-
Cyber espionageCyber espionage campaign, likely sponsored by China, targets Asian countries: FireEye
FireEye has released a report which provides intelligence on the operations of APT 30, an advanced persistent threat (APT) group most likely sponsored by the Chinese government. APT 30 has been conducting cyber espionage since at least 2005, making it one of the longest operating APT groups that FireEye tracks. APT 30 targets governments, journalists, and commercial entities across South East Asia and India.
-
-
Cyber operationsThe CIA bolsters cyber operations
The Central Intelligence Agency (CIA) is planning to join the growing list of U.S. intelligence and security agencies which have redefined their missions to include cyber operations — in the CIA’s case, cyber espionage. Current and former agency officials say the new effort will be part of the broad restructuring of an intelligence service long defined by its human spy work. The shift also reflects the increasing role cyber plays in intelligence gathering, with allies and adversaries relying on smartphones, social media, and other technologies to communicate.
-
-
CybersecurityFirst known Arabic cyber-espionage group attacking thousands globally: Kaspersky Lab
The Kaspersky Lab Global Research and Analysis Team the other day announced the discovery of Desert Falcons, a cyber-espionage group targeting multiple high profile organizations and individuals from Middle Eastern countries. Kaspersky Lab said its experts consider this actor to be the first known Arabic group of cyber mercenaries to develop and run full-scale cyber-espionage operations. In total Kaspersky Lab experts were able to find signs of more than 3,000 victims in 50+ countries, with more than one million files stolen.
-
-
China syndromeNew Chinese cyber rules aim to facilitate intellectual property theft: U.S. tech companies
The Chinese government’s cyberspace policy group in late 2014 approved a 22-page document which contained strict procurement rules for technology vendors. Those rules would require U.S. firms selling computer equipment in China to turn over sensitive intellectual property — including source codes — submit their products for “intrusive security testing,” and use Chinese encryption algorithms. U.S. companies selling equipment to Chinese banks will be required to set up research and development centers in China, get permits for workers servicing technology equipment, and build “ports” which allow Chinese officials to manage and monitor data processed by their hardware. U.S. tech companies charge that the new rules would make it easier for China to steal U.S. companies’ intellectual property.
-
-
Nuclear cloak & daggerRussian secret agents implicated in nuclear poisoning of a critic of Putin
Alexander Litvinenko, a Russian dissident and a vocal critic of President Vladimir Putin, died in London on 23 November 2006 after suffering from radioactive polonium-210 poisoning. An inquest has established that on 1 November 2006 he ingested large quantities of the radioactive material, surreptitiously put in his tea by two agents of the Russian Federal Protective Services. A nuclear expert testifying at the inquest said that less than a millionth of a gram of polonium would be enough to kill a human being.
-
-
EspionageNYC Russian spy ring busted
In a federal complaint unsealed Monday, prosecutors say that Russian spies used talk about books, or tickets for sporting events or concerts, as code words for conducting espionage against the United States. On Monday in New York, law enforcement arrested one of the men, Evgeny Buryakov, 39, who posed as an employee in the New York City office of a Russian bank. The two other men listed in the complaint, Igor Sporyshev and Victor Podobnyy, had diplomatic immunity and no longer live in the United States. U.S. officials said the men were gathering intelligence related to possible U.S. sanctions on Russia and U.S. efforts to develop alternative energy resources, in addition to trying to recruit Americans in high positions.
-
-
China syndromeNOAA employee charged with giving information on vulnerabilities of U.S. dams to China
A National Weather Service (NOAA) employee is being charged by the Federal Bureau of Investigations (FBI) with stealing sensitive infrastructure data from a U.S. Army Corps of Engineers database and handing it off to a Chinese government official in Beijing.The dam database is considered sensitive data and has also been compromised by Chinese hackers in 2013, as part of a covert Chinese government operation.The database information includes details on the location, type, storage, capacity, year of construction, and other crucial details helpful in the event of any coordinated strike.
-
-
Sony hackingCyber whodunnit: North Korea prime suspect but there are many potential culprits
Many suspect North Korea to be behind the attack on Sony Pictures. North Korea quite possibly has motive, means, and opportunity to carry out this attack on Sony, but as with any successful prosecution, that isn’t enough. We need evidence. We will have to wait for the detailed forensic work to complete before we stand a realistic chance of knowing for certain. That may or may not be forthcoming, but in the meantime we should consider what this event tells us about the balance of power in cyberspace. In a world in which major disruption can be caused with scant resources and little skill, all enemies are a threat. North Korea might be the rogue state that everyone loves to hate but there are plenty of others who could have done it. There is no longer a tiered approach of superpowers fighting proxy wars in smaller, developing nations. Now those developing nations can fight back, and you might not even know it was them.
-
-
CybersecurityA malware more sophisticated than Stuxnet discovered
Security experts at Symantechave discovered the world’s most sophisticated computer malware, Regin. Thought to have been created by a Western intelligence agency, and in many respects more advanced than Stuxnet — which was developed by the U.S. and Israeli government in 2010 to hack the Iranian nuclear program — Regin has targeted Russian, Saudi Arabian, Mexican, Irish, and Iranian Internet service providers and telecoms companies. “Nothing else comes close to this … nothing else we look at compares,” said one security expert.
-
-
China syndromeSecurity concerns over purchase of Waldorf Astoria by Chinese company
Citing espionage risk, U.S. officials are expressing concern over the sale of the historic Waldorf Astoria hotel in New York City to a Chinese insurance company. The sale of the hotel will likely lead to a review by the U.S. Committee on Foreign Investment (CFIUS) of the Chinese firm’s long-term plans for the site and the finer details of the sale. “Because the agreement calls for major renovations to the hotel, CFIUS will be worried that the Chinese could engage in some form of espionage,” said a former Treasury Department official who managed CFIUS reviews.
-
-
Security businessSecurity contractor USIS failed to notice months-long hacking of its computer systems
A new report reveals that the cyberattack on security contractor USIS, similar to previous attacks by Chinese government hackers on U.S. firms, was infiltrating USIS computer systems for months before the company noticed. The breach, first revealed publicly by the company and the Office of Personnel Management(OPM) in August, compromised the records of at least 25,000 DHS employees.
-
-
EspionageNew report details Russia’s cyber-espionage activities
Researchers at FireEye, a Silicon Valley-based computer security firm, are connecting the Russian government to cyber espionage efforts around the world. The researchers released a report on Tuesday which says that hackers working for the Russian government have, for seven years now, been hacking into computer networks used by the government of Georgia, other Eastern European governments, and some European security organizations.
-
-
CybersecurityGeorgia Tech releases 2015 Emerging Cyber Threats Report
In its latest Emerging Cyber Threats Report, Georgia Tech warns about loss of privacy; abuse of trust between users and machines; attacks against the mobile ecosystem; rogue insiders; and the increasing involvement of cyberspace in nation-state conflicts.
-
-
China syndromeChina steals confidential data on the vulnerabilities of major U.S. dams
The U.S. Army Corps of Engineers’ National Inventory of Dams(NID) contains critical information on the vulnerabilities of the roughly 8,100 major dams in the United States. Between January and April 2013, U.S. intelligence agencies spotted several attempts by China’s People’s Liberation Army (PLA) cyber-espionage unit to access the NID database and steal its contents. On Monday, National Weather Service (NWS) hydrologist Xiafen “Sherry” Chen, 59 was arrested for allegedly breaching the NID security and stealing confidential data on U.S. dam vulnerabilities. The Justice Department has raised the alarm over multiple attempts by China to steal data on U.S. critical infrastructure through individuals with privileged access to confidential databases.
-
-
China syndromeSale of NYC historic Waldorf Astoria hotel to Chinese firm worries U.S. security officials
Citing an espionage risk, U.S. officials are expressing concern over the sale of the historic Waldorf Astoria hotel in New York City to a Chinese insurance company. The Beijing-based Anbang Insurance Group purchased the property from Hilton Worldwide on 6 October for $1.95 billion. One clause in the sale contract, referring to “a major renovation,” has raised eye brows in Western security services. Specifically, they worry that renovations and modifications to the structure could accommodate Chinese eavesdropping and cyber espionage equipment.
-