Tag Archive for: Sophisticated

US journalists targeted by foreign hackers who show sophisticated understanding of American politics

/in


As Chinese hackers scrambled to ascertain whether there would be a peaceful transfer of power in the US, they tried to break into the email accounts of high-profile US journalists, who can be softer targets for hackers than officials on US government networks.

The newly revealed hacking campaign shows just how valuable a target journalists can be to intelligence services in search of clues about US policy. To try to lure them, the attackers wrote email subject lines about then-President Donald Trump’s attempts to overturn the 2020 election, pandemic relief legislation and other enticing issues.

It’s unclear how successful the hacking campaign was — Proofpoint said it blocked the malicious emails that it found. But more journalists need to be aware of the issue because the number of capable hacking groups targeting journalists is “unprecedented,” said Ryan Kalember, Proofpoint’s executive vice president for cyber strategy. “And it’s only likely to increase.”

Proofpoint attributed the Chinese hacking efforts to a group that the UK government has linked with China’s civilian intelligence agency, the Ministry of State Security.

CNN has requested comment from the Chinese Embassy in Washington, DC. Beijing routinely denies hacking allegations and has repeatedly accused the US of engaging in cyber attacks against China.

Journalists are perennial targets for cyber espionage because they regularly interact with US government officials, whistleblowers and critics of authoritarian regimes — information that foreign intelligence services look to exploit. And breaching the computer network of a major newsroom could offer the hackers a foothold for a long-running intelligence collection effort.

Cybersecurity vigilance is all the more necessary for journalists, experts say, as the US prepares for midterm elections this fall and foreign actors may try to use media outlets to sow discord or spread disinformation about voting — as Russian operatives did in the 2016 presidential election.

Newsrooms should “take the time to review [hacking] incidents affecting others in your industry,” advised Runa Sandvik, the former senior director for information security at The New York Times. “Have a plan in place….

Source…

‘Sophisticated’ Ransomware Attack Hits Westchester Libraries

/in


WESTCHESTER COUNTY, NY — Several days after a ransomware attack was detected, officials announced that library cardholders’ personal information was not likely compromised.

The Westchester County Library System confirmed that its network was the target of a ransomware attack last week but said it does not believe that patrons’ personal information was ever at risk.

“The security measures in place were able to prevent the brunt of the attack,” library officials said in a statement. “No patron data was compromised as a result of this attack. Due to the nature of the public computers, they were easier to exploit. Although WLS has removed the most visible elements of the Ransomware and the machines may appear to be usable, we feel it is pertinent to do a full computer restore due to the sophisticated nature of this attack.”

Find out what’s happening in New Rochellewith free, real-time updates from Patch.

The library said that IT specialists are working to make sure all public machines are safe to use but are leaving most of the public computers offline until it can be confirmed that the public terminals are safe to use.

The Larchmont Public Library said they only recently learned of last week’s security breech.

Find out what’s happening in New Rochellewith free, real-time updates from Patch.

“The Westchester Library System informed us yesterday that the public internet terminals’ hard drives need to be wiped,” the library told patrons on Friday. “Considering that there are 500 terminals in 38 different libraries the process will take 1 1/2 to 2 weeks.”

Larchmont, Harrison and Mamaroneck public libraries have since notified cardholders that public terminals have been taken offline, but public Wi-Fi remains available. The Lewisboro Library said its terminals would remain unavailable indefinitely, but the library would be providing laptops to use in person at the library or to check out to bring home while the public computers are out of commission.

In July of 2019, the Westchester County Library System took its public computer terminals offline as a security precaution following a similar ransomware attack. There was no evidence that patrons’ sensitive personal information was…

Source…

Rideau Hall cyberbreach was ‘sophisticated’ incident, internal documents show – National

/in


Newly disclosed documents reveal the breach of an internal computer network at Rideau Hall was described to senior government officials as a “sophisticated cyber incident” in the days before the public was told of the security lapse.

Internal government emails, obtained by The Canadian Press through the Access to Information Act, also say officials were “unable to confirm the full extent of the information that was accessed.”

Read more:

Rideau Hall internal cyber network hit by ‘breach’ — effects unclear

As a result, the Office of the Secretary to the Governor General was looking to make credit monitoring services available to employees due to concerns that sensitive personal information might have been pilfered.

All managers were encouraged “to reflect on the information holdings they manage in their respective units” and raise any concerns they might have, says a Nov. 17, 2021, draft of a message that was to shared with Rideau Hall employees.

Story continues below advertisement

In a Dec. 2 news release, the Office of the Secretary to the Governor General said there was “an unauthorized access to its internal network” and that it was working on the investigation with the Canadian Centre for Cyber Security – a wing of the Communications Security Establishment, Canada’s electronic spy service.

It mentioned efforts to improve computer networks as well as consultation with the federal privacy commissioner’s office.

Ciara Trudeau, a spokeswoman for the Office of the Secretary, said it communicated with Rideau Hall employees and “external partners who may have been affected by the incident.”

However, she declined to provide a general update on the breach, the sort of information accessed, or other details about how and why it took place.

Trudeau also would not discuss the provision of secure credit monitoring services to employees.

The internal emails indicate several senior Privy Council Office officials were advised of the breach two weeks before the event was made public.

Trending Stories

Source…

Ukraine Says It Thwarted a Sophisticated Russian Cyberattack on Its Power Grid

/in


The attackers may have broken into the electrical company’s systems as early as February, Ukrainian officials said, but they emphasized that some details of the attack, including how the intruders made their way into the company’s systems, were not yet known.

Officials declined to name the company that suffered the breach and the region its substations are in, citing fears of continuing cyberattacks.

“It is self-evident that the aggressor’s team, the malefactors, had enough time to get prepared very thoroughly and they planned the execution on a sophisticated, high-quality level,” said Victor Zhora, the deputy head of Ukraine’s cybersecurity agency, the State Service of Special Communications and Information Protection. “It looks that we have been very lucky that we were able to respond in a timely manner to this cyberattack.”

Ukrainian companies in finance, media and energy have been subject to regular cyberattacks since the war began, according to Mr. Zhora. His agency said that since Russia’s invasion began, it had recorded three times as many attacks as it had tracked in the previous year.

The use of wiper malware has become a persistent problem in Ukraine since the war began, with attacks hitting Ukrainian critical infrastructure, including government agencies responsible for food safety, finance and law enforcement, cybersecurity researchers said.

Hackers have also broken into communications systems, including satellite communication services and telecom companies. Investigations into those breaches are continuing, although cybersecurity…

Source…