Hacking & Cyberwarfare News and Discussions

User avatar
caltrek
Posts: 6509
Joined: Mon May 17, 2021 1:17 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by caltrek »

The Cyber Apocalypse Never Came. Here’s What We Got Instead.
by Jacquelyn Schneider
July 27, 2021

https://www.politico.com/news/magazine/ ... are-500787

Introduction:
(Politico) Even for those of us who watch cyber warfare closely, the seeming barrage of cyber-related headlines in 2021 has felt remarkable. This spring, the Biden administration sanctioned Russia for last year’s breach of network software firm SolarWinds, which allowed Russian hackers to access major U.S. government agencies and over 18,000 companies. A few months later, Russian cyber attacks were back in the news, with purported Russian criminals extorting oil distributor Colonial Pipeline and meatpacking firm JBS for millions of dollars in ransomware payouts. Ransomware attacks have become so widespread that exhausted cybersecurity firms are turning away desperate customers.

Meanwhile, last week, the United States, NATO and the EU pointed the finger at China for a massive breach of a Microsoft exchange server, propagated by cyber mercenaries hired by the Chinese Ministry of State Security. The countries’ joint statement is all the more remarkable given both NATO and the EU’s unwillingness to brand China an “adversary.” And on the same day, researchers revealed a multi-state effort to hack and monitor presidents, monarchs, journalists and more, using spyware created not by the Russian government, China’s security apparatus or the National Security Agency—but by a private Israeli company called the NSO Group.

So what is going on in cyberspace, and did anyone see this coming? In 2011, hot off a social media-propelled democracy movement dubbed the Arab Spring, a cyber document released by the Obama administration waxed almost poetic about the promise of digital openness for the international order. But only a year later, then-Secretary of Defense Leon Panetta warned of “cyber Pearl Harbor,” followed in 2015 by Director of National Intelligence James Clapper’s “cyber Armageddon” warning.

What we got was neither the unbridled promise of digital cooperation nor a fiery cyber apocalypse. Instead, today’s cyber reality seems simultaneously less scary and more of a hot mess—a series of more frequent, less consequential attacks that add up not to a massive Hollywood disaster but rather to a vaguer sense of vulnerability. This can make it hard to understand what’s going on and how bad it really is. Are all these high-visibility cyber events more of the same, or are we living through a new era of cyber warfare?
caltrek's comment: Those that complain that not enough conservative sources are cited in this forum should note that Jacquelyn Schneider is a Hoover Fellow at the Hoover Institution. That institution is a decidedly conservative think tank. Politico frequently features such conservative commentators.
Don't mourn, organize.

-Joe Hill
weatheriscool
Posts: 12962
Joined: Sun May 16, 2021 6:16 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by weatheriscool »

In 1st visit to intel agency, Biden warns of cyber conflict
Source: AP

By NOMAAN MERCHANT and ALEXANDRA JAFFE

MCLEAN, Va. (AP) — President Joe Biden used his first visit with rank-and-file members of the U.S. intelligence community — a part of government that was frequently criticized by his predecessor Donald Trump — to make a promise that he will “never politicize” their work.

Biden waited more than six months to make the short drive across the Potomac River on Tuesday to the Office of the Director of National Intelligence, giving analysts and national security leaders — often derided by Trump as the “deep state” — some breathing room.

The president in his remarks to about 120 ODNI employees and senior leadership officials sought to make clear that he understood the complexity and critical nature of their work. The agency oversees the 17 other U.S. intelligence organizations.

“You have my full confidence,” he said. “I know there’s no such thing as 100% certainty in the intelligence world. Occasionally that happens. Rarely, rarely, rarely.”


Read more: https://apnews.com/article/joe-biden-go ... 2e18dd14c9
User avatar
caltrek
Posts: 6509
Joined: Mon May 17, 2021 1:17 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by caltrek »

According to the Department of Justice, Russian Hackers Had Access to Top U.S. Prosecutors’ Emails
by AJ Vicens
July 31, 2021

https://www.motherjones.com/mojo-wire/2 ... rs-emails/

Introduction:
Russian hackers broke into email accounts in 27 US attorneys’ offices over the course of seven months in 2020, the US Department of Justice announced Friday. It had been previously reported that multiple US federal government agencies had been breached through a third-party IT contractor called SolarWinds, including the Department of Justice. But on Friday the department offered more detail, including the districts where one or more employees’ email accounts were accessed.

While every US attorney could make the case that their office handles sensitive case work, Friday’s update included offices that deal with some of the most complex financial and international criminal prosecutions, including the Southern District of New York, the Western District of Pennsylvania, and the Eastern District of Virginia. The Southern District of New York, for example, has handled past prosecutions related to former President Donald J. Trump, and is reportedly investigating Trump ally and former attorney Rudy Giuliani related to his efforts in Ukraine and his dealings with Russian figures to dig up dirt on President Biden and his family.

“The Department is responding to this incident as if the Advanced Persistent Threat (APT) (group or group backed by a nation state)… responsible for the SolarWinds breach had access to all email communications and attachments” within the breached accounts between May 7, 2020, and Dec. 27, 2020, the agency said in a statement. This includes “all sent, received, and stored emails and attachments found within those accounts during that time.” Especially hard hit were the Eastern, Northern, Southern, and Western Districts of New York, where “at least 80 percent” of employees’ email accounts were breached, the agency said.
Last edited by caltrek on Wed Oct 27, 2021 4:04 pm, edited 1 time in total.
Don't mourn, organize.

-Joe Hill
weatheriscool
Posts: 12962
Joined: Sun May 16, 2021 6:16 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by weatheriscool »

U.S. Taps Amazon, Google, Microsoft, Others to Help Fight Ransomware, Cyber Threats

Creation of the Joint Cyber Defense Collaborative follows high-profile cyberattacks on critical U.S. infrastructure

By Robert McMillan
Aug. 5, 2021 9:00 am ET
The U.S. government is enlisting the help of tech companies, including Amazon.com Inc., Microsoft Corp. and Google, to bolster the country’s critical infrastructure defenses against cyber threats after a string of high-profile attacks.

The Department of Homeland Security, on Thursday, is formally unveiling the initiative called the Joint Cyber Defense Collaborative. The effort will initially focus on combating ransomware and cyberattacks on cloud-computing providers, said Jen Easterly, director of the DHS’s Cybersecurity and Infrastructure Security Agency. Ultimately, she said, it aims to improve defense planning and information sharing between government and the private sector.

“This will uniquely bring people together in peacetime, so that we can plan for how we’re going to respond in wartime,” she said in an interview. Ms. Easterly was sworn in as CISA’s director last month. She was previously a counterterrorism official in the Obama White House, and the commander of the Army’s first cyber operations unit at the National Security Agency, America’s cyberspy agency.

Over the past year, ransomware attacks have disrupted large parts of daily life in the U.S. They have diverted ambulances, caused long lines at gas stations in the southeast, and disrupted the production of hot dogs and other meat products.

Following a ransomware attack last month on cloud services provider Kaseya Ltd., President Biden warned Russian President Vladimir Putin that the U.S. would take “any necessary action” to protect its infrastructure from these incidents. Just days later, the administration blamed hackers affiliated with China’s Ministry of State Security for a separate set of attacks on users of Microsoft Exchange Server software.
TO READ THE FULL STORY
SUBSCRIBE
SIGN IN

Read more: https://www.wsj.com/articles/u-s-taps-a ... 1628168400
User avatar
wjfox
Site Admin
Posts: 8732
Joined: Sat May 15, 2021 6:09 pm
Location: London, UK
Contact:

Re: Hacking & Cyberwarfare News and Discussions

Post by wjfox »

Hackers steal $600m in major cryptocurrency heist

12 hours ago

Hackers have stolen some $600m (£433m) in what appears to be one of the largest cryptocurrency heists ever.

Blockchain site Poly Network said hackers had exploited a vulnerability in its system and taken thousands of digital tokens such as Ether.

In a letter posted on Twitter, it urged the thieves to "establish communication and return the hacked assets".

In scale, the hack is on par with huge recent breaches at exchanges such as Coincheck and Mt Gox.

In its letter Poly Network said: "The amount of money you have hacked is one of the biggest in defi [decentralised finance] history.

"Law enforcement in any country will regard this as a major economic crime and you will be pursued.

"The money you stole are [sic] from tens of thousands of crypto community members, hence the people."

https://www.bbc.co.uk/news/business-58163917


weatheriscool
Posts: 12962
Joined: Sun May 16, 2021 6:16 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by weatheriscool »

Hackers claim to breach 100 million T-Mobile accounts
Source: Fortune

T-Mobile appears to be the victim of a massive data breach, with the hackers looking to sell personal data online for 100 million people.

In a forum post, the hackers say they collected phone numbers, physical addresses, and driver’s license information for the larger group, as well as roughly 30 million Social Security numbers. Motherboard, which first reported the hack, says it has confirmed the authenticity of the data, noting it matches the information of T-Mobile customers.

T-Mobile did not respond to Fortune’s request for comment.While the initial post does not mention the cellular company, the hackers told Motherboard the data came from T-Mobile.

The asking price for a subset of the personal information (the Social Security and driver’s license data) is six Bitcoin, roughly $270,000. The remainder of the accounts are reportedly being sold privately.
Read more: https://fortune.com/2021/08/16/tmobile- ... -t-mobile/
weatheriscool
Posts: 12962
Joined: Sun May 16, 2021 6:16 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by weatheriscool »

Howard Cancels Tuesday Classes After University Hit With Ransomware Attack

Martin Austermuhle https://twitter.com/maustermuhle
Howard University canceled classes and closed off the campus to all but essential employees on Tuesday in the wake of a ransomware attack on the university’s computer network.

In a statement posted on the university’s website on Monday evening, Howard vice president Tashni-Ann Dubroy and provost Anthony K. Wutoh said that university employees detected unusual activity on the network on Friday, prompting them to shut it down “to mitigate potential criminal activity.” The shutdown continued over the weekend, impacting campus computers, WiFi, and cloud-based storage and apps.

“[R]emediation, after an incident of this kind, is a long haul — not an overnight solution,” said the university in its statement. “We are currently working with leading external forensic experts and law enforcement to fully investigate the incident and the impact. To date, there has been no evidence of personal information being accessed or exfiltrated; however, our investigation remains ongoing, and we continue to work toward clarifying the facts surrounding what happened and what information has been accessed.”

The university says it is working with the FBI and D.C. government to address the situation. The two dining halls on campus will remain open on Tuesday, but otherwise the university will be closed to all but non-essential employees.
{snip}

Read more: https://dcist.com/story/21/09/07/howard ... re-attack/
User avatar
caltrek
Posts: 6509
Joined: Mon May 17, 2021 1:17 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by caltrek »

Horrifying Leaks are Coming from School Ransomware Attacks
by Mitchell Clark
September 10, 2021

https://www.theverge.com/2021/9/10/2266 ... tity-theft

Introduction:
(The Verge) Ransomware has been a hot-button topic in 2021 due to its impact on critical infrastructure, hospitals, and computer manufacturers. However, a recent report from NBC News may be one of the more heartbreaking accounts of the effects hackers can have: it details how data leaks from attacks on schools can put student’s most sensitive information out onto the internet, available to anyone who knows how to find it and is willing to pay. It’s a story that’s well worth a read for all the details it goes into and edge cases it explores.

According to NBC’s report, one school district had an Excel sheet called “Basic student information” posted to the dark web after it refused to pay a ransom, according to the FBI’s instructions. The article’s author, Kevin Collier, breaks down the shocking information it contains:
  • It lists students by name and includes entries for their date of birth, race, Social Security number and gender, as well as whether they’re an immigrant, homeless, marked as economically disadvantaged and if they’ve been flagged as potentially dyslexic.
The school knew about the attack and informed parents about it — making it potentially one of the better scenarios. Insurance covered identity theft protection for staff, but it’s unclear whether that benefit extends to students even after getting lawyers involved. In other cases, when NBC News asked some schools about their leaks, they seemed “unaware of the problem.”

CREDIT AND IDENTITY THEFT IS ONE OF THE OBVIOUS PROBLEMS

It’s hard even to comprehend how it could affect a student’s social life if their grades, medical info, or free or reduced-price lunch benefit status leaked online. What’s easier to understand is the impact of having their SSNs, birthdays, and names sold to unscrupulous people: NBC tells the story of a student whose info was used in attempts to get a credit card and car loan.
Don't mourn, organize.

-Joe Hill
User avatar
caltrek
Posts: 6509
Joined: Mon May 17, 2021 1:17 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by caltrek »

The Extreme Right’s Favorite Web Provider Just Got Hacked
by AJ Vicens
September 15, 2021

https://www.motherjones.com/politics/20 ... ab-parler/

Introduction:
(Mother Jones) Epik, the domain registrar known for hosting far-right websites and social media services, was recently hacked, according to a release from someone claiming to be associated with the online collective known as Anonymous.

As first reported Monday by journalist Steven Monacelli, the hacker claims that “a decade’s worth of data from the company” has been obtained, including all domain purchases, domain transfers, and unredacted website registration data that could shed light on individuals and groups behind extremist or hate sites.

“This dataset is all that’s needed to trace actual ownership and management of the fascist side of the Internet that has eluded researchers, activists, and, well, just about everybody,” the hacker boasted in announcing the attack.

The company has called itself the “Swiss Bank of Domains,” with company CEO Rob Monster joking earlier this year to NPR that he’s “the Lex Luthor of the internet.” In that story, Monster likened white supremacist leaders to “shock jocks,” and claimed that while he does not personally think such content needed “to be available to people on the internet” publishing it remained “the decision of our client organizations.” Epik’s clients include Gab, the social networking platform where a user boasted about targeting a Pittsburgh synagogue just before carrying out his deadly assault, and Parler, whose links to the January 6 attack on the US Capitol got it booted by major tech providers.

Emma Best, a key figure with DDoS Secrets, a web archive with a public interest mission of hosting hacked and leaked data, tweeted Tuesday morning that the site was working to obtain the materials and share them with researchers and journalists. The group says it is preparing 180 gigabytes of data from “Epik, known for hosing fascist, white supremacist and other right-wing content.” In a separate tweet, Best noted the group’s history with the hacked-domain registrar, noting that Epik’s services “were used to defame, stalk, and threaten #DDoSSecrets” members after the site hosted data obtained from Gab. “Epik knew. Gab’s CEO knew. They all enabled it,” Best wrote.
Don't mourn, organize.

-Joe Hill
User avatar
caltrek
Posts: 6509
Joined: Mon May 17, 2021 1:17 pm

Re: Hacking & Cyberwarfare News and Discussions

Post by caltrek »

Section of Donald Trump's Website Appears to Have Been Hacked
by Sean Lyngaas
October 18, 2021

https://www.cnn.com/2021/10/18/politics ... index.html

Extract:
(CNN) A hacker appears to have compromised a section of former President Donald Trump's website and replaced it with a slogan and a speech from Turkish President Recep Tayyip Erdogan.

Visitors to a subdomain of Trump's website were greeted Monday with a message from someone claiming to be a Turkish hacktivist. "Do not be like those who forgot Allah, so Allah made them forget themselves," the message read. Below was a link to an Erdogan speech in which the Turkish president quoted from the Quran.

The section of the Trump website was compromised as early as Oct. 8, according to internet archives.

It appears to be a type of hack known as a defacement, in which an attacker gains access to a website and replaces it with their own content. These hacks aren't sophisticated and don't involve accessing an organization's sensitive computer systems.

The same Turkish hacker appeared to claim responsibility for defacing Joe Biden's campaign website in late November, weeks after Biden was declared President-elect. US intelligence agencies described the incident in a March 2021 report as one of a "handful of unsuccessful hacktivist attempts to influence or interfere in the 2020 US elections."
Don't mourn, organize.

-Joe Hill
Post Reply