cyberattack
Latest
US launches its first cyberattacks against ISIS
The US no longer thinks that it's enough to hurt ISIS through airstrikes and cutting off propaganda channels -- it's starting a full-on digital warfare campaign. Cyber Command is launching its first attacks against ISIS' digital infrastructure in a bid to disrupt its communications and other basic functions. According to New York Times sources, this includes everything from imitating commanders to interrupting payments to fighters. This, in turn, could slow down ISIS as it second-guesses its moves for fear of being led into an American trap.
US charges Syrian Electronic Army hackers
Despite numerous high-profile hacking campaigns against the US government, news outlets and tech companies, the Syrian Electronic Army has remained a largely faceless entity... until now. The US has charged Ahmad Umar Agha (left), Firas Dardar (right) and Peter Romar with several crimes, including unauthorized computer access and (in the cases of Dardar and Romar) money laundering. The three are accused of compromising numerous targets, including a Marine Corps recruiting page (where they encouraged mutiny) and a news site (where they made false claims that the White House was under attack). Separately, Dardar and Romar are charged with conducting extortion schemes: Dardar would force victims to pay up and use Romar to get around Syrian sanctions forbidding payments.
North Korea steps up hacking campaign against the South
North Korea isn't letting up on its hacking campaign any time soon... if anything, it's kicking into high gear. South Korean officials report that the North has been escalating its cyberattacks, including a recent breach that compromised the phones of 40 security officials. The North also unsuccessfully tried to target the South's railway control system by attacking the email accounts of workers. These kinds of attacks were expected between North Korea's nuclear tests, long-range missile tests and joint US/South Korea military exercises, but that's not exactly comforting.
Windows 10 now protects against cyberattacks
Windows Defender has offered a baseline level of PC security for years, but that's not really going to cut it in an era when data breaches and other large-scale cyberattacks are virtually commonplace. That's why Microsoft is stepping up its game: it's launching Windows Defender Advanced Threat Protection, an optional Windows 10 enterprise service that flags signs of cyberattacks in time to prevent a bad situation from getting much worse. It looks for telltale clues on individual PCs, such as exploit attempts and unusual system file access. If something's up, it'll recommend a response to the IT staff -- they may not have to sift through activity logs to know what's causing grief on their network.
Last year's IRS cyber attack may have accessed 700,000 accounts
The Internal Revenue Service already increased the total number of accounts accessed in last year's cyber attack once. Today, it's raising the number gain. The IRS announced that during a 9-month review of the incident, it discovered that an additional 390,000 taxpayer accounts were potentially accessed during the breach. Those accounts are in addition to the confirmed access of and initial 114,000 last May and the subsequent 220,000 that were added in August. For those keeping track at home, today's announcement brings the total to over 700,000 affected tax payers.
TalkTalk loses over 100,000 customers following hack
It was inevitable that last October's cyber attack would drive some customers away from TalkTalk. At the time, the extent of the damage was unclear but the company has finally shared some numbers as part of its latest trading update. The provider says that in its third quarter, 101,000 subscribers (95,000 of which were directly tied to the attack) cancelled their contracts, costing the company as much as £60 million.
Ukraine blames Russians for a cyberattack on Kiev's airport
Ukraine's problems with cyberattacks aren't over -- far from it. The country reports that intruders attacked the network for Kiev's main airport, Boryspil, last week. Officials aren't accusing any specific party just yet, but they note that the attack originated from a server in Russia. Moreover, there are hints that this might be linked to the power grid attacks from December, which leaned on a common trojan (BlackEnergy) to get in.
Microsoft will warn users targeted by government hackers (update)
Microsoft promises to notify its users if it believes that the government's targeting their account. In its announcement post, the company says it already notifies subscribers if an unauthorized person's trying to access their Outlook email and OneDrive. But from now on, it will also specify if it suspects the attacker is sponsored by a government.Microsoft VP Scott Charney writes:We're taking this additional step of specifically letting you know if we have evidence that the attacker may be "state-sponsored" because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft's own systems have in any way been compromised.
Anonymous takes credit for cyberattacks crippling Turkey
Apparently, the hacktivists from Anonymous aren't just targeting ISIS directly -- they're causing chaos for indirectly responsible countries, too. The collective is taking credit for an escalating series of cyberattacks that have disrupted banks, internet backbones and government websites in Turkey. The campaign is meant to punish Turkey for allegedly turning a blind eye to activities that fund ISIS' extremism, such as oil smuggling. According to Radware, the attacks have been so fierce that they took down access to 400,000 sites and left Turkey blocking traffic in an attempt to keep sites online.
Yahoo alerts victims of state-sponsored cyberattacks
Yahoo is the latest tech company pledging to warn users if it appears they've been targeted in state-sponsored cyberattacks, Chief Information Security Officer Bob Lord announced today. Google, Facebook and Twitter rolled out similar alert systems earlier this year. Yahoo doesn't disclose how it determines if an attack is state-sponsored, but promises that it will only send alerts to users when it has "a high degree of confidence."
Twitter warns users targeted by state-sponsored attacks
Facebook and Google already warn you if they think you're the victim of a state-sponsored cyberattack, and now Twitter is joining the fray. The social network recently alerted some users that that they "may have been targeted" by government attackers trying to get email addresses, network connections and phone numbers. Twitter doesn't think the intruders got any account info, but it's offering suggestions (including using Tor) to anyone worried their personal info is out in the wild.
Wetherspoon hack exposes over 600,000 customers
Another week, another hack. JD Wetherspoon, the owner of countless cheap British pubs, has revealed that an older version of its website was hacked between June 15th and 17th, putting over 600,000 customers at risk. The company says it was informed of the attack on December 1st and immediately called in security specialists, who confirmed the breach a day later. All customers were then notified via email on December 3rd.
Facebook's new alert system warned the US about Iranian hackers
How do you think the US would find out about a state-sponsored hack from Iran? Sophisticated security software? Surveillance? Nope -- Facebook. According to the New York Times, State Department officials were tipped off about an Iranian hacking campaign thanks to Facebook implementing a government attack alert system just last month. They knew something was up when they got messages about being the victims of "state-sponsored actors." Reportedly, the cyberattackers were hoping to use the social networking accounts of younger government staff to compromise other, more prominent staffers in the government division.
Congress considers letting US companies hack Chinese attackers
Your parents probably told you that revenge solves nothing, but the US might be willing to make an exception to that rule when it comes to hacks. A Congressional commission's report suggests that the government should consider letting companies hack the Chinese hackers that break into their systems. Theoretically, firms could erase or recover any stolen data from the original hack. The study also suggests creating a court that would hear evidence from cyberattack victims and determine whether or not the US should launch counter-hacks on their behalf.
TalkTalk offers all customers a free upgrade to stop them leaving
After totting up the final number of customers involved in its October cyberattack, TalkTalk has begun laying out what it will do for those affected and how it expects to recover. In a trading update today, the company said it expects damages to cost between £30 million and £35 million as it copes with a "loss of online sales and service capability" following the October 21st hack. With four arrests in the bag and systems now back online, TalkTalk also said it will offer "free upgrades" to all customers, whether they've been affected by the hack or not.
TalkTalk hack: exactly 156,959 customers had personal details stolen
Two weeks after TalkTalk confirmed a "significant and sustained cyberattack" on its website, the company has revealed exactly how much data was stolen. Hackers obtained personal details for 156,959 customers, including their names, email addresses and phone numbers. A week ago it placed the figure at "less than 1.2 million" -- and while that was technically accurate, today's update should feel like a radical downgrade. Of those affected customers, TalkTalk says 15,656 bank account numbers and sort codes were obtained in the attack. That's down from the "less than 21,000" it had stated previously.
Chinese hackers targeted an insurer to learn about US health care
When Anthem revealed a data breach that exposed the details of more than 80 million people, the incident raised a lot of questions: who would conduct such a hack against a health insurance firm? Why? And what happens to the data? Well, investigators finally have some answers... and they're not quite what you'd expect. Reportedly, the culprits were Chinese hackers helping their nation understand how US medical care works. It may be part of a concerted campaign to get ready for 2020, when China plans to offer universal health care. If that's the case, the findings might explain a string of health-related breaches in the past few years.
US Senate passes controversial CISA bill
The US Senate convened for a vote on the controversial Cybersecurity Information Sharing Act (CISA) today as well as five amendments to it. All five amendments, which would have restrained law enforcement from abusing the bill's powers as well as made corporations more accountable for their roles in protecting consumer information, have failed. A cloture motion, which prevents filibustering the initiative, passed at the start of the session today by a vote of 83 - 14. The bill itself passed the Senate with a 74 - 21 vote (it needed 60). It must now do the same in the House before being either signed into law or vetoed by the President.
TalkTalk customers must prove fraud to avoid cancellation fees
With investigations making progress and a 15-year-old suspect in custody following a "significant and sustained" attack on its website, TalkTalk has begun notifying customers of their next steps. In its latest update, the company says that "as a gesture of goodwill," subscribers wishing to cancel their service can have their termination fees waived only if they can prove they had money stolen from them. Personal details including names, addresses, phone numbers and credit card/account numbers were taken in the attack, but the company later clarified that banking data was obfuscated and could not be used to directly empty customer accounts.
TalkTalk hacked in 'significant and sustained cyberattack'
TalkTalk subscribers are this morning waking up to news that the company has been the subject of another hack. Following an intrusion at the end of last year, which saw some customer data stolen, the broadband provider announced today that its website was the target of a "significant and sustained cyberattack" that may have captured personal details including names, addresses, account information and credit card/bank data.
