Tag Archive for: telecom

Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack, ET Telecom

/in


Boston: In a scathing indictment of Microsoft corporate security and transparency, a Biden administration-appointed review board issued a report Tuesday saying “a cascade of errors” by the tech giant let state-backed Chinese cyber operators break into email accounts of senior US officials including Commerce Secretary Gina Raimondo. The Cyber Safety Review Board, created in 2021 by executive order, describes shoddy cybersecurity practices, a lax corporate culture and a lack of sincerity about the company’s knowledge of the targeted breach, which affected multiple US agencies that deal with China. It concluded that “Microsoft’s security culture was inadequate and requires an overhaul” given the company’s ubiquity and critical role in the global technology ecosystem. Microsoft products “underpin essential services that support national security, the foundations of our economy, and public health and safety.”

The panel said the intrusion, discovered in June by the State Department and dating to May “was preventable and should never have occurred,” blaming its success on “a cascade of avoidable errors.” What’s more, the board said, Microsoft still doesn’t know how the hackers got in.

The panel made sweeping recommendations, including urging Microsoft to put on hold adding features to its cloud computing environment until “substantial security improvements have been made.”

It said Microsoft’s CEO and board should institute “rapid cultural change” including publicly sharing “a plan with specific timelines to make fundamental, security-focused reforms across the company and its full suite of products.”

In a statement, Microsoft said it appreciated the board’s investigation and would “continue to harden all our systems against attack and implement even more robust sensors and logs to help us detect and repel the cyber-armies of our adversaries.”

In all, the state-backed Chinese hackers broke into the Microsoft Exchange Online email of 22 organisations and more than 500 individuals around the world including the US ambassador to China, Nicholas Burns – accessing some cloud-based email boxes for at least six weeks and downloading some…

Source…

Britain summons Chinese charge d’affaires over alleged cyber hacking, ET Telecom

/in


LONDON: Britain on Tuesday summoned the charge d’affaires of the Chinese Embassy in London after accusing Chinese state-backed hackers of stealing data from Britain’s elections watchdog and carrying out a surveillance operation against parliamentarians.

Britain said the Chinese hackers stole the voter registration data – mostly names and addresses – of about 40 million people from the Electoral Commission and tried to break into lawmakers’ emails.

“The (Foreign Office) set out the government’s unequivocal condemnation of Chinese state-affiliated organisations and individuals undertaking malicious cyber activity against UK democratic institutions and parliamentarians,” a spokesperson for Britain’s Foreign Office said in a statement.

A spokesman for Prime Minister Rishi Sunak said on Tuesday the government is close to finalising a new foreign influence registration system that would require anyone working undeclared for a foreign country in the so-called “enhanced tier” to declare their activity.

Under Britain’s new National Security Act, individuals, such as lawyers, a public relations company or an undercover spy working for a country in the “enhanced tier” would have to record their activity in a register or face prosecution.

British Deputy Prime Minister Oliver Dowden said on Monday that China’s alleged hacking of British democratic institutions meant there was a “strong case” for including the country in the enhanced tier.

China has denied the spying allegations. The Chinese embassy in London said on Monday the claims said the claims were ”completely fabricated” and it will make “a justified and necessary response”.

The British government has previously said it would be inappropriate to call China a “threat” because it is too simplistic to view relations with the world’s second biggest economy through a single word.

Source…

Hackers hit Moscow internet provider in response to Kyivstar cyber attack, ET Telecom

/in



<p>cyberattacks </p>
cyberattacks

By James Pearson and Tom Balmforth

LONDON: Hackers linked to Ukraine’s main spy agency have breached computer systems at a Moscow-based internet provider in retaliation for a Russian cyber attack against Ukrainian telecom giant Kyivstar, a source with direct knowledge of the operation told Reuters on Tuesday.

The hacking group, dubbed “Blackjack”, has previously been linked to the Security Service of Ukraine (SBU). The hackers deleted 20 terrabytes of data at M9 Telecom, a small Russian internet and TV provider, leaving some Moscow residents without internet, the source said.

The digital intrusion was a warm-up for a larger cyber attack which would be “serious revenge for Kyivstar”, the source said, citing the hackers. The source did not say when the hack took place.

M9 Telecom did not respond to an emailed request for comment. The company’s website was still online on Tuesday, despite claims by the hacking group that it had been destroyed.

Reuters was unable to independently verify the extent to which the hack was successful. Reached by phone, M9 Telecom’s CEO Andrey Pavolvsky declined to comment.

Kyivstar, Ukraine’s largest mobile network operator, was knocked offline by Russian spies last month in what appeared to be the largest cyber attack since Moscow launched its war on the country in February 2022.

Russian hackers were inside Kyivstar’s systems for months before the attack, Ukraine’s cyber spy chief, Illia Vitiuk, told Reuters last week. The hack caused “disastrous” destruction at the company, he said.

Separately, Ukraine’s military intelligence agency, the GUR, said late on Monday that it had received a large cache of classified Russian military data from the Special Technology Centre (STC), a sanctioned Russian company which produces the Orlan drone and a range of intelligence equipment for Moscow.

Source…

How this Ukrainian telecom company was hit by Russian hackers in one of the biggest cyberattack of war

/in


Russian hackers have hacked the system of Ukraine’s leading telecoms operator, Kyivstar, in a cyberattack that lasted for several days. The attack, which took place in December last year, affected approximately 24 million users and caused significant disruption to services. According to Reuters, the head of Ukraine’s cybersecurity department, Illia Vitiuk, revealed exclusive details about the attack, describing it as “disastrous” and aimed at causing psychological damage and gathering intelligence.

Vitiuk emphasized the importance of this attack as a warning to both Ukraine and the Western world, highlighting that no one is exempt from cyber threats. He noted that Kyivstar, being a wealthy and private company that heavily invested in cybersecurity, was targeted to send a strong message. The attack resulted in the destruction of numerous virtual servers and PCs, making it the first known instance of a cyberattack completely crippling a telecoms operator.

The Security Service of Ukraine (SBU) conducted an investigation and found evidence suggesting that the hackers had been inside Kyivstar’s system since at least May 2023, with full access likely gained in November. Vitiuk stated that the hackers could have potentially stolen personal information, intercepted SMS messages, and gained access to Telegram accounts. However, Kyivstar denied any leakage of personal or subscriber data, stating that they were collaborating with the SBU to investigate the attack and mitigate future risks.

Vitiuk further revealed that the SBU’s prompt response helped Kyivstar restore its systems and fend off subsequent cyberattacks. He acknowledged that the attack had a limited impact on Ukraine’s military, as they relied on different algorithms and protocols for drone and missile detection.

The investigation into the attack is challenging due to the extensive wiping of Kyivstar’s infrastructure. Vitiuk strongly suspected that the Russian military intelligence cyberwarfare unit known as Sandworm was responsible for the attack, citing their previous involvement in cyberattacks in Ukraine. He also mentioned a previous hack by Sandworm on another Ukrainian telecoms operator, detected by the SBU. Vitiuk highlighted…

Source…