Collaborate Disseminate
The perceived threat posed by Huawei to the UK national infrastructure continued to make the headlines throughout February, as politicians, UK government agencies and the Chinese telecoms giant continued to play out their rather public spat in the medi… Continue reading Cyber Security Roundup for February 2019
Keeping the world’s dizzying array of hacking groups straight has become a challenge for researchers and journalists. One person’s Helix Kitten is another’s OilRig, sowing confusion — in this writer as well as others — about where one group ends and the next one begins. But getting hacking taxonomy right matters because knowing which group is responsible for malicious activity can help network defenders secure their data. That’s why researchers from multiple companies are pointing out what they say is a case of mistaken attribution of a global hacking operation. A report published last week by cybersecurity companies Recorded Future and Rapid7, blamed a well-known Chinese threat group, labeled APT10 in the West, for breaching a Norwegian software vendor, a U.S. law firm, and an international apparel company. APT10, which U.S. officials and private analysts have linked to China’s civilian intelligence agency, gained greater notoriety in December when the Department of Justice announced […]
The post Right country, wrong group? Researchers say it wasn’t APT10 that hacked Norwegian software firm appeared first on CyberScoop.
U.S. officials on Wednesday continued to warn industry about the threat posed by Chinese government-backed hackers by detailing how those teams have evolved and urging companies to better secure IT services that can be an avenue for stealing proprietary data. “Their strategies have shifted from labor-intensive, one-off compromises of individual targets to the use of the force-multiplier effects that enable them to compromise multiple targets through a single attack,” Rex Booth, a Department of Homeland Security cyber official, said during a webinar presentation to the private sector. “That shift in strategies increases the risk for all of us.” The public webinar focused on APT10, a group tied to China’s civilian intelligence agency, the Ministry of State Security. Analysts say the MSS has supplanted the People’s Liberation Army to become Beijing’s preferred arm for conducting economic espionage. U.S. officials and security researchers say APT10 has targeted the “managed service providers” that […]
The post DHS briefs industry on shift in Chinese hacking that ‘increases the risk for all of us’ appeared first on CyberScoop.
Weeks after the Department of Justice announced the indictment of two men linked with a Chinese state-sponsored hacking group, security researchers say they have uncovered a cyber-espionage campaign by the same entity against a European software company, a U.S. law firm, and a global apparel company. Analysts at Recorded Future and Rapid7 tracked the hacking operation between November 2017 and September 2018, and publicly revealed the breaches Wednesday. The researchers assessed with “high confidence” that APT10, a group tied to China’s civilian intelligence agency, was responsible for the hacking, calling the group “the most significant Chinese state-sponsored cyber threat to global corporations known to date.” Only one of the three victims is named: Visma, a billion-dollar Norwegian software company that claims 850,000 customers around the world. The hackers likely breached Visma to gain access to other organizations’ networks, the researchers said, but targeted the law and apparel firms “to gather information for commercial advantage.” Visma […]
The post Hack of billion-dollar Norwegian firm is tied to Chinese espionage group APT10 appeared first on CyberScoop.
Continue reading Hack of billion-dollar Norwegian firm is tied to Chinese espionage group APT10
The final Cyber Security Roundup of 2018 concludes reports of major data breaches, serious software vulnerabilities and evolving cyber threats, so pretty much like the previous 11 months of the year.5.3 millions users of “make your own avatar” app Boom… Continue reading Cyber Security Roundup for December 2018
Following the indictment of two alleged members of a Chinese cyberespionage group by the U.S. Department of Justice Dec. 20, the governments of Canada, Australia, New Zealand and the U.K. have publicly attributed the group’s activities to China&… Continue reading ‘Five Eyes’ Countries Attribute APT10 Attacks to Chinese Intelligence Service
A security researcher who uses the online handle SandboxEscaper has published proof-of-concept exploit code for an unpatched vulnerability in Windows. The flaw is located in the “MsiAdvertiseProduct” function, which, according to Microsoft… Continue reading Researcher Drops Third Windows Zero-Day Exploit in Four Months
The homeland security implications are significant: the two, working with Beijing-backed APT10, allegedly stole sensitive data from orgs like the Navy and NASA. Continue reading U.S. Indicts China-Backed Duo for Massive, Years-Long Spy Campaign
The Justice Department on Thursday unsealed charges against two hackers linked with China’s civilian intelligence agency for a lengthy campaign to break into global technology service providers in efforts to steal intellectual property. The campaign targeted more than 45 companies in a dozen countries, including sectors ranging from aviation to pharmaceuticals, along with U.S. Navy, a Department of Energy laboratory, and NASA, prosecutors alleged. The defendants also stole the Social Security numbers and other personal information of over 100,000 Navy personnel, U.S. officials said. “The list of victim companies reads like a who’s who of the global economy,” FBI Director Christopher Wray said while announcing the charges. Other companies targeted included those in manufacturing, oil and gas, and maritime technology, U.S officials said. The pair of hackers – Zhu Hua and Zhang Shilong – are accused of being part of a Chinese hacking group known as APT10 or Cloudhopper. Industry […]
The post U.S. indicts China-linked group over wide-ranging hacking operations appeared first on CyberScoop.
Continue reading U.S. indicts China-linked group over wide-ranging hacking operations
In unsealing charges Tuesday against 10 Chinese nationals, the Department of Justice showed its focus is on China’s civilian intelligence agency, which analysts say has become Beijing’s preferred arm for conducting economic espionage. The agency, the Ministry of State Security, is more professional and technical in its hacking operations than China’s People Liberation Army, according to CrowdStrike co-founder Dmitri Alperovitch. “We have seen [the MSS], over the years, break into [corporate] organizations,” Alperovitch said Tuesday at an event hosted by The New York Times. “They were always better technically than the PLA.” After a landmark 2015 agreement between the United States and China not to steal intellectual property, Chinese activity in that vein tapered off for about a year, according to Alperovitch. Now, he said, it is back in full force. “[W]e’re seeing, on a weekly basis, intrusions into U.S. and other Western companies from Chinese actors,” with the MSS […]
The post DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits appeared first on Cyberscoop.
Continue reading DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits