Author Archives: Sean Lyngaas

UK cyber agency launches review of Huawei presence in 5G networks

Posted on by

The United Kingdom’s cybersecurity agency is reviewing the impact that new U.S. sanctions on Chinese telecommunications company Huawei could have on Britain’s deployment of 5G technology. The review by the National Cyber Security Centre is welcome news for U.S. officials who have lobbied their U.K. counterparts to ban Huawei gear out of concerns over espionage. And it’s a potential change of fate for Huawei’s business in the U.K. after officials decided in January to allow the telecom giant’s equipment in up to 35% of the country’s 5G deployments — albeit not in the most sensitive parts of those networks. “Following the U.S. announcement of additional sanctions against Huawei, the NCSC is looking carefully at any impact they could have to the U.K.’s networks,” the NCSC said in a statement to CyberScoop on Tuesday. “The security and resilience of our networks is of paramount importance.” Prime Minister Boris Johnson’s office, according […]

The post UK cyber agency launches review of Huawei presence in 5G networks appeared first on CyberScoop.

Continue reading UK cyber agency launches review of Huawei presence in 5G networks

DHS’s cyber division has stepped up protections for coronavirus research, official says

Posted on by

The Department of Homeland Security’s cybersecurity wing says it has put heightened defense measures for health-care-focused organizations and research facilities in place as foreign government-backed hackers continue to try to steal U.S. coronavirus research. “I just want you to know that we have stepped up our protections of [the Department of Health and Human Services] and [the Centers for Disease Control and Prevention] — our federally-funded research organizations,” Bryan Ware, assistant director of DHS’s Cybersecurity and Infrastructure Security Agency, told industry executives Friday. “[We’ve] significantly accelerated that work.” CISA is regularly scanning the internet-connected devices of top pharmaceutical companies and research institutions for vulnerabilities and trying to get them fixed quickly “because we are seeing adversaries that are targeting them right now,” Ware said on a webinar focused on CISA contracting opportunities. Ware cited efforts by China and other unnamed governments to target vaccine research, echoing recent warnings from CISA and […]

The post DHS’s cyber division has stepped up protections for coronavirus research, official says appeared first on CyberScoop.

Continue reading DHS’s cyber division has stepped up protections for coronavirus research, official says

FBI offers US companies more details from investigations of health care hacking

Posted on by

The FBI has provided U.S. companies more information on the extent of recent criminal and foreign government-backed hacking operations against the health care sector and warned of ongoing efforts to steal U.S. research data. Criminal and state actors continue to target U.S. clinical trial data, trade secrets, and the “sensitive data and proprietary research of U.S. universities and research facilities,” the FBI told industry in an advisory this week. “Likely due to the current global public health crisis, the FBI has observed some nation-states shifting cyber resources to collect against the [health care and public health] sector, while criminals are targeting similar entities for financial gain.” The advisory, which CyberScoop obtained, includes multiple examples since February of state-linked hackers trying to compromise and retain access to the networks of organizations in the U.S. health care and public health sector. It is the latest in a series of warnings from U.S. officials about similar […]

The post FBI offers US companies more details from investigations of health care hacking appeared first on CyberScoop.

Continue reading FBI offers US companies more details from investigations of health care hacking

Zeus’s legacy lives on as crooks target banking customers in the US and Europe

Posted on by

Over a decade since the infamous Zeus malware surfaced, scammers are still using variants of that code to try to steal data from banking customers on multiple continents. Since the beginning of the year, various criminal hacking groups have been using a descendant of Zeus in more than 100 phishing campaigns and some 700,000 emails against people in Australia, Canada, Germany, Poland, and the U.S., email security company Proofpoint said this week. Like countless other hackers around the world, they are trying to capitalize on fears around the coronavirus to slip their code onto victim computers. The ZLoader campaign shows how one piece of code is still inspiring criminals years after law enforcement identified it as pernicious. After malicious hackers had used Zeus malware to steal over $100 million from victims, the Department of Justice disrupted a Zeus-based botnet in 2014 and put a $3 million bounty out for information leading to the arrest of Zeus’s alleged […]

The post Zeus’s legacy lives on as crooks target banking customers in the US and Europe appeared first on CyberScoop.

Continue reading Zeus’s legacy lives on as crooks target banking customers in the US and Europe

Japan investigates Mitsubishi Electric breach amid national security concerns

Posted on by

Japan is investigating a possible breach of sensitive defense contracting data following a cyberattack last year on electronics giant Mitsubishi Electric, officials said Wednesday. Data likely stolen in the hack, which Mitsubishi disclosed earlier this year, included specifications of hypersonic missile prototypes that Japan is developing, according to a report in Asahi Shimbun, a Japanese newspaper. The Ministry of Defense had sent the specifications to multiple companies, including Mitsubishi, interested in bidding on the missile contract, the report said. Japanese officials have said the high-velocity missile could be used to protect islands in the East China Sea that are the subject of an ongoing territorial dispute between Japan and China. At a press conference Wednesday, government spokesperson Yoshihide Suga confirmed that Japan’s Ministry of Defense was examining the incident’s impact on national security, but declined to give further details. Mitsubishi said in a statement that it reported the breach to the […]

The post Japan investigates Mitsubishi Electric breach amid national security concerns appeared first on CyberScoop.

Continue reading Japan investigates Mitsubishi Electric breach amid national security concerns

‘Greenbug’ hacking group hits three telecom firms in Pakistan

Posted on by

For the past several months, suspected Iranian hackers have been rooting around the IT systems of at least three telecommunications companies in Pakistan, accessing data servers when it suits them, according to cybersecurity company Symantec. The report, published Tuesday, points the finger at a group called Greenbug, which used virtual “tunnels” to quietly stay connected to victim machines. The telecom data could offer a trove of information to spy on targets in Pakistan, and the hackers were determined to access the company’s networks. “As we would close one door, they would attempt to come back through another,” said Jon DiMaggio, senior cyberthreat analyst at the Symantec Enterprise Division, recalling Greenbug’s drive to stay on the Pakistani telecom companies’ networks after being discovered. Analysts told CyberScoop that the report is another example of the challenges some telecom providers have in keeping spies out of their networks. Eighteen different hacking groups linked to various governments went after telecom companies […]

The post ‘Greenbug’ hacking group hits three telecom firms in Pakistan appeared first on CyberScoop.

Continue reading ‘Greenbug’ hacking group hits three telecom firms in Pakistan

Taiwan suggests China’s Winnti group is behind ransomware attack on state oil company

Posted on by

Taiwanese authorities have suggested that Chinese hackers were behind a ransomware attack against Taiwan’s state oil company, an aggressive assault on one of the island nation’s strategic assets. Data left behind in the attack, such as a configuration file and domain name, point to the involvement of a group known as Winnti, Taiwan’s Ministry of Justice said in a statement Friday. Winnti is a broad collection of hackers that cybersecurity researchers have linked with the Chinese government. Cybersecurity analysts say Beijing’s hackers have long conducted operations against Taiwanese targets to gather intelligence. But an attempt to extort Taiwanese company CPC Corp., which is responsible for delivering oil products throughout Taiwan, would be a much more brazen move. Although the attack didn’t affect the CPC’s energy production, it did disrupt some customers’ efforts to use CPC Corp.’s payment cards to purchase gas. CyberScoop could not independently confirm that Winnti was involved in the attack. The Chinese Embassy in Washington, […]

The post Taiwan suggests China’s Winnti group is behind ransomware attack on state oil company appeared first on CyberScoop.

Continue reading Taiwan suggests China’s Winnti group is behind ransomware attack on state oil company

U.S. officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple

Posted on by

Federal law enforcement officials said Monday they had unlocked the iPhones of the perpetrator of a December terrorist attack at a U.S. Naval base — and sharply criticizing Apple for not granting them access to those encrypted communications. FBI technicians cracked the phones of a Saudi aviation student who killed three U.S. sailors at the Naval Air Station Pensacola, uncovering evidence linking him to an Al Qaeda affiliate, Attorney General William Barr said. Barr and FBI Director Christopher Wray urged Silicon Valley companies to write software that allows investigators to access encrypted communications with a warrant, a move that technology firms and security experts have criticized for years. Authorities took their usual claims a step further, though, by criticizing Apple for what they described as effectively standing in the way of their investigation. “We effectively received no help from Apple,” Wray asserted at the press conference. He did not detail the […]

The post U.S. officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple appeared first on CyberScoop.

Continue reading U.S. officials say they’ve cracked Pensacola shooter’s iPhones, blast Apple

Romanian police bust hackers allegedly plotting ransomware attacks on hospitals

Posted on by

Romanian authorities said Friday they had disrupted a cybercriminal group that planned to conduct ransomware attacks on hospitals in the country. The hackers intended to pose as government officials and send malicious emails to public health institutions that purported to contain information on the coronavirus, according to the Directorate for Investigating Organized Crime and Terrorism (DIICOT), one of Romania’s top law enforcement agencies. Such ransomware attacks could disrupt the IT systems of hospitals, DIICOT said. But before that could happen, police and security officials said they searched the suspects’ properties in Romania and neighboring Moldova. All four suspects were arrested, ZDNet reported. The hackers planned to threaten hospitals to protest Romania’s state of emergency, which has restricted public gatherings during the COVID-19 pandemic, according to Romanian news outlet Stirile Pro Tv. The threat of attacking hospitals would be a much more serious crime than the website defacements and other low-skill digital mischief usually […]

The post Romanian police bust hackers allegedly plotting ransomware attacks on hospitals appeared first on CyberScoop.

Continue reading Romanian police bust hackers allegedly plotting ransomware attacks on hospitals

US Commerce Department tightens screws on Huawei export controls

Posted on by

The U.S. Department of Commerce on Friday said it was tightening regulations to prevent Huawei from using U.S. software to make semiconductors abroad, the latest move by officials to crack down on a Chinese telecommunications giant they deem a national security threat. The new regulations are an effort to “narrowly and strategically target Huawei’s acquisition of semiconductors that are the direct product of certain U.S. software and technology,” the Department of Commerce said in a statement. Huawei has been circumventing previous restrictions on using U.S. technology to make semiconductors, which are key to its smartphone business, Commerce officials alleged. The updated export controls go further in forcing foreign companies that use U.S. chipset technology to get a license before selling that technology to Huawei. A Huawei spokesperson did not immediately respond to a request for comment. The new export controls are one of a series of stringent measures the Trump administration […]

The post US Commerce Department tightens screws on Huawei export controls appeared first on CyberScoop.

Continue reading US Commerce Department tightens screws on Huawei export controls