Similar Posts
WASHINGTON – Russian hackers are going after US government officials, defence workers and others in a new email phishing campaign targeting thousands of people, according to Microsoft Corp.
The hackers have sent “a series of highly targeted spearphishing emails” to thousands of people in more than 100 organisations since Oct 22, according to a blog post from Microsoft Threat Intelligence published on Oct 29.
The latest campaign will add to mounting concerns over US failures to outwit suspected Russian and Chinese hackers.
The FBI said on Oct 25 it is investigating unauthorised access by Chinese state-affiliated hackers targeting the commercial telecommunications sector.
In some of the emails that were part of the latest campaign, the senders impersonated Microsoft employees, according to the blog.
Spearphishing involves sending tailored emails to individuals, including links to malicious websites that can then steal information.
It wasn’t immediately clear how many of the attacks, if any, were successful.
Microsoft has said the attacks are perpetrated by a sophisticated Russian nation-state group it calls Midnight Blizzard, which US and UK governments have connected to the SVR, the Russian foreign intelligence service.
The company said in January that the group attacked its corporate systems, getting into a “small number” of email accounts, including senior leadership and employees who work in cybersecurity and legal.
In April, US federal agencies were ordered to analyse emails, reset compromised credentials and work to secure Microsoft accounts.
At the time, the Cybersecurity and Infrastructure Security Agency (Cisa) said the incident represented a “grave and unacceptable risk” to agencies, according to the April directive.
Cisa and US State Department didn’t immediately respond to requests for comment.
The Russian Embassy in Washington didn’t immediately respond to a request for comment. BLOOMBERG
“Ofcom to Detail Actions Required for Social Media Companies Over Illegal Content by December”
LONDON – Britain’s media regulator Ofcom said on Oct 17 that it would detail what action it expected social media companies to take over illegal content on their platforms in December, saying it expected swift action or they would face consequences.
Ofcom, which is responsible for implementing the government’s Online Safety Bill, said the platforms would have three months to complete their own illegal harms risk assessments after the publication of its demands.
“The time for talk is over,” Ofcom’s Chief Executive Melanie Dawes said on Oct 17. “From December, tech firms will be legally required to start taking action, meaning 2025 will be a pivotal year in creating a safer life online.”
She said the regulator had already seen positive changes, but expectations were going to be high.
“We’ll be coming down hard on those who fall short,” she said.
Ofcom said better protections had already been introduced by Meta, the owner of Instagram and Facebook, and Snapchat which have brought in changes to help prevent children being contacted by strangers.
Britain’s new online safety regime, which became law last year, requires social media companies to tackle the causes of harm, particularly for children, by making their services safer.
If companies do not comply with the new law, they could face significant fines and, in the most serious cases, their services could be blocked in Britain. REUTERS
WASHINGTON – Chinese hackers compromised eight American telecommunications companies as part of a wide-ranging espionage effort to gather intelligence about prominent US citizens, Biden administration officials said on Dec 4.
Ms Anne Neuberger, deputy assistant to the president and deputy national security advisor for cyber and emerging technologies, said that the Chinese group known as Salt Typhoon continues to linger inside some networks as security personnel work to eject the hackers. President Joe Biden has received multiple briefings on the matter as the US government seeks to investigate the matter, she said.
The update comes after officials from the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency said on Dec 3 that it would be impossible for them to predict how long it would take to clear the intruders from compromised networks.
The White House also has established a unified coordination group that meets on a daily basis to help address the threat, they said.
Director of National Intelligence Avril Haines joined officials from the White House, FBI and other agencies to brief US senators in a classified closed-door meeting on Dec 4. BLOOMBERG
WASHINGTON – China-linked hackers have intercepted surveillance data intended for American law enforcement agencies after breaking in to an unspecified number of telecom companies, US authorities said on Nov 13.
The hackers compromised the networks of “multiple telecommunications companies” and stole US customer call records and communications from “a limited number of individuals who are primarily involved in government or political activity”, according to a joint statement released by the Federal Bureau of Investigation (FBI) and the US cyber watchdog agency CISA.
The two agencies said the hackers also copied “certain information that was subject to US law enforcement requests pursuant to court orders”.
The statement gave few other details, and the Cybersecurity and Infrastructure Security Agency immediately responded to a request for comment.
The FBI declined to comment.
The announcement confirms the broad outlines of previous media reports, especially those in the Wall Street Journal, that Chinese hackers were feared to have opened a back door into the interception systems used by law enforcement to surveil Americans’ telecommunications.
That, combined with reports that Chinese hackers had targeted telephones belonging to then-presidential and vice-presidential candidates Donald Trump and J.D. Vance, along with other senior political figures, raised widespread concern over the security of America’s telecommunications infrastructure.
The matter is already slated for investigation by the Department of Homeland Security’s Cyber Safety Review Board, which was set up to analyse the causes and fallout of major digital security incidents.
The Chinese Embassy in Washington did not immediately return a message seeking comment. Beijing routinely denies US hacking allegations. REUTERS
WASHINGTON – Members of former U.S. President Donald Trump’s family and officials from the Biden administration were among those targeted by China-linked hackers who were able to break into telecommunications company systems, the New York Times reported on Tuesday, citing people familiar with the matter.
The Times said State Department officials, Trump family members including Eric Trump and Jared Kushner, and prominent Democrats including Senate majority leader Chuck Schumer were among those targeted by the spies.
Concerns about the hacking group have grown since media reports disclosed its activities last month.
On Oct. 6, the Wall Street Journal reported that the group, nicknamed “Salt Typhoon”, had accessed the networks of broadband providers and obtained information from systems the federal government uses for court-authorized wiretapping.
The State Department, as well as aides for Trump family members, did not immediately respond to Reuters’ questions. The White House, the National Security Agency, and the cybersecurity watchdog agency CISA did not immediately return messages. A Schumer aide did not immediately reply to an email. The Chinese Embassy in Washington did not immediately respond to an email, although Beijing routinely denies being behind cyberespionage campaigns. REUTERS
SEOUL – Pro-Russia hacking groups have conducted cyberattacks against South Korea after North Korea dispatched troops to Russia to support its war against Ukraine, Seoul’s presidential office said on Friday.
The office held an emergency intra-agency meeting after detecting denial-of-service attacks on some government and private websites in recent days.
Some of the websites experienced temporary outages but there was no serious damage, it said, adding that the government will strengthen its ability to respond to such attacks.
“Cyber attacks by pro-Russian hacktivist groups on our country have occurred intermittently in the past, but have become more frequent since North Korea dispatched troops to Russia and participated in the Ukraine war,” the office said in a statement.
Seoul and Washington have said there are more than 10,000 North Korean soldiers in Russia, and U.S. officials and Ukraine’s defence minister said some of them have engaged in combat in Kursk, near the Ukraine border.
The new military cooperation between Pyongyang and Moscow has been condemned by South Korea, the United States and Western allies. Ukrainian President Volodymyr Zelenskiy said on Tuesday that the first battles between his country’s military and North Korean troops “open a new page in instability in the world.” REUTERS