Tag Archive for: unit

China Accuses NSA’s TAO Unit of Hacking its Military Research University

/in


China Accuses NSA

China has accused the U.S. National Security Agency (NSA) of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi’an in June 2022.

The National Computer Virus Emergency Response Centre (NCVERC) disclosed its findings last week, and accused the Office of Tailored Access Operations (TAO), a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA), of orchestrating thousands of attacks against the entities located within the country.

“The U.S. NSA’s TAO has carried out tens of thousands of malicious cyber attacks on China’s domestic network targets, controlled tens of thousands of network devices (network servers, Internet terminals, network switches, telephone exchanges, routers, firewalls, etc.), and stole more than 140GB of high-value data,” the NCVERC said.

CyberSecurity

According to the U.S. Department of Justice (DoJ), Northwestern Polytechnical University is a “Chinese military university that is heavily involved in military research and works closely with the People’s Liberation Army on the advancement of its military capabilities.”

The agency further said that the attack on the Northwestern Polytechnical University employed no fewer than 40 different cyber weapons that are designed to siphon passwords, network equipment configuration, network management data, and operation and maintenance data.

It also said that the TAO used two zero-day exploits for the SunOS Unix-based operating system to breach servers used in educational institutions and commercial companies to install what it called the OPEN Trojan.

The attacks are said to have been mounted via a network of proxy servers hosted in Japan, South Korea, Sweden, Poland, and Ukraine to relay the instructions to the compromised machines, with the agency noting that the NSA made use of an unnamed registrar company to anonymize the traceable information such as relevant domain names, certificates, and registrants.

Besides OPEN Trojan, the attacks entailed the use of malware it calls “Fury Spray,” “Cunning Heretics,” “Stoic Surgeon,” and “Acid Fox” that are capable of “covert and lasting control” and exfiltrating sensitive…

Source…

Media giant Nikkei’s Asian unit hit by ransomware attack

/in


Nikkei

Publishing giant Nikkei disclosed that the group’s headquarters in Singapore was hit by a ransomware attack almost one week ago, on May 13, 2022.

“Unauthorized access to the server was first detected on May 13, prompting an internal probe,” the company revealed in a press release published on Thursday.

“Nikkei Group Asia immediately shut down the affected server and took other measures to minimize the impact.”

Nikkei says it’s currently investigating if the attackers accessed any of the customer data that was likely stored on the impacted servers.

“The affected server likely contained customer data, and Nikkei is currently in the process of determining the nature and scope of the attack,” Nikkei added.

The media giant said that, until now, it found no evidence of a data leak while investigating the ransomware attack.

Nikkei and its Asian unit reported the attack to the Japanese and Singaporean authorities in charge of personal data protection.

“We sincerely apologize for the trouble we’ve caused,” Nikkei’s public relations office said in a statement issued today.

“We will take appropriate action in cooperation with relevant authorities and strive to enhance information protection.”

Hit by BEC scammers

Two years ago, Nikkei was also the victim of a high-profile business email compromise (BEC) scam when it lost millions following a single wire transfer.

The scammers, posing as a Nikkei executive, tricked one of Nikkei America’s employees in New York City into sending $29 million to a bank account under their control.

Nikkei is one of the largest media corporations worldwide, with roughly 4 million print and digital subscribers and over 40 affiliated companies involved in publishing, broadcasting, events, database services, and the index business.

The media group, which acquired the Financial Times in 2015, currently has dozens of foreign editorial bureaus and more than 1,500 journalists around the world.

Thx to Douglas Mun for the tip.

Source…

FBI to form digital currency unit, Justice Dept taps new crypto czar

/in


WASHINGTON, Feb 17 (Reuters) – The U.S. Justice Department has tapped a seasoned computer crimes prosecutor to lead its new national cryptocurrency enforcement team and announced on Thursday that the FBI is launching a unit for blockchain analysis and virtual asset seizure.

The creation of the FBI’s “virtual asset exploitation” unit comes after the Justice Department’s largest-ever financial seizure earlier this month. It charged a married New York couple with allegedly laundering bitcoins now valued at over $4.5 billion that were stolen in the 2016 hack of the digital currency exchange Bitfinex.

U.S. regulators under President Joe Biden have been ratcheting up their scrutiny of the crypto industry in the wake of a series of high-profile cyberattacks last year on the largest U.S. fuel pipeline network and the world’s largest beef supplier. Ransomware groups often demand their fees in bitcoin.

Register now for FREE unlimited access to Reuters.com

In some of those cases, the FBI has been able to track down and recover some of the ransom.

Cryptocurrencies rely on blockchain technology, a database shared across a network of computers, in which records are difficult to change once added.

In a speech at the Munich Cyber Security Conference in Germany, Deputy Attorney General Lisa Monaco announced that Eun Young Choi, a prosecutor who led the case against a Russian hacker who helped steal information about more than 80 million JPMorgan & Chase Co customers, will lead the department’s cryptocurrency enforcement team.

Choi, who most recently served as Monaco’s senior counsel, worked for nearly a decade as a cybercrime coordinator and assistant U.S. attorney in New York, according to her LinkedIn profile. the U.S. Attorney’s Office in New York.

“We are issuing a clear warning to criminals who use cryptocurrency to fuel their schemes,” Monaco said.

“We also call on all companies dealing with cryptocurrency – we need you to root out cryptocurrency abuses. To those who do not, we will hold you accountable where we can.”

Monaco also announced the creation of a new international virtual currency initiative, and said the department will be aggressive about disrupting cyber threats, even at the…

Source…

New US Army cyber unit is building concepts for tactical cyber operations

/in


MUSCATATUCK URBAN TRAINING CENTER, Ind. — After nearly two decades of conflict against technologically inferior and insurgency-focused adversaries, the U.S. military and the Army are honing their cyber training against more sophisticated forces.

The Army, for its part, is moving toward a multidomain-capable force, which envisions the seamless integration of forces and capabilities across all spheres of warfare; air, land, sea, space and cyber, as well as the information dimension.

Part of realizing a multidomain force is meeting the need for tactical cyber and information capabilities outside of U.S. Cyber Command. Following a series of exercises and experimental units, the Army activated the 915th Cyber Warfare Battalion in 2019.

This first-of-its-kind unit is designed to provide non-lethal capabilities such as cyber, electronic warfare and information operations in support of Army Service Component Commands and their subordinate elements.

“What we are is a new organization that’s helping define what it means to do multidomain operations from an information advantage standpoint and then through our innovation and experimentation, that’s what’s ultimately going to get recorded in doctrine,” Lt. Col. Benjamin Klimkowski, commander of the 915th, said. “The doctrine writers have never done this before. They need our input to help shape that. It’s our experimentation and our operations that pushes that piece.”

The vision is by 2026 the 915th will consist of 12 expeditionary cyber and electromagnetic activities teams (ECTs), each capable of providing cyber, electronic-warfare and information operations. Currently, there are three companies within the battalion with two ECTs under a separate company, consisting of a total of over 200 personnel. The third ECT is slated to be created at the end of fiscal year 2022.

Moreover, the goal is that each ECT will be aligned to specific geographic theaters.

The Army will have 12 expeditionary cyber and electromagnetic teams by 2026.

However, much is still uncertain between then and now as the force is being built. For example, initial and full operating capability criteria for teams are still in the works, officials explained.

The…

Source…