Tag Archive for: wakeup

A Wake-Up Call for Securing Remote Employees’ Hardware

/in


Update: Multiple U.S. and international government agencies released an advisory Feb. 7 detailing the Volt Typhoon attacks. The threat actors targeted and compromised the IT environments of U.S. communications, energy, transportation and water infrastructure in the continental U.S. as well as non-continental areas and territories, such as Guam.

Original article: State-sponsored hackers affiliated with China have targeted small office/home office routers in the U.S. in a wide-ranging botnet attack, Federal Bureau of Investigation Director Christopher Wray announced on Wednesday, Jan. 31. Most of the affected routers were manufactured by Cisco and NetGear and had reached end-of-life status.

Department of Justice investigators said on Jan. 31, 2024, that the malware has been deleted from affected routers. The investigators also cut the routers off from other devices used in the botnet.

IT teams need to know how to reduce cybersecurity risks that could stem from remote workers using outdated technology.

What is the Volt Typhoon botnet attack?

The cybersecurity threat in this case is a botnet created by Volt Typhoon, a group of attackers sponsored by the Chinese government.

Starting in May 2023, the FBI looked into a cyberattack campaign against critical infrastructure organizations. On Jan. 31, 2024, the FBI revealed that an investigation into the same group of threat actors in December 2023 showed attackers sponsored by the government of China had created a botnet using hundreds of privately-owned routers across the U.S.

The attack was an attempt to create inroads into “communications, energy, transportation, and water sectors” in order to disrupt critical U.S. functions in the event of conflict between the countries, said Wray in the press release.

SEE: Multiple security companies and U.S. agencies have their eyes on Androxgh0st, a botnet targeting cloud credentials. (TechRepublic) 

The attackers used a “living off the land” technique to blend in with the normal operation of the affected devices.

The FBI is contacting anyone whose equipment was affected by this specific attack. It hasn’t been confirmed whether…

Source…

How A Satellite Hack Became a Cybersecurity Wakeup Call

/in


How A Satellite Hack Became a Cybersecurity Wakeup Call

People around the world rely on satellites for their internet connections, credit card transactions–and even to keep track of time.  Last year, a suspected Russian-led satellite hack exposed how vulnerable they are to security breaches, from individual hackers seeking to pilfer information for profit and governments looking to weaken their adversaries.

Bloomberg reporter Katrina Manson joins this episode to discuss the fallout of the hack, and what companies and governments are doing to harden their systems against future attacks. Plus, James Pavur, a hacker and Pentagon cybersecurity expert, walks us through how satellites are compromised, and what we can do to keep our own data from being stolen. 

Mar 13, 2023

Bloomberg Podcasts

Source…

Japan rearms under Washington’s pressure − a wake-up call to the antiwar movement – Workers World

/in


Okinawa is the largest of the Ryukyu islands.

The Dec. 16 announcement by Japan’s Prime Minister Fumio Kishida of a new defense strategy, while doubling military spending by 2027 to implement it, is the largest defense shake-up in decades and a wake-up call to the antiwar movement. 

The decision includes openly acquiring offensive weapons and reshaping its military command structure for its expanded armed forces. On Dec. 23, the draft budget was approved by Kishida’s cabinet.

Japan’s dangerous military expansion should set off international alarm bells. This major escalation is taking place based on intense U.S. imperialist pressure. It is the next step in the “Pivot to Asia,” aimed at threatening and surrounding China and attempting to reassert U.S. dominance in the Asia Pacific. 

The movements opposing endless U.S. wars must begin to prepare material and draw mass attention to this ominous threat.

The plan to double military spending will add $315 billion to Japan’s defense budget over the next five years and make Japan’s military the world’s third largest, after the U.S. and China. Defense spending will escalate to 2% of gross domestic product, equal to the goal the U.S. sets for its NATO allies. Japan’s economy is the world’s third largest. 

The Japanese government plans to buy up to 500 Lockheed Martin Tomahawk missiles and Joint Air-to-Surface Standoff Missiles (JASSM), procure more naval vessels and fighter aircraft, increase cyber warfare capabilities, manufacture its own hypersonic guided missiles and produce its own advanced fighter jets, along with other weapons. The plan shifts from relying solely on missile defense to also embracing “counterstrike” capabilities. 

Three key security documents — the National Security Strategy (NSS), as well as the National Defense Strategy (NDS) and the Defense Buildup Program (DBP) — shed some of the postwar constraints on the Japanese military.

Article 9 – a class struggle against military rearmament

Although the U.S. occupation force, after defeating Japan’s military in World War II, imposed a “pacifist” constitution on Japan, for decades now U.S. strategists have pressured Japan’s…

Source…

A Recent Chinese Hack Is a Wake-up Call for the Security of the World’s Software Supply Chain – The Diplomat

/in


No one knows, not even the ghosts (人不知,鬼不觉)
-Chinese idiom

It’s perhaps only a coincidence that there’s a famous Chinese saying that neatly summarizes a recent hack on MiMi, a Chinese messaging app. According to recent reports, a Chinese state-backed hacking group inserted malicious code into this messaging app, essentially pulling off the equivalent of the infamous SolarWinds hack. Users of MiMi were served a version of the app with malicious code added, thanks to attackers taking control of the servers that delivered the app. In short, this was a software supply chain attack in which the software delivery pipeline was compromised.

And no one knew for months.

This hack hasn’t gotten much press in Western media, potentially because this appears to be an example of Chinese state surveillance on targets that aren’t in the United States or Europe. That’s a shame because this attack points to a growing trend of software supply chain attacks, even by the Chinese government. Consequently, Western companies and governments should take note and begin preparing defenses.

Admittedly, not all of the details are known (or will ever be known), but forensic code analysis indicates that a particular Chinese state-backed hacking group (sometimes called Lucky Mouse or Iron Tiger) likely took control of servers that allowed users to download the MiMi Chinese chat application, which is aimed at Chinese-speaking users. The hackers then switched out the original software with a malicious version, adding code into the application that fetched and installed malware.

Enjoying this article? Click here to subscribe for full access. Just $5 a month.

At that point, the malware, unknown to the user, allowed the attackers to monitor and control the software remotely. This appears to have happened in late 2021 and through the summer of 2022. Interestingly, neither the legitimate application nor the malware were digitally signed, which meant that users had no way of knowing that this software was malicious.

Observers could be forgiven for…

Source…