nation-state hackers – Page 4

Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities

Posted on April 17, 2019 by Shannon Vavra

Hackers backed by a nation-state have successfully hijacked Domain Name System records to steal credentials from approximately 40 public and private entities across 13 countries in an attack that’s lasted for about two years, which Cisco’s Talos research team has dubbed “Sea Turtle” in research published Wednesday. The ongoing attack targets intelligence agencies, military organizations, and energy firms, as well as foreign ministries, telecommunications companies, and internet service providers. Cisco’s researchers characterize the attackers as “highly capable” and “unusually brazen,” but don’t go so far as to identify what country may be behind the attack. FireEye has indicated Iran is likely responsible for an attack that appears similar, but which Cisco claims is distinct from this new campaign. DNS hijacking allows hackers to gain credentials from victim entities in order to control the target’s DNS records — without flagging to the victims that they’re under attack. Using the DNS records, attackers are capable of […]

The post Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities appeared first on CyberScoop.

Continue reading Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities→

ASUS issues patch, downplays scope of APT hack of its supply chain

Posted on March 26, 2019 by Sean Lyngaas

Taiwanese hardware manufacturer ASUS on Tuesday announced a software update in response to a nation-state-linked hack and downplayed the scale of the compromise of its supply chain. “Only a very small number of [a] specific user group were found to have been targeted by this attack and as such it is extremely unlikely that your device has been targeted,” ASUS said in a press release. The statement contrasted with the findings of Kaspersky Lab researchers, who described the breach as perhaps “one of the biggest supply-chain incidents ever.” The attackers compromised an ASUS server to send malicious updates that affected about 1 million computer users between June and November 2018, according to the researchers, though only 600 appeared to be targeted for attack. ASUS accounted for 6 percent of global PC shipments in the third quarter of 2018, according to Gartner. The company also makes mobile phones, smart home devices, and other […]

The post ASUS issues patch, downplays scope of APT hack of its supply chain appeared first on CyberScoop.

Continue reading ASUS issues patch, downplays scope of APT hack of its supply chain→

To prepare for 2020, DNC security chief tries to make hackers’ lives harder

Posted on March 8, 2019 by Sean Lyngaas

The Democratic National Committee is striving to “make it more expensive for attackers to do their work” as it prepares for a 2020 election, Bob Lord, the committee’s chief security officer, told CyberScoop. It is a simple but proven principle of cybersecurity: Make it harder for hackers to succeed by implementing time-tested basics like two-factor authentication. The question for the DNC is: How do you aggressively broaden adoption of such practices for campaigns and state parties scattered across the country, many which have very limited budgets? That far-flung apparatus is not the chain of command that Lord was used to when he was a cybersecurity executive at companies like Yahoo and Rapid7. “Because we’re a decentralized ecosystem, it presents a number of interesting challenges,” he said in an interview. “I don’t have the ability to order people to do things. Nor can I practically manage all of their systems. But what I can do […]

The post To prepare for 2020, DNC security chief tries to make hackers’ lives harder appeared first on CyberScoop.

Continue reading To prepare for 2020, DNC security chief tries to make hackers’ lives harder→

NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking

Posted on February 28, 2019 by Sean Lyngaas

The United States will do more to disrupt the malicious cyber-activity that foreign adversaries are aggressively using to advance their interests, a National Security Agency official said Thursday. “We have to impose costs in a visible way to start deterrence,” said Rob Joyce, senior cybersecurity adviser at NSA. “We have to go out and try to make those operations less successful and harder to do.” Speaking to an industry association in Hanover, Maryland, Joyce cited the 2017 WannaCry and NotPetya malware outbreaks — and Russia’s use of information operations in the 2016 U.S. election — as examples of nation-states moving from “exploitation to disruption” to impose their will in cyberspace. Washington has blamed North Korea and Russia, respectively, for the devastating WannaCry and NotPetya attacks, which cost billions of dollars in economic damage. Some foreign governments have less legal constraints on their activities in cyberspace than the U.S., Joyce told a local […]

The post NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking appeared first on CyberScoop.

Continue reading NSA’s Joyce outlines how U.S. can disrupt and deter foreign hacking→

Cyberthreats rise to the top at Senate hearing on worldwide dangers for U.S.

Posted on January 29, 2019 by Sean Lyngaas

In yet another sign that the hacking abilities of Russia, China, Iran and North Korea are drawing intense scrutiny from U.S. spy agencies and law enforcement, top federal officials focused on cyberspace Tuesday as part of a broader hearing on the global threats facing the United States. The digital tools and techniques deployed by U.S. adversaries and competitors are “growing in potency and severity,” Director of National Intelligence Dan Coats told the Senate Intelligence Committee. “As the world becomes increasingly interconnected, we expect these actors and others to rely more and more on cyber capabilities” to advance their interests, Coats said. FBI Director Christopher Wray told lawmakers that nation-states are increasingly collaborating with criminal hackers in a “form of outsourcing that makes it even more of a menace.” The annual hearing gives the public a snapshot of the threats at the forefront of U.S. intelligence chiefs’ minds, and hacking allegedly backed by […]

The post Cyberthreats rise to the top at Senate hearing on worldwide dangers for U.S. appeared first on CyberScoop.

Continue reading Cyberthreats rise to the top at Senate hearing on worldwide dangers for U.S.→

U.S. indicts China-linked group over wide-ranging hacking operations

Posted on December 20, 2018 by Sean Lyngaas

The Justice Department on Thursday unsealed charges against two hackers linked with China’s civilian intelligence agency for a lengthy campaign to break into global technology service providers in efforts to steal intellectual property. The campaign targeted more than 45 companies in a dozen countries, including sectors ranging from aviation to pharmaceuticals, along with U.S. Navy, a Department of Energy laboratory, and NASA, prosecutors alleged. The defendants also stole the Social Security numbers and other personal information of over 100,000 Navy personnel, U.S. officials said. “The list of victim companies reads like a who’s who of the global economy,” FBI Director Christopher Wray said while announcing the charges. Other companies targeted included those in manufacturing, oil and gas, and maritime technology, U.S officials said. The pair of hackers – Zhu Hua and Zhang Shilong – are accused of being part of a Chinese hacking group known as APT10 or Cloudhopper. Industry […]

The post U.S. indicts China-linked group over wide-ranging hacking operations appeared first on CyberScoop.

Continue reading U.S. indicts China-linked group over wide-ranging hacking operations→

Why you shouldn’t be afraid of nation-state hackers

Posted on November 14, 2018 by cyber_admin

When talking about information security, nation-state backed hackers are set up as the ultimate threat. The countries have brilliant hackers, unlimited resources, endless exploits, and they are all after you! Fortunately for us, there are also many more nation state hackers who are not that skilled, on a tight budget, and forced to use off-the-shelf tools. Just because your organization might be of interest to foreign services does not mean that you should just give up. Before we go much further, it’s important to acknowledge that some nation-state adversaries are, in fact, your worst nightmare. However, there is ample evidence of hacker “B-teams” amongst even the most sophisticated nation-state groups. Looking at the Russian attacks against the DNC, many simple mistakes are immediately apparent, including how easy it was to discover their origin. The group forgot to deploy anonymity tools, reused email and IP addresses for different parts of the […]

The post Why you shouldn’t be afraid of nation-state hackers appeared first on Cyberscoop.

Continue reading Why you shouldn’t be afraid of nation-state hackers→

U.S. tech giants back French call for global cooperation in cyberspace

Posted on November 12, 2018 by Sean Lyngaas

A multifaceted framework for lessening aggression in global cyberspace was unveiled by the French government on Monday, drawing support from tech giants and digital rights groups. Announced on the 100-year anniversary of the end of World War I, The Paris Call for Trust and Security in Cyberspace condemns “malicious cyber activities in peacetime,” affirms the applicability of international law to nation-state behavior in cyberspace, and aims to keep private companies from hacking back. The document pledges to strengthen the ability of government and private-sector organizations to combat interference in electoral processes through malicious cyber activities. Like the U.S. 2016 presidential election, France’s 2017 presidential election was reportedly the target of Russian hack-and-leak operations. Previous cyber norms initiatives have been confined to governments or industry, but the Paris Call aims to be the first multi-stakeholder initiative backed by governments, industry, academia, and civil society, according to Klara Jordan, head of the Atlantic […]

The post U.S. tech giants back French call for global cooperation in cyberspace appeared first on Cyberscoop.

Continue reading U.S. tech giants back French call for global cooperation in cyberspace→

DOJ unseals charges against 10 Chinese nationals for hacking aerospace companies

Posted on October 30, 2018 by Sean Lyngaas

The Department of Justice on Tuesday unsealed charges against 10 Chinese nationals, including intelligence officers and hackers, for a multi-year campaign to steal aerospace technology and other proprietary information from U.S. companies. Partly relying on a “team of hackers,” intelligence officers at a provincial arm of China’s Ministry of State Security (MSS) focused on stealing turbofan-engine technology used in European and U.S. commercial airliners, DOJ said in a statement. The alleged operation lasted from at least January 2010 to May 2015, the department said. The turbofan engine was a joint project between unnamed French aerospace manufacturer and a U.S.-based company, according to DOJ. The Chinese intelligence operation breached the networks of the French manufacturer, as well as those of companies based in Arizona, Massachusetts and Oregon, the department said. The indictment returned by a grand jury in the Southern District of California lays out the hackers’ alleged tradecraft in detail. “The hackers used a […]

The post DOJ unseals charges against 10 Chinese nationals for hacking aerospace companies appeared first on Cyberscoop.

Continue reading DOJ unseals charges against 10 Chinese nationals for hacking aerospace companies→