Tag Archive for: THREATS.

To combat Chinese cyber threats, the US must spearhead a new Indo-Pacific intelligence coalition

/in


To combat Chinese cyber threats, the US must spearhead a new Indo-Pacific intelligence coalition

When the highest-ranking US law enforcement official describes a concern as “the defining threat of our generation,” it should be taken seriously. On January 31, FBI Director Christopher Wray testified before Congress about China’s capability to threaten US national and economic security. In particular, he identified the imminent cyber threat that Chinese hackers pose to critical infrastructure. A China-sponsored cyber group called “Volt Typhoon,” Wray explained, has prepositioned cyberattack capabilities in the US communications, energy, transportation, and water sectors intended to “destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous.” Alarming in its own right, Volt Typhoon is just the latest example of Beijing’s ongoing “cyber onslaught,” Wray added.

This story is not new. Since at least 2019, the US government has publicly sounded the alarm about the threat that China’s cyberattack and espionage enterprise poses to US national security and to regional stability in East Asia. The 2023 annual threat assessment by the US Office of the Director of National Intelligence (ODNI) states that China “uses coordinated, whole-of-government tools to demonstrate strength and compel neighbors to acquiesce to its preferences.” The assessment adds that China’s cyber capabilities are essential for orchestrating espionage, malign influence, and attack operations in support of Chinese interests.

To confront the threat to critical infrastructure posed by Volt Typhoon and other state-sponsored Chinese cyber actors, the United States should launch an expansive new multilateral cyber threat intelligence sharing coalition in the Indo-Pacific. This coalition should utilize some of the lessons learned from the Five Eyes intelligence alliance, and it would incorporate members of the Five Eyes alliance, US Indo-Pacific partners, and even some European states. The expanded reach and resources of such a coalition would help disrupt cyber threats, signal to the world that the United States and its partners are committed to protecting both cyber and physical…

Source…

Australia Ramps Up Cyber Defence, Aiming to Shield Against Modern Warfare Threats

/in


As the world watches the evolution of warfare in the 21st century, a significant shift is taking place down under. In November 2023, the Australian Defence Force (ADF) personnel alongside defence industry officials congregated in Canberra, marking a pivotal moment in the country’s defence history. This gathering, known as the ADF’s Cyber Skills Challenge, is not just another event; it’s a testament to Australia’s commitment to fortifying its cyber-defence capabilities in an era where digital battlegrounds are as consequential as physical ones.

Strengthening the Cyber Frontline

The urgency to bolster cyber-defence mechanisms has never been more critical, especially in light of the ongoing Russia-Ukraine conflict, which has showcased the extensive use of cyberwarfare. The Australian Department of Defence (DoD), spurred by the Defence Strategic Review (DSR) released in April 2023, is on a mission to overhaul its cyber and information operations. The DSR’s recommendations are clear: to address non-geographic security threats effectively, integrating defence mechanisms for command, control, communications, and computer (C4) networks is imperative. Moreover, centralizing cyber domain capability development and management alongside building a skilled cyber workforce are steps the DoD cannot afford to overlook.

The Path to Cyber Resilience

The ADF’s Cyber Skills Challenge is just the tip of the iceberg in Australia’s comprehensive strategy to navigate the treacherous waters of modern hybrid warfare. With a sizable investment in the Advanced Strategic Capabilities Accelerator (ASCA), earmarking $3.4 billion over the next decade, and the initiation of the AUKUS Innovation Challenge focusing on electronic warfare, the momentum is building. These initiatives are complemented by advancements in artificial intelligence, autonomy, and undersea warfare capabilities, underscoring the multifaceted approach Australia is taking to bolster its cyber capabilities and integration with other warfighting domains.

Leadership and Coordination at the Helm

At the heart of this transformative journey is Lieutenant General Michelle McGuinness, who…

Source…

UK Businesses Urged to Fortify Against Global Cyber Threats

/in


In the shadow of Russia’s invasion of Ukraine, an unprecedented cyber conflict unfolds, sending ripples across the globe and awakening businesses to the stark realities of digital warfare. The National Cyber Security Centre (NCSC), a beacon of guidance in these turbulent times, has stepped forward with critical advice for UK enterprises. Amidst a landscape where cyber-attacks on Ukraine bear international consequences, the NCSC’s counsel serves as both a shield and a strategy, urging businesses to bolster their cyber defenses.

Empowering Businesses Against Invisible Threats

The digital realm, often invisible yet omnipresent, harbors threats that can cripple the unprepared. Recognizing this, the NCSC’s guidance is a clarion call to action for business owners. The advisory emphasizes fundamental cyber security measures such as ensuring software and devices are consistently updated, tightening access controls, and maintaining robust anti-virus and firewall defenses. Moreover, the importance of logging and monitoring systems, reviewing backup processes, and having an up-to-date incident response plan cannot be overstated. In a move to preempt potential cyber onslaughts, the NCSC also advises on the meticulous management of external internet footprints and establishing phishing response processes.

Building a Resilient Digital Ecosystem

Amid the digital cacophony, the recommendation to engage in threat information sharing and educating the organization about cyber threats is a step towards cultivating a culture of cyber resilience. The NCSC’s guidance is not just about defense but about fostering an environment where every member is aware and vigilant. Armstrong Watson’s initiative to host a free webinar further underscores the importance of equipping businesses with the knowledge to protect against cyber threats. This collaborative approach towards cyber security underscores the significance of unity in the face of digital adversaries.

Global Cyber Warfare’s Local Impact

The global cyber conflict, with its epicenter in Ukraine, serves as a stark reminder of the interconnectedness of our digital world. As historical patterns…

Source…

Web Threats in India: Hacking Incidents and Cyberattacks in 2023 |

/in


With hacking incidents registering an increase in 2023, nearly two in five (33%) web users in India faced a form of Internet-born cyberattack in 2023, a new report said, highlighting two prominent ways that hackers users to target Indians online.
According to the global cybersecurity company Kaspersky, a total of 62,574,546 Internet-borne cyber threats were detected and blocked in the country.
“With the world moving towards AI and other next-gen technologies, we expect the fraud and scamming scenarios to get more intricate and challenging to detect. Thus, we urge Indian users to install security solutions on their devices to protect themselves from these web attacks,” said Jaydeep Singh, General Manager for South Asia at Kaspersky.
Two ways used by hackers to target Indians
The report by Kaspersky highlighted two most prominent ways that cyber criminals used to undertake cyberattacks. These are: exploiting bugs in browsers and social engineering methods.
Vulnerabilities in browsers: Cybercriminals often exploit the vulnerabilities in browsers and their plugins to attack users’ systems. Users are typically attacked when they visit an infected website and the attack happens without the user’s awareness or action, and may result in the download of harmful malware.
Social engineering: Another popular web threat in India is ‘social engineering’ wherein the users are manipulated by the cybercriminals to download a malicious file and then they take control of the system.
Cybercriminals often trick their victims into thinking they are downloading a legitimate application or programme, and then once the user downloads the programme, they control the victim’s device and use it for malicious purposes.
“Since many threat actors nowadays conceal malicious code to bypass static analysis and emulation, advanced technologies such as proactive Machine Language-based methods and behaviour analysis are used to fight this type of threat,” Singh added.

Source…