Sunday, November 11, 2018

cyberhack world update; etc.

6-21-18    A sophisticated hacking campaign launched from computers in China had burrowed deeply into satellite operators, defense contractors, and telecommunications companies in the United States and southeast Asia, according to security researchers at software company Symantec.   https://www.theepochtimes.com/china-based-hacking-campaign-breached-satellite-and-defense-companies-according-to-symantec_2568927.html
………………………….…...................
8-2-18   China’s 2017 cybersecurity law makes U.S. companies doing business in China extremely vulnerable to intellectual-property theft by Chinese entities.  The law requires that all technology companies doing business in China pass the authorities’ national security reviews.  In addition, companies’ data must be stored within China, and government approval is required before companies can transfer any data out of the country.  https://www.theepochtimes.com/us-government-report-reveals-business-sectors-under-siege-from-chinese-cyber-espionage_2611097.html
………………………………
11-11-18   A unit of the Chinese military that has been linked to cyber attacks against U.S. private companies for economic espionage may now targeting India’s national-defense infrastructure….According to cybersecurity firm FireEye’s assessment, Unit 61398 has stolen hundreds of terabytes of data from at least 141 organizations around the world—targeting a wide range of industries such as aerospace, transportation, health care, and financial-services sectors.
  “The group focuses on compromising organizations across a broad range of industries in English-speaking countries. The size of APT1’s infrastructure implies a large organization with at least dozens, but potentially hundreds, of human operators,” FireEye said….in April 2010 a Chinese hacker group called “Shadow Network” tapped into top-secret files at the Indian Defense Ministry, as well as embassies around the world.  Among the compromised files were information relating to India’s weapons systems.  https://www.theepochtimes.com/secretive-chinese-military-hacker-group-now-attacking-india_2712691.html
…………………………................…
  10-9-18  Crowdstrike said cyber-hackers were using increasingly sophisticated techniques to breach Western defences by replicating established software to hack firms, hijacking a firm’s clients’ computers as a potential ‘Trojan Horse’ route into their target and using personalised ‘phishing’ emails to senior executives.China has become a bigger threat after a reorganisation of the People’s Liberation Army (PLA) put hacking in the hands of contract firms, effectively privatising operations.
   Free of previous Chinese state bureaucracy, they are run by computer science experts with extensive links into hacking forums and groups, says Crowdstrike, which provides cybersecurity for half of the world’s biggest 20 multinationals.  https://www.telegraph.co.uk/technology/2018/10/09/china-ahead-russia-biggest-state-sponsor-cyber-attacks-west/
…………………………...........…
11-11-18  According to F-Secure's honeypot data, Russia, the US, China, the Netherlands and Germany targeted India with 436,090 attacks.  This is nearly 12 times more than which originated from India.https://www.ndtv.com/india-news/india-saw-4-3-lakh-cyber-attacks-from-nations-including-us-china-report-1945695
………………….…..................
10-18-18   Oceansalt is designed to capture the IP address, computer name, the filepath of the implant, and other system and process details on an infected system and send it to an external server.  The malware can be used to delete and write files on disk, open and terminate processes, create, operate and close a reverse shell, and to execute other remote commands.  The malware, like a lot of malicious software these days, is being distributed via spearphising emails with Excel and Word attachments.
McAfee says its research shows that the implant itself is a first-stage component that can be used to download other malware components on an infected machine . Data from the control servers that are being used in the campaign shows infected machines in the United States, Canada, Costa Rica, and the Philippines.
  The (Chinese-based) group behind Oceansalt has used multiple versions of the malware in the five waves of attacks it has launched so far.  The first wave targeted higher educational institutions in South Korea, the second went after public infrastructure projects in the country, and the third was directed at government fund operated by South Korea's export and import bank. 
Samani says McAfee is not entirely sure of Oceansalt's motivations.  "But [it] appears to be first stage reconnaissance to gain a foothold in compromised organizations," he says.  https://www.darkreading.com/attacks-breaches/cyber-espionage-campaign-reuses-code-from-chinas-apt1/d/d-id/1333073
  ………………………..................
10-7-17     Titan Rain was followed by a rash of espionage incidents that originated in China and were given code names like “Byzantine Hades,” “GhostNet” and “Aurora.”  The thieves were after a wide range of data.  They stole intellectual property, including Google’s source code and designs for weapons systems.
  In its 2015 Global Threat Report the American cyberintelligence firm CrowdStrike identified dozens of Chinese adversaries targeting business sectors that are key to the Five-Year Plan.  It found 28 groups going after defense and law enforcement systems alone.  Other sectors victimized worldwide included energy, transportation, government, technology, health care, finance, telecommunications, media, manufacturing and agriculture.
  China’s theft of military and trade secrets has been so rampant that editorial cartoonists Jeff Parker and Dave Granlund depicted it as “Chinese takeout.”  https://www.scientificamerican.com/article/how-the-chinese-cyberthreat-has-evolved/
…………….……
3-14-18   Most vulnerable however are Russia’s banks.  Hackers used the Cobalt Strike security-testing tool to steal more than $17m from more than 240 Russian banks in 2017, according to the central bank.  In the past few months, hackers used the Swift payment system to steal $6m from an unnamed bank and tried to steal nearly $1m from state-owned Globex.    https://www.ft.com/content/b813ab48-1b04-11e8-aaca-4574d7dabfb6
…………………..
4-2-18   Routers are a weak point in security because they're frequently left unpatched, have legacy unencrypted protocols, or weak default settings for easy installation — indeed, the technical alert notes that "Russian cyber actors do not need to leverage zero-day vulnerabilities or install malware to exploit these devices.”  In short they don't need to be sophisticated.  Pair that with the fact most traffic goes through routers and other networking equipment and that makes them "ideal targets", the alert notes.   https://www.wired.co.uk/article/russia-hacking-russian-hackers-routers-ncsc-uk-us-2018-syria
……………………..…
2-21-17   “Darkode was an online, password-protected forum in which hackers and other cyber criminals convened to buy, sell, trade and share information, ideas, and tools to facilitate unlawful intrusions on others’ computers and electronic devices.
  “Before becoming a member of Darkode, prospective members were allegedly vetted through a process in which an existing member invited a prospective member to the forum for the purpose of presenting the skills or products that he or she could bring to the group.”
  Does Darkode serve as a blueprint for Fancy Bear or Kozy Bear, two of the Russian hacker groups implicated in the recent Russian cyberattacks?  That remains unclear, and yet, there are some signs that the Russian hacker groups engaged in a competitive pursuit of their objectives.  http://www.atimes.com/article/russian-chinese-hackers-different/
……………………….
10-8-18 update    In late May the White House announced plans to shorten the lengths of visas issued to some Chinese citizens, as a way to prevent the Chinese regime from getting its hands on intellectual property developed in the United States.
  In recent years U.S. federal authorities have prosecuted several Chinese nationals working in American academia who stole proprietary technology on behalf of entities in China.  Beginning June 11, the U.S. State Department will begin implementing these limits, including restricting Chinese citizens studying in certain fields—such as robotics, aviation, and high-tech manufacturing—to one-year visas….
  PRC economic 10-year plan, Made in China 2025.  This industrial policy was also the target of the recent Office of the U.S. Trade Representative’s (USTR) investigation into China’s intellectual property theft practices, commissioned by President Donald Trump.  It found that China strategically directs private and state-owned firms to acquire foreign tech companies in order to obtain their technological innovations; eventually China wants to dominate global tech supply chains and displace foreign competitors.  To this end some Chinese nationals working at U.S. universities have stolen technology beneficial to the Chinese regime….In 2006 Liu Ruopeng came to the United States to study for a PhD at Duke University, working in the lab of professor David Smith, an expert in metamaterials, or substances that exhibit properties not found in nature.
  Smith’s lab had created a prototype of an invisibility cloak that could conceal objects from microwaves, giving it potential applications for mobile phones and antennas, according to The Duke Chronicle, the university’s news publication.  In fact, Smith’s research was funded by the Air Force Office of Scientific Research.
  Liu was able to take that technology back to China and establish a research institute and Hong Kong-listed company focused on metamaterials, called KuangChi Science.  The firm is currently valued at about $2 billion. https://www.theepochtimes.com/white-house-limits-on-chinese-visas-highlights-academic-espionage-problem_2553263.html
………………………..…
3-3-17  Banks have raked in nearly $1 trillion in profits since the financial crisis, but they paid a steep price along the way.
In total, financial institutions have paid $321 billion in fines related to the crisis, according to a study released this week by the Boston Consulting Group. U.S. banks have shouldered most of those costs, though global institutions also have been hit.
  The release comes the same week the FDIC reported that bank profits surged to a record $171.3 billion in 2016, boosted by a best-ever $45.6 billion in the third quarter. The year's proceeds brought the total post-crisis net (measured from the third quarter of 2009) to $987.8 billion, according to FDIC records.
  Nevertheless the study notes that banks have paid heavily for the problems they created and face a tough landscape ahead.
…………………………………
 11-9-18   Mustafa, a 30-year-old civil engineer, has been charged with putting Raqqa back together again
                                 -Leila Mustafa, co-leader of Raqqa Civil Council
  “We have a lot to do,” she says.  “All the infrastructure was destroyed, there’s no electricity, no communications, there are landmines everywhere, all the bridges are gone and the main hospital is still out of action,” she adds, and that’s just the start.
  As the co-leader of Raqqa Civil Council, Mustafa is the closest thing the city has to a mayor.  That a woman is now in charge of what was once the beating heart of Isis’s reign of terror – where women were subjugated and silenced – is an irony not lost on her.
   “Women were prisoners here.  They were not even allowed to leave their home.  They had no rights,” she says, speaking to The Independent from her office within a heavily guarded compound.  “What we are building now is the complete opposite of what ISIS did.”  Raqqa was home to more than 200,000 people before the war – mostly Arabs, but also Kurds, Christians, Syriacs and Alawites.  
.............................................................................................
595.   The emanations of approaching electronic waves surround one and color with their chemism the attracted particles of energy.  This is the chemical basis of so-called colored stars.          -Morya:  Agni Yoga 1929

No comments:

Post a Comment