Similar Posts
WASHINGTON – Russian hackers are going after US government officials, defence workers and others in a new email phishing campaign targeting thousands of people, according to Microsoft Corp.
The hackers have sent “a series of highly targeted spearphishing emails” to thousands of people in more than 100 organisations since Oct 22, according to a blog post from Microsoft Threat Intelligence published on Oct 29.
The latest campaign will add to mounting concerns over US failures to outwit suspected Russian and Chinese hackers.
The FBI said on Oct 25 it is investigating unauthorised access by Chinese state-affiliated hackers targeting the commercial telecommunications sector.
In some of the emails that were part of the latest campaign, the senders impersonated Microsoft employees, according to the blog.
Spearphishing involves sending tailored emails to individuals, including links to malicious websites that can then steal information.
It wasn’t immediately clear how many of the attacks, if any, were successful.
Microsoft has said the attacks are perpetrated by a sophisticated Russian nation-state group it calls Midnight Blizzard, which US and UK governments have connected to the SVR, the Russian foreign intelligence service.
The company said in January that the group attacked its corporate systems, getting into a “small number” of email accounts, including senior leadership and employees who work in cybersecurity and legal.
In April, US federal agencies were ordered to analyse emails, reset compromised credentials and work to secure Microsoft accounts.
At the time, the Cybersecurity and Infrastructure Security Agency (Cisa) said the incident represented a “grave and unacceptable risk” to agencies, according to the April directive.
Cisa and US State Department didn’t immediately respond to requests for comment.
The Russian Embassy in Washington didn’t immediately respond to a request for comment. BLOOMBERG
Australia’s ban on children under 16 using social media has sparked global conversations about online safety and youth development (Australia’s world-first social media ban for kids under 16 attracts mixed reaction, Nov 29).
While the intentions behind this policy – protecting children from cyber bullying, exploitation and harmful content – are commendable, it raises critical questions about balance, enforcement and unintended consequences.
As a 14-year-old teenager who does not use social media, I can see both sides of the argument.
On the one hand, platforms like Instagram, TikTok and Discord can be overwhelming, exposing young users to unhealthy comparisons, misinformation and even predatory behaviour.
Many parents and educators worry about the long-term effects of excessive screen time, often spent on social media platforms, on mental health and academic performance.
On the other hand, outright bans overlook the positive aspects of social media. For many teens, these platforms are a lifeline for creative expression, activism and staying connected, especially in an increasingly digital world.
Moreover, enforcing such a law could be challenging, as children are often tech-savvy enough to find workarounds.
Rather than outright bans, a better solution might involve empowering young users through digital literacy education. Teaching children how to navigate online spaces safely, recognise misinformation and manage screen time could address the root problems without cutting children off from valuable opportunities.
Singapore can learn from Australia’s debate as we navigate our own challenges with digitalisation. Instead of waiting for government intervention, schools, families and tech companies should work together to create a safer online environment while respecting the voice and agency of young people.
The internet isn’t going anywhere, and neither are we. Let us try to work together to ensure we can use it wisely.
Avishi Gurnani, 14
Secondary 2
SEATTLE – Starbucks said the aftermath of a ransomware attack on a software supplier has been affecting its ability to pay baristas and manage their schedules, the company’s spokesperson said on Nov 25.
The coffee giant said that an outage at a third-party vendor has disrupted a back-end Starbucks process that enables employee scheduling and time tracking.
The outage is not impacting its customer service, and the company was working to ensure its employees were fully paid for their hours worked with limited disruption or discrepancy, according to a Starbucks’ spokesperson.
UK-based Blue Yonder, which provides supply chain software to Starbucks and other retailers, according to the Wall Street Journal, said on Thursday that it has experienced disruptions due to a ransomware attack and it is working to fix the issue. REUTERS
A breach of telecoms companies that the United States said was linked to China was the “worst telecom hack in our nation’s history – by far”, the chairman of the Senate Intelligence Committee told the Washington Post on Thursday.
Earlier this month, U.S. authorities said China-linked hackers had intercepted surveillance data intended for American law enforcement agencies after breaking into an unspecified number of telecom companies.
The hackers compromised the networks of “multiple telecommunications companies” and stole U.S. customer call records and communications from “a limited number of individuals who are primarily involved in government or political activity,” according to a joint statement released by the FBI and the U.S. cyber watchdog agency CISA on Nov. 13.
Beijing has repeatedly denied claims by the U.S. government and others that it has used hackers to break into foreign computer systems.
The Chinese embassy in Washington did not immediately respond to a request for comment from Reuters on Thursday night.
There were also reports Chinese hackers targeted telephones belonging to then-presidential and vice presidential candidates Donald Trump and JD Vance, along with other senior political figures, raising widespread concern over the security of U.S. telecommunications infrastructure.
“This is an ongoing effort by China to infiltrate telecom systems around the world, to exfiltrate huge amounts of data,” Mark Warner told the Washington Post.
The breach went further than the Biden administration has acknowledged, with hackers able to listen to telephone conversations and read text messages, Warner was cited as saying in a separate interview by the New York Times.
“The barn door is still wide open, or mostly open,” he told the publication. REUTERS
MARYLAND – The director of the US National Security Agency on Nov 20 urged the private sector to take swift, collective action to share key details about breaches they have suffered at the hands of Chinese hackers who have infiltrated US telecommunications.
General Timothy Haugh, a four-star Air Force general who leads the NSA and Cyber Command, told Bloomberg News at the National Security Innovation Forum in Washington that public disclosure would help find and oust the hackers, as the US continues to try to understand a new spate of damaging mass breaches.
In calling for more disclosure, General Haugh didn’t identity specific companies.
General Haugh said he wants to provide a public “hunt guide” so cybersecurity professionals and companies can search out the hackers and eradicate them from telecommunications networks.
“The ultimate goal would be to be able to lay bare exactly what happened in ways that allow us to better posture as a nation and for our allies to be better postured,” he said, adding the US is reliant on industry to share insights into what happened on their own networks.
US authorities have confirmed Chinese hackers have infiltrated US telecommunications in what Senator Richard Blumenthal, a Connecticut Democrat, this week described as a “sprawling and catastrophic” infiltration. AT&T Inc, Verizon Communications Inc and T-Mobile are among those targeted.
Through those intrusions, the hackers targeted communications of a “limited number” of people in politics and government, US officials have said.
They include Vice-President Kamala Harris’ staff, president-elect Donald Trump and vice-president-elect JD Vance, as well as staffers for Senate Majority Leader Chuck Schumer, according to Missouri Republican Senator Josh Hawley.
Representatives of the Chinese government have denied the allegations.
China is “doing this on a scale en masse and as a national effort,” General Haugh said.
The US experience and response is more disjointed, given the limited reach of different law enforcement agencies and the dependence on information from the private sector. There are multiple investigations underway associated with the telecommunications breaches, he said.
“Everybody is in a slightly different place as it relates to Salt Typhoon,” General Haugh said, referring to Microsoft Corporation’s name for the group believed to be behind the telecommunications breaches.
Two cybersecurity experts who requested anonymity to speak freely have privately complained about the lack of information shared that could otherwise help them and others understand, find and tackle the hacks.
Detailed public disclosures would mean that even if some companies haven’t seen the intrusions yet, “they can begin to put countermeasures in place,” General Haugh said. It would also help other nations uncover and root it out too, General Haugh said.
“It’s going to take collective work,” he said, adding the “speed” with which everyone collaborates is a key step. BLOOMBERG
LONDON – Mirror Group Newspapers (MGN) is facing 101 phone-hacking lawsuits from public figures including actors Kate Winslet, Sean Bean and Gillian Anderson and the estate of late Australian cricketer Shane Warne, London’s High Court heard on Nov 20.
The publisher of the Daily Mirror, Sunday Mirror and Sunday People tabloids – which is owned by Reach – has been entangled in litigation for more than a decade over alleged phone hacking and other unlawful information gathering.
MGN had accepted that some unlawful information gathering took place at its newspapers in the early 2000s, before Prince Harry and three others went to trial in 2023.
Harry, the younger son of King Charles, was awarded £140,600 (around S$238,000) after London’s High Court ruled the prince had been targeted by MGN journalists – the biggest win yet in his “mission” to purge the British press.
He accepted substantial damages from MGN to settle the remainder of his lawsuit, but vowed his mission would continue and a trial of his separate case against Rupert Murdoch’s British newspaper arm is due to begin in January.
When Harry largely won his case in December 2023, Reach also claimed victory as two other claimants’ cases were rejected as having been brought too late.
The company said the ruling meant cases brought after October 2020 were “likely to be dismissed other than where exceptional circumstances apply”.
MGN is, however, currently facing a total of 101 lawsuits brought by a number of people, including Prince Harry’s ex-girlfriend Chelsy Davy, the claimants’ lawyers said at a hearing on Nov 20.
The publisher asked for a trial to be heard in late 2025 to decide whether a sample of the 101 cases were brought too late, arguing it would likely prompt a settlement of the cases.
Judge Timothy Fancourt ruled that such a trial would accelerate other cases being resolved and said it was likely to take place in November 2025. REUTERS