective security.”

Republicans and Democrats in Congress have called for expanding the size…

Source…

Russian hack brings changes, uncertainty to U.S. court system

/in


Trial lawyer Robert Fisher is handling one of America’s most prominent counterintelligence cases, defending an MIT scientist charged with secretly helping China. But how he’ll handle the logistics of the case could feel old school: Under new court rules, he’ll have to print out any highly sensitive documents and hand-deliver them to the courthouse.

Until recently, even the most secretive material — about wiretaps, witnesses and national security concerns — could be filed electronically. But that changed after the massive Russian hacking campaign that breached the U.S. court system’s electronic case files and those of scores of other federal agencies and private companies.

The new rules for filing sensitive documents are one of the clearest ways the hack has affected the court system. But the full impact remains unknown. Hackers probably gained access to the vast trove of confidential information hidden in sealed documents, including trade secrets, espionage targets, whistleblower reports and arrest warrants. It could take years to learn what information was obtained and what hackers are doing with it.

It’s also not clear that the intrusion has been stopped, prompting the rules on paper filings. Those documents are now uploaded to a stand-alone computer at the courthouse — one not connected to the network or Internet. That means lawyers cannot access the documents from outside the courthouse.

Fisher is defending Gang Chen, a nanotechnology researcher fighting charges that he defrauded the U.S.

“It would be cumbersome if we do have to start filing pleadings during the litigation on paper. That’s going to be more difficult,” Fisher said. “Particularly during COVID. Most of us are working from home.”

The Russian intrusion through the SolarWinds software has President Biden in an early tussle with his Russian counterpart, President Vladimir Putin, and U.S. senators are worried about the “grave risk” to U.S. intelligence.

The Administrative Office of U.S. Courts confirmed the court system breach on Jan. 6, joining a victims’ list that includes the State Department, the National Institutes of Health, tech companies and an unknown number of Fortune 500…

Source…