cyberattack
Latest
New ransomware is causing major issues across Europe and Russia
There's a new ransomware making the rounds today with confirmed targets in Russia, Ukraine, Turkey and Germany. Kaspersky Labs says that nearly 200 victims have been hit with the ransomware that's been dubbed Bad Rabbit.
Iran blamed for cyberattack on UK parliament
When hackers attacked UK parliament email accounts in June, it was tempting to blame Russia. After all, it's been rather busy lately. However, it looks like people were pointing their fingers in the wrong direction. The Times has learned that British intelligence has pinned the campaign on Iran -- it'd be the country's first cyberattack against the UK, in fact. While the actual damage was relatively limited (about 30 Members of Parliament were compromised out of roughly 9,000 total accounts), the intrusion supports beliefs that Iran has become a serious player in cyberwarfare after years of being little more than a target. Officials aren't commenting on the attack, but there are a few theories as to why Iran would take this risk.
Israel warned the US about Kaspersky after hacking its network
Kaspersky is in hot water...again. The US government recently prohibited federal agencies from using the company's products, and the FBI is reportedly convincing private entities to do the same. Its latest headache is linked to the NSA cyberattacks allegedly carried out by Russian hackers, who made away with official cyber defense material in 2015. The US intelligence agency claimed it noticed the stolen files using Kaspersky software. Little else was revealed about the incident (news of which broke last week) until now. It seems Israeli officials tipped off the US about the Russian intrusion, having hacked into Kaspersky's network, according to The New York Times.
China denies carrying out cyberattacks against US-based activist
China claims it wasn't behind the hacking of a US think tank that was set to host exiled Chinese tycoon-turned-activist Guo Wengui. The Hudson Institute abruptly canceled its event with Guo last week, claiming it had detected a Shanghai-based attack aimed at crippling its website.The incident was raised by US Attorney General Jeff Sessions in his meeting with Chinese government officials on Wednesday, according to The Wall Street Journal. Guo himself also claimed that the law firm representing his US political asylum bid backed out after it was targeted by Chinese hackers. In a statement, China's Ministry of Public Security told Reuters it had found "no evidence" of government involvement in the alleged cyberattacks.
Congressmen call for investigation of FCC cyberattack claims
The FCC has claimed that the site it uses to collect public comment on its plans to roll back net neutrality rules was taken down by a distributed denial of service (DDoS) attack instead of crippled by a massive number of commenters brought about by a John Oliver segment on HBO. When pressed for details, the agency denied that it hadn't documented the "attack," that sharing any details would undermine security and have stonewalled any demands for evidence of a cyberattack. On Thursday, however, Senator Brian Schatz and Congressman Frank Pallone Jr. sent a letter to the Government Accountability Office (GAO) encouraging a full review of the FCC's practices and claims.
Need a new password? Don't choose one of these 306 million
Troy Hunt, the security expert behind Have I Been Pwned (HIBP), has released 306 million previously-pwned passwords in a bid to help individuals and companies ramp up their online security. The passwords have been mined from dozens of data breaches, and now anyone can download them for free. HIBP lets someone see if their email address has appeared in a breach, but doesn't reveal the associated password for that particular compromised service. Now, Hunt -- who has written extensively on password protection -- has flipped the model on its head, making passwords searchable without the associated email address or username.
Facebook pledges funding to non-profit election security group
Just last week, Harvard Kennedy School's Belfer Center launched Defending Digital Democracy, an across-the-aisles bipartisan effort to find ways to protect against election hacking. The group includes campaign managers from Hillary Clinton and Mitt Romney's presidential campaigns as well Google and Facebook security staffers. A new report on Reuters says that Facebook will also provide an initial funding of $500,000 to the nonprofit.
Clinton, Romney campaign managers unite to fight election hacking
The threat of hacks disrupting US elections is very real, and enough people are concerned that it's creating some strange bedfellows. Harvard Kennedy School's Belfer Center has launched Defending Digital Democracy, a bipartisan effort to offer technology, strategies and other tools that can protect against election-oriented cyberattacks. And when they say it's an across-the-aisle effort, they mean it. Campaign managers for former presidential candidates Hillary Clinton and Mitt Romney will help lead the group, as will Facebook's security chief, Google's info security director and the co-founder of security firm CrowdStrike. The head of the group is Eric Rosenbach, who was Chief of Staff to recent Defense Secretary Ash Carter.
Leaked memo says hackers may have compromised UK power plants
State-sponsored hackers have "probably compromised" the UK's energy industry. A leaked memo from the National Cybersecurity Centre (NCSC) identifies links "from multiple UK IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors." These threats are "known to target the energy and manufacturing sectors," the document says. The memo, obtained by Motherboard and verified by a number of sources, goes on to say that as a result of these connections, "a number of industrial control system engineering and services organisations are likely to have been compromised." The NCSC has neither confirmed nor denied the authenticity of the memo. However, in a statement given to the BBC it said: "We are aware of reports of malicious cyber-activity targeting the energy sector around the globe ... We are liaising with our counterparts to better understand the threat and continue to manage any risks to the UK."
South Carolina hit with 150,000 Election Day hacking attempts
More information about the scale of attempted election hacks has been released and it involves a rather surprising target -- South Carolina. Donald Trump took the state by 54.9 percent and there was never any doubt that he had the advantage in the historically republican-swinging South Carolina. However, even with almost certain projected results, the state's voter-registration system was hit with nearly 150,000 hack attempts.
US hit by cyberattack that targeted Ukraine and Russia
Yesterday, a number of Ukrainian and Russian companies and state agencies reported being hit by a cyberattack, the results of which ranged from flight delays at Boryspil airport to a shutdown of Chernobyl nuclear power plant's automatic radiation monitoring system. And while those two countries took the brunt of it, the virus at the root of the attack quickly spread throughout Europe and to Asia, Australia and the US.
Large-scale cyberattack is spreading through Russia and Ukraine (updated)
A large-scale cyberattack is working its way through a number of Ukrainian and Russian targets today. So far, in Russia, oil producer Rosneft and metal company Evraz have been affected by the attack. In Ukraine, Boryspil airport, the banking system, a state power distributer and even the Ukrainian government have been hit.
Hackers target UK parliament email accounts
After a report from The London Times that the email addresses and passwords of British cabinet members and other government officials were being traded by Russian hackers, it looks like the inevitable next step has occurred: a cyberattack on the UK parliament.
Report: Obama authorized a secret cyber operation against Russia
President Barack Obama learned of Russia's attempts to hack US election systems in early August 2016, and as intelligence mounted over the following months, the White House deployed secrecy protocols it hadn't used since the 2011 raid on Osama bin Laden's compound, according to a report by The Washington Post. Apparently, one of the covert programs Obama, the CIA, NSA and other intelligence groups eventually put together was a new kind of cyber operation that places remotely triggered "implants" in critical Russian networks, ready for the US to deploy in the event of a pre-emptive attack. The downed Russian networks "would cause them pain and discomfort," a former US official told The Post.
Estonia will back up its government in a 'digital embassy'
The rules on what governments can, and can't, do with your personal data is based entirely on where the information is stored. Since tech companies shunt your stuff to servers across the globe, there's a risk that an oppressive regime can use its rights to start peeking at your stuff. That's why it's interesting that Estonia has signed a deal to open what it's calling the world's first "data embassy" in Luxembourg.
Russian intelligence agents targeted US voting-software company
Russia's military intelligence agency infiltrated a US voting-software company and conducted a phishing campaign targeting more than 100 local elections officials, according to top-secret National Security Agency documents published by The Intercept. The cyberattacks occurred in the months and days before the US presidential election in November. The US intelligence community concluded in January that top Russian authorities directed a hacking campaign against the US election infrastructure, including launching cyberattacks against the Democratic National Committee and the staff of candidate Hillary Clinton. The NSA documents published today offer a glimpse into how Russia actually attempted to infiltrate US elections systems, and what kind of information agents were interested in manipulating. The report does not state whether these attacks directly affected the results of the election.
Senators ask FBI to investigate FCC's alleged cyberattack
The FCC isn't exactly forthcoming with evidence of the alleged denial of service attack on its servers, and that's leaving some worried. Is it protecting privacy (as it claims), or stifling attempts to post comments supporting net neutrality? A slew of Senators want to find out -- and they're going above the FCC's head to make sure they get answers. Senators Al Franken, Patrick Leahy, Edward Markey, Brian Schatz and Ron Wyden have sent a letter to FBI Acting Director Andrew McCabe asking his bureau to conduct a high-priority investigation of the FCC's cyberattack claims. While they don't directly accuse the FCC of dishonesty, it's clear from the wording that they aren't just taking the Commission's word at face value.
FCC stonewalls demands for evidence of cyberattack
The FCC swears that a denial of service attack hit its servers hours after Last Week Tonight's John Oliver rallied support for net neutrality, but where's the evidence? Well, don't expect it any time soon. In an interview with ZDNet, the regulator's David Bray says the FCC won't release the logs that might show who was responsible for the incident. The logs contain private info like IP addresses, he says. Bray does note that there wasn't a botnet involved, though -- instead, the traffic came from commercial cloud services using the FCC's public programming interface. But if it wasn't a botnet, then who was involved? Some critics are concerned that the FCC isn't exactly being forthright.
NHS hospitals in England hit by a widespread cyberattack (updated)
Various NHS Trusts are currently battling with what appears to be a large-scale cyberattack affecting IT systems across the country. According to reports, hospitals and GP surgeries are falling victim to a widespread ransomware attack, causing them to shut down their computer networks. The East and North Hertfordshire NHS Trust was one of the first to acknowledge the problem and switch off its systems, warning locals that they will have trouble getting through on the phone and asking them not to visit accident and emergency unless absolutely necessary. Update: The attack has continued to spread and is now affecting systems around the world. Update 2 (5/13): In response to infections like the ones that crippled parts of the NHS system, Microsoft is releasing a patch for unsupported systems including Windows XP, Windows 8 and Windows Server 2003.
US hopes cyberattacks will stall North Korea's missile program
The US might not have had much success with cyberattacks against North Korea's nuclear program, but that apparently hasn't stopped officials from further efforts... not that they're having much success. The New York Times has learned that then-President Obama ordered escalated cyberwarfare against North Korea in 2014 a bid to thwart its plans for intercontinental ballistic missiles. However, it's not clear that this strategy has worked -- and there may be problems if it does.
