Similar Posts
MARYLAND – The director of the US National Security Agency on Nov 20 urged the private sector to take swift, collective action to share key details about breaches they have suffered at the hands of Chinese hackers who have infiltrated US telecommunications.
General Timothy Haugh, a four-star Air Force general who leads the NSA and Cyber Command, told Bloomberg News at the National Security Innovation Forum in Washington that public disclosure would help find and oust the hackers, as the US continues to try to understand a new spate of damaging mass breaches.
In calling for more disclosure, General Haugh didn’t identity specific companies.
General Haugh said he wants to provide a public “hunt guide” so cybersecurity professionals and companies can search out the hackers and eradicate them from telecommunications networks.
“The ultimate goal would be to be able to lay bare exactly what happened in ways that allow us to better posture as a nation and for our allies to be better postured,” he said, adding the US is reliant on industry to share insights into what happened on their own networks.
US authorities have confirmed Chinese hackers have infiltrated US telecommunications in what Senator Richard Blumenthal, a Connecticut Democrat, this week described as a “sprawling and catastrophic” infiltration. AT&T Inc, Verizon Communications Inc and T-Mobile are among those targeted.
Through those intrusions, the hackers targeted communications of a “limited number” of people in politics and government, US officials have said.
They include Vice-President Kamala Harris’ staff, president-elect Donald Trump and vice-president-elect JD Vance, as well as staffers for Senate Majority Leader Chuck Schumer, according to Missouri Republican Senator Josh Hawley.
Representatives of the Chinese government have denied the allegations.
China is “doing this on a scale en masse and as a national effort,” General Haugh said.
The US experience and response is more disjointed, given the limited reach of different law enforcement agencies and the dependence on information from the private sector. There are multiple investigations underway associated with the telecommunications breaches, he said.
“Everybody is in a slightly different place as it relates to Salt Typhoon,” General Haugh said, referring to Microsoft Corporation’s name for the group believed to be behind the telecommunications breaches.
Two cybersecurity experts who requested anonymity to speak freely have privately complained about the lack of information shared that could otherwise help them and others understand, find and tackle the hacks.
Detailed public disclosures would mean that even if some companies haven’t seen the intrusions yet, “they can begin to put countermeasures in place,” General Haugh said. It would also help other nations uncover and root it out too, General Haugh said.
“It’s going to take collective work,” he said, adding the “speed” with which everyone collaborates is a key step. BLOOMBERG
“Ofcom to Detail Actions Required for Social Media Companies Over Illegal Content by December”
LONDON – Britain’s media regulator Ofcom said on Oct 17 that it would detail what action it expected social media companies to take over illegal content on their platforms in December, saying it expected swift action or they would face consequences.
Ofcom, which is responsible for implementing the government’s Online Safety Bill, said the platforms would have three months to complete their own illegal harms risk assessments after the publication of its demands.
“The time for talk is over,” Ofcom’s Chief Executive Melanie Dawes said on Oct 17. “From December, tech firms will be legally required to start taking action, meaning 2025 will be a pivotal year in creating a safer life online.”
She said the regulator had already seen positive changes, but expectations were going to be high.
“We’ll be coming down hard on those who fall short,” she said.
Ofcom said better protections had already been introduced by Meta, the owner of Instagram and Facebook, and Snapchat which have brought in changes to help prevent children being contacted by strangers.
Britain’s new online safety regime, which became law last year, requires social media companies to tackle the causes of harm, particularly for children, by making their services safer.
If companies do not comply with the new law, they could face significant fines and, in the most serious cases, their services could be blocked in Britain. REUTERS
WASHINGTON – Members of former U.S. President Donald Trump’s family and officials from the Biden administration were among those targeted by China-linked hackers who were able to break into telecommunications company systems, the New York Times reported on Tuesday, citing people familiar with the matter.
The Times said State Department officials, Trump family members including Eric Trump and Jared Kushner, and prominent Democrats including Senate majority leader Chuck Schumer were among those targeted by the spies.
Concerns about the hacking group have grown since media reports disclosed its activities last month.
On Oct. 6, the Wall Street Journal reported that the group, nicknamed “Salt Typhoon”, had accessed the networks of broadband providers and obtained information from systems the federal government uses for court-authorized wiretapping.
The State Department, as well as aides for Trump family members, did not immediately respond to Reuters’ questions. The White House, the National Security Agency, and the cybersecurity watchdog agency CISA did not immediately return messages. A Schumer aide did not immediately reply to an email. The Chinese Embassy in Washington did not immediately respond to an email, although Beijing routinely denies being behind cyberespionage campaigns. REUTERS
SEATTLE – Starbucks said the aftermath of a ransomware attack on a software supplier has been affecting its ability to pay baristas and manage their schedules, the company’s spokesperson said on Nov 25.
The coffee giant said that an outage at a third-party vendor has disrupted a back-end Starbucks process that enables employee scheduling and time tracking.
The outage is not impacting its customer service, and the company was working to ensure its employees were fully paid for their hours worked with limited disruption or discrepancy, according to a Starbucks’ spokesperson.
UK-based Blue Yonder, which provides supply chain software to Starbucks and other retailers, according to the Wall Street Journal, said on Thursday that it has experienced disruptions due to a ransomware attack and it is working to fix the issue. REUTERS
WASHINGTON – China-linked hackers have intercepted surveillance data intended for American law enforcement agencies after breaking in to an unspecified number of telecom companies, US authorities said on Nov 13.
The hackers compromised the networks of “multiple telecommunications companies” and stole US customer call records and communications from “a limited number of individuals who are primarily involved in government or political activity”, according to a joint statement released by the Federal Bureau of Investigation (FBI) and the US cyber watchdog agency CISA.
The two agencies said the hackers also copied “certain information that was subject to US law enforcement requests pursuant to court orders”.
The statement gave few other details, and the Cybersecurity and Infrastructure Security Agency immediately responded to a request for comment.
The FBI declined to comment.
The announcement confirms the broad outlines of previous media reports, especially those in the Wall Street Journal, that Chinese hackers were feared to have opened a back door into the interception systems used by law enforcement to surveil Americans’ telecommunications.
That, combined with reports that Chinese hackers had targeted telephones belonging to then-presidential and vice-presidential candidates Donald Trump and J.D. Vance, along with other senior political figures, raised widespread concern over the security of America’s telecommunications infrastructure.
The matter is already slated for investigation by the Department of Homeland Security’s Cyber Safety Review Board, which was set up to analyse the causes and fallout of major digital security incidents.
The Chinese Embassy in Washington did not immediately return a message seeking comment. Beijing routinely denies US hacking allegations. REUTERS
An Iranian hacking group is actively scouting U.S. election-related websites and American media outlets as Election Day nears, with activity suggesting preparations for more “direct influence operations,” according to a Microsoft blog published on Wednesday.
The hackers – dubbed Cotton Sandstorm by Microsoft and linked to Iran’s Islamic Revolutionary Guard Corps – performed reconnaissance and limited probing of multiple “election-related websites” in several unnamed battleground states, the report said. In May, they also scanned an unidentified U.S. news outlet to understand its vulnerabilities.
U.S. Vice President Kamala Harris, the Democratic candidate, faces Republican rival Donald Trump in the Nov. 5 presidential election, which polls suggest is an extremely tight race.
“Cotton Sandstorm will increase its activity as the election nears given the group’s operational tempo and history of election interference,” researchers wrote. The development is particularly concerning because of the group’s past efforts, they said.
A spokesperson for Iran’s mission to the United Nations said that “such allegations are fundamentally unfounded, and wholly inadmissible.”
“Iran neither has any motive nor intent to interfere in the U.S. election,” the spokesperson said.
In 2020, Cotton Sandstorm launched a different cyber-enabled influence operation shortly before the last presidential election, according to U.S. officials. Posing as the right-wing “Proud Boys,” the hackers sent thousands of emails to Florida residents, threatening them to “vote for Trump or else!”
The group also released a video on social media, purporting to come from activist hackers, where they showed them probing an election system. While that operation never affected individual voting systems, the goal was to cause chaos, confusion and doubt, senior U.S. officials said at the time.
Following the 2020 election, Cotton Sandstorm also ran a separate operation that encouraged violence against U.S. election officials who had denied claims of widespread voter fraud, Microsoft said.
The Office of the Director of National Intelligence, which is coordinating the U.S. federal effort to protect the election from foreign influence, referred Reuters to a past statement that said: “Foreign actors — particularly Russia, Iran, and China — remain intent on fanning divisive narratives to divide Americans and undermine Americans’ confidence in the U.S. democratic system.” REUTERS