Tag Archive for: world

World Insights: Unchecked surveillance empire

/in


(Xinhua) 10:16, April 29, 2023

A huge slogan board stands in front of the U.S. Capitol building during a protest against government surveillance in Washington D.C., capital of the United States, on Oct. 26, 2013. (Xinhua/Fang Zhe)

Analysts say that cyber warfare is one of the tools used in its “hybrid warfare.” Like economic sanctions, terrorist activities, psychological warfare, and military actions, it is a means by which the United States interferes in other countries and achieves its own political goals.

BEIJING, April 28 (Xinhua) — The United States is notorious for its cyber record. Just ask the National Security Agency (NSA), which in 2013 suffered the biggest leak in its history when Edward Snowden, a former CIA contractor, walked out with a vast trove of secret documents.

Snowden disclosed to the press details of extensive internet and phone surveillance by American intelligence. As the scandal widened, multiple media outlets revealed that NSA tapped directly into the servers of internet firms to track online communication in a surveillance program known as Prism.

A decade later, it’s the Pentagon in the limelight this time. A set of highly classified documents from the department were leaked online in recent weeks, in an apparent security breach that revealed U.S. intelligence gathering on some of its key allies. South Korea, one of those affected, has played down any possibility of tension, reiterating its “strong” ties with America.

Those documents also reportedly include military assessments on the Ukraine crisis and CIA reports on a range of global issues. The embarrassing leak has endangered intelligence methods, exposed American strategy and undermined trust among U.S. allies, CNBC quoted former defense department officials and intelligence experts as saying.

SURVEILLANCE OBSESSION

For years, Washington has been spying on the world through electronic eavesdropping and communication interception, with the targets ranging from what it called “strategic competitors” to its European partners.

Anti-secrecy group WikiLeaks in 2015 released a trove of documents titled “Target Tokyo” detailing systematic mass surveillance the agency undertook of Japanese…

Source…

83% of Ransomware Infected Organizations Paid Over $900,000 Each / Digital Information World

/in


The average number of ransomware attacks being experienced by companies grew from four to five in 2022, and that’s just one of the many signs pointing to a worsening state of cybersecurity. Law enforcement agencies usually tell organizations to never pay ransoms because of the fact that this is the sort of thing that could potentially end up making the malicious actors target them repeatedly.

However, ExtraHop’s latest Global Cyber Confidence Index revealed that 83% of organizations that fell pretty to a ransomware attack ended up paying the ransom. The fear of data loss and operational disruption likely led to them biting the bullet, and it is estimated that the companies that paid the ransom had to pay an average of over $925,000 apiece.

With all of that having been said and now out of the way, it is important to note that malicious actors often use the double extortion method when companies pay up. Paying a ransom once makes it more likely that you will pay it again than might have been the case otherwise, so there is a clear correlation between failing to follow post-ransomware instructions and having to go through the ordeal all over again.

77% of experts who are working in the field of IT said that obsolete cybersecurity infrastructure was leading to an increased number of attacks with all things having been considered and taken into account. Spending nearly a million dollars to upgrade this infrastructure might be a far more useful strategy for companies to consider since it can prevent ransomware from making its way onto their systems in the first place.

In spite of the fact that this is the case, most companies tend to have a reactive strategy than a proactive one. Creating backups and keeping cybersecurity tech up to date is both more affordable as well as more efficient, yet most companies are failing to meet this very basic requirement. Until major companies start to take cybersecurity more seriously, the number of these attacks will only grow ever greater. It will be interesting to see if these findings have any sort of impact on how ransomware is dealt with.

Read next: New Investigation Discovers iPhones Being Injected With Spyware Through Exploitation Of…

Source…

Vladimir Putin’s cyber warfare chief sent sex toys after his email is hacked – World News

/in


Ukrainian hackers broke into Sergey Morgachev’s AliExpress account and ordered several sex toys and gay pride flags in his name in an “symbolic act of moral humiliation”

Sergei Morgachev, a Russian top-ranking spy, was hacked(InformNapalm)

A top Russian military spy has been bombarded with sex toys after his personal email was hacked.

Ukrainian hackers claim they gained access to Sergey Morgachev’s AliExpress account, ordering multiple sex toys and gay pride flags in his name.

The embarrassing hack was intended as “a symbolic act of moral humiliation.”

Morgachev is Vladimir Putin‘s Lieutenant Colonel at Moscow’s chief intelligence office, the GRU.

It is believed he was in charge of Russia‘s notorious “Fancy Bear” hackers, also known as APT28.

The hackers, who call themselves Cyber Resistance, claimed on Telegram that they had managed to break into Morgachev’s email account.

Then, they were able to access personal information such as family photos and scanned documents of people associated with him, according to the open-source intelligence site Info Nampalm.

Source…

Cyber Security Today, March 31, 2023 – World Backup Day advice, new malware targeting Linux and more

/in


World Backup Day advice, new malware targeting Linux and more

Welcome to Cyber Security Today. It’s Friday, March 31st, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Today is World Backup Day. I have a long story on ITWorldCanada.com which is tailored for IT department leaders in mid-to-large firms, so on this podcast I want to address IT leaders in small businesses. The good news is backup and recovery should be easier because your environment will be simpler compared to a multi-million dollar retailer. Still, some of the same rules apply: First, decide what data needs to be backed up, giving priority to sensitive information and how often it needs to be backed up. Second, make sure data is backed up off-site as well as on-site. And for extra protection, it should be encrypted. Third, make sure the off-site backup can’t be compromised by a hacker. One of the biggest failures of IT is to protect off-site backup from being encrypted, ruining any chance of data restoration. Fourth, document your backup procedures so when staff leave the knowledge doesn’t go with them. And last, have IT staff regularly practice restoring a backup. You’ll need that experience in a crisis.

Attention Linux administrators: New malware targeting Linux servers has been discovered. Researchers at the French firm Exatrack call it Melofee, and believe it was created by a group based in China. It drops a rootkit and a server implant. The implant can update itself, create a new socket for interaction, search for system information, read and write files and more. The implant hasn’t been widely seen, suggesting the attacker uses it only to go after high value targets.

University researchers say there’s a fundamental flaw in the Wi-Fi protocol that could affect devices running Linux, FreeBSD, Android and iOS. In a summary of the report, the Hacker News notes that the flaw could be used to hijack TCP connections or intercept client and web traffic. The power-save mechanisms in endpoint devices could trick access points into leaking data frames in plaintext.

Cisco Systems said attacks could be successful against its Wireless…

Source…