“Ofcom to Detail Actions Required for Social Media Companies Over Illegal Content by December”

Byadmin

In a significant move to enhance online safety, the British government announced its plan to publish a set of comprehensive guidelines for digital platforms in December. These guidelines are aimed at safeguarding users from harmful content and inappropriate online interactions while ensuring greater accountability among tech giants. This announcement underscores the increasing global momentum towards enforcing stricter digital norms and practices to protect internet users.

With the rise in digital platform usage, issues surrounding online safety and data security have become more prominent. The guidelines, expected to be rigorous, will likely include demands for improved content monitoring, stricter underage user protection, and more robust mechanisms to combat online harassment and misinformation. This regulatory push not only impacts the operational dynamics of the platforms but also reflects a significant shift in how digital governance is being shaped.

From a cyber insurance perspective, such regulatory changes have deep implications. Firstly, the demand for compliance in such an environment can increase the operational costs for companies, as they might need to invest in advanced technological solutions and additional human resources to abide by the new rules. Cyber insurance can play a critical role here by offering coverage for expenses related to implementing these changes, including technology upgrades and legal consultations.

Moreover, with regulations tightening, the risk of penalties and fines for non-compliance becomes a pressing concern for many businesses operating online. Cyber insurance policies that include coverage for regulatory fines and penalties can provide an essential safety net, mitigating the financial impact of such sanctions on businesses.

The focus on user safety and data privacy also enhances companies’ vulnerability to cyber threats, such as data breaches or hacking incidents, which could exploit the more complex systems being put in place. Cyber insurance is crucial in such scenarios, as it helps cover the resultant financial losses, assists with the costs of crisis management, and provides access to expert services to manage the aftermath of a cyber incident effectively. This includes support for forensic investigations, public relations efforts, and legal advice, which are integral to regaining consumer trust and stabilizing operations post-incident.

As the digital landscape persists in evolving, the need for robust cyber insurance solutions becomes increasingly paramount. Companies must not only focus on compliance with new laws but should also proactively manage the growing range of cyber risks. Integrating comprehensive cyber insurance policies into their risk management strategies will be key in not just surviving but thriving in an era of heightened digital regulation.

Similar Posts
By

MARYLAND – The director of the US National Security Agency on Nov 20 urged the private sector to take swift, collective action to share key details about breaches they have suffered at the hands of Chinese hackers who have infiltrated US telecommunications.

General Timothy Haugh, a four-star Air Force general who leads the NSA and Cyber Command, told Bloomberg News at the National Security Innovation Forum in Washington that public disclosure would help find and oust the hackers, as the US continues to try to understand a new spate of damaging mass breaches.

In calling for more disclosure, General Haugh didn’t identity specific companies.

General Haugh said he wants to provide a public “hunt guide” so cybersecurity professionals and companies can search out the hackers and eradicate them from telecommunications networks.

“The ultimate goal would be to be able to lay bare exactly what happened in ways that allow us to better posture as a nation and for our allies to be better postured,” he said, adding the US is reliant on industry to share insights into what happened on their own networks.

US authorities have confirmed Chinese hackers have infiltrated US telecommunications in what Senator Richard Blumenthal, a Connecticut Democrat, this week described as a “sprawling and catastrophic” infiltration. AT&T Inc, Verizon Communications Inc and T-Mobile are among those targeted.

Through those intrusions, the hackers targeted communications of a “limited number” of people in politics and government, US officials have said.

They include Vice-President Kamala Harris’ staff, president-elect Donald Trump and vice-president-elect JD Vance, as well as staffers for Senate Majority Leader Chuck Schumer, according to Missouri Republican Senator Josh Hawley.

Representatives of the Chinese government have denied the allegations.

China is “doing this on a scale en masse and as a national effort,” General Haugh said.

The US experience and response is more disjointed, given the limited reach of different law enforcement agencies and the dependence on information from the private sector. There are multiple investigations underway associated with the telecommunications breaches, he said.

“Everybody is in a slightly different place as it relates to Salt Typhoon,” General Haugh said, referring to Microsoft Corporation’s name for the group believed to be behind the telecommunications breaches.

Two cybersecurity experts who requested anonymity to speak freely have privately complained about the lack of information shared that could otherwise help them and others understand, find and tackle the hacks.

Detailed public disclosures would mean that even if some companies haven’t seen the intrusions yet, “they can begin to put countermeasures in place,” General Haugh said. It would also help other nations uncover and root it out too, General Haugh said.

“It’s going to take collective work,” he said, adding the “speed” with which everyone collaborates is a key step. BLOOMBERG
By

WASHINGTON – Russian hackers are going after US government officials, defence workers and others in a new email phishing campaign targeting thousands of people, according to Microsoft Corp.

The hackers have sent “a series of highly targeted spearphishing emails” to thousands of people in more than 100 organisations since Oct 22, according to a blog post from Microsoft Threat Intelligence published on Oct 29. 

The latest campaign will add to mounting concerns over US failures to outwit suspected Russian and Chinese hackers.

The FBI said on Oct 25 it is investigating unauthorised access by Chinese state-affiliated hackers targeting the commercial telecommunications sector.

In some of the emails that were part of the latest campaign, the senders impersonated Microsoft employees, according to the blog.

Spearphishing involves sending tailored emails to individuals, including links to malicious websites that can then steal information.

It wasn’t immediately clear how many of the attacks, if any, were successful.

Microsoft has said the attacks are perpetrated by a sophisticated Russian nation-state group it calls Midnight Blizzard, which US and UK governments have connected to the SVR, the Russian foreign intelligence service. 

The company said in January that the group attacked its corporate systems, getting into a “small number” of email accounts, including senior leadership and employees who work in cybersecurity and legal.

In April, US federal agencies were ordered to analyse emails, reset compromised credentials and work to secure Microsoft accounts.

At the time, the Cybersecurity and Infrastructure Security Agency (Cisa) said the incident represented a “grave and unacceptable risk” to agencies, according to the April directive. 

Cisa and US State Department didn’t immediately respond to requests for comment.

The Russian Embassy in Washington didn’t immediately respond to a request for comment. BLOOMBERG
By

SINGAPORE – Singapore Telecommunications Ltd., Singapore’s largest mobile carrier, was breached by Chinese state-sponsored hackers this summer as part of a broader campaign against telecommunications companies and other critical infrastructure operators around the world, according to two people familiar with the matter.

The previously undisclosed breach was discovered in June, and investigators believe it was pulled off by a hacking group known as Volt Typhoon, according to the two people, who asked not to be identified to discuss a confidential investigation.

Officials in the US, Australia, Canada, the UK and New Zealand – the “Five Eyes” intelligence-sharing alliance – warned earlier in 2024 that Volt Typhoon was embedding itself inside compromised IT networks to give China the ability to conduct disruptive cyberattacks in the event of a military conflict with the West.

The breach of Singtel, a carrier with operations throughout South-east Asia and Australia, was seen as a test run by China for further hacks against US telecommunications companies, and information from the attack has provided clues about the expanding scope of suspected Chinese attacks against critical infrastructure abroad, including in the US, the people said.

In an e-mailed response to queries from Bloomberg News, Singtel did not directly address questions about the alleged breach. “We understand the importance of network resilience, especially because we are a key infrastructure service provider,” the company said. “That’s why we adopt industry best practices and work with industry-leading security partners to continuously monitor and promptly address the threats that we face on a daily basis. We also regularly review and enhance our cybersecurity capabilities and defences to protect our critical assets from evolving threats.”

A spokesperson for the Chinese Embassy in Washington, Liu Pengyu, said he was not aware of the specifics, as relayed by Bloomberg, but that in general, China firmly opposes and combats cyberattacks and cybertheft.

The US is currently battling its own suspected Chinese attacks of political campaigns and telecommunications companies. Officials have described the telecom breaches as one of the most damaging campaigns on record by suspected Chinese hackers and one that they are still seeking to fully understand and contain. 

In the US telecommunications attacks, which investigators have attributed to another Chinese group called Salt Typhoon, AT&T Inc. and Verizon Communications Inc. are among those breached, and the hackers potentially accessed systems the federal government uses for court-authorised network wiretapping requests, the Wall Street Journal reported in early October.

US intelligence officials think the Chinese hacking group that Microsoft Corp. dubbed Salt Typhoon may have been inside US telecommunications companies for months and found a route into an access point for legally authorised wiretapping, according to a person familiar with their views.

AT&T declined to comment. Verizon did not respond to a request for comment.

Through those intrusions, the hackers are believed to have targeted the phones of former President Donald Trump, running mate JD Vance and Trump family members, as well as members of Vice-President Kamala Harris’ campaign staff and others, the New York Times has reported.

In the case of the alleged Singtel breach, one of the people familiar with that incident said the attack relied on a tool known as a web shell. 

In August, researchers at Lumen Technologies Inc. said in a blog post they assessed with “moderate confidence” that Volt Typhoon had used such a web shell. A sample of the malware was first uploaded to VirusTotal, a popular site for security experts to research malicious code, on June 7 by an unidentified entity in Singapore, according to Lumen researchers.

The web shell allowed hackers to intercept and gather credentials to gain access to a customer’s network disguised as a bona fide user, they said.

The hackers then breached four US firms, including internet service providers, and another in India, according to Lumen researchers.

General Timothy Haugh, director of the National Security Agency, said in early October that the investigations into the latest telecommunications breaches were at an early stage. Later in October, the FBI and the Cybersecurity and Infrastructure Security Agency said they had identified specific malicious activity by actors affiliated with the Chinese government and immediately notified affected companies and “rendered technical assistance.”

A spokesperson for the National Security Council last week referred to the “ongoing investigation and mitigation efforts,” but directed further questions to the FBI and CISA. 

Singtel uncovered the breach of its network after detecting suspicious data traffic in a core back-end router and finding what it believed was sophisticated, and possibly state-sponsored, malware on it, according to the other person familiar with the investigation.

The malware was in “listening” mode and didn’t appear to have been activated for espionage or any other purpose, the person said, adding that it reinforced a suspicion that the attack was either a test run of a new hacking capability or that its purpose was to create a strategic access point for future attacks.

There is evidence that Salt Typhoon reached the US at least as early as spring 2024, and possibly long before, and investigators tracking the group think it has infiltrated other telecommunications companies throughout Asia, including in Indonesia, Nepal, the Philippines, Thailand and Vietnam, according to two people familiar with those efforts.

The NSA has warned since 2022 that telecommunications infrastructure was vulnerable to Chinese hacking. Volt Typhoon has been active since at least mid-2020, having attacked sensitive networks in Guam and elsewhere in the US with a goal of burrowing into critical infrastructure and staying undetected for as long as possible. 

The hacks by both Chinese Typhoon groups have alarmed Western officials and raised concerns about the number and severity of backdoors – a way to get around security tools and gain high-level access to a computer system – that China has placed inside critical IT systems. Those entry points could be used to conduct espionage or prepare the battlespace for use in a potential military conflict with the West.

Chinese hackers have long been accused of conducting espionage attacks against the US – including, most notably, the theft of security clearance applications for tens of millions of US government workers held by the Office of Personnel Management.

But officials say the latest hacks go a step further and in some cases suggest China may be amassing capabilities to disrupt or degrade critical services in the US and abroad.

Paul Nakasone, a retired general who led the NSA for nearly six years until February, told reporters in October that the latest telecommunications hacks by Salt Typhoon were distinguished by their scale, and that the two Chinese groups represent a tremendous challenge for the government. “I am not pleased in terms of where we’re at with either of the Typhoons,” he said. BLOOMBERG
By

An Iranian hacking group is actively scouting U.S. election-related websites and American media outlets as election day nears, according to a new Microsoft blog published on Wednesday. Researchers say the activity suggests “preparations for more direct influence operations.”

The hackers – dubbed Cotton Sandstorm by Microsoft and linked to Iran’s Islamic Revolutionary Guard Corps – performed reconnaissance and limited probing of multiple “election-related websites” in several unnamed swing states, the report notes. In May, they also scanned an unidentified U.S. news outlet to understand its vulnerabilities.

“Cotton Sandstorm will increase its activity as the election nears given the group’s operational tempo and history of election interference,” researchers wrote. The development is particularly concerning because of the group’s past efforts.

Iran’s mission to the United Nations did not immediately respond to a request for comment. In recent past comments, they denied any involvement in 2024 election-related hacking activity.

In 2020, Cotton Sandstorm launched a different cyber-enabled influence operation shortly before the last presidential election. Posing as the right-wing “Proud Boys,” the hackers sent thousands of emails to Florida residents, threatening them to “vote for Trump or else!”.

The group also released a video on social media, purporting to come from hacktivists, where they showed them probing an election system. While that operation never affected individual voting systems, the goal was to cause chaos, confusion and doubt, senior U.S. officials said at the time.

Following the 2020 election, Cotton Sandstorm also ran a separate operation that encouraged violence against U.S. election officials who had denied claims of widespread voter fraud, Microsoft said.

The Office of the Director of National Intelligence, which is coordinating the federal effort to defend the election from foreign influence, did not immediately respond to a request for comment. REUTERS
By

WASHINGTON – The accused Iranian hacking group who intercepted Republican U.S. presidential candidate Donald Trump’s campaign emails have finally found some success in getting their stolen material published after initially failing to interest the mainstream media. 

In recent weeks, the hackers began peddling Trump emails more widely to one Democratic political operative, who has posted a trove of material to the website of his political action committee, American Muckrakers, and to independent journalists, at least one of whom posted them on the writing platform Substack. The latest material shows Trump campaign communications with external advisers and other allies, discussing a range of topics leading up to the 2024 election.

The hackers’ activities tracked by Reuters provide a rare glimpse into the operations of an election interference effort. They also demonstrate Iran remains determined to meddle in elections despite a September U.S. Justice Department indictment accusing the leakers of working for Tehran and using a fake persona. 

The indictment alleged that an Iranian-government linked hacking group, known as Mint Sandstorm or APT42, compromised multiple Trump campaign staffers between May and June by stealing their passwords. In a Homeland Security advisory published earlier this month, the agency warned that the hackers continue to target campaign staff. If found guilty, they face prison time and fines. 

The Department of Justice indictment said the leakers were three Iranian hackers working with Iran’s Basij paramilitary force whose voluntary members help the regime to enforce its strict rules and to project influence. Attempts to reach the hackers identified by name in the indictment via email and text message were unsuccessful.

In conversations with Reuters, the leakers – who collectively use the fake persona “Robert” – did not directly address the U.S. allegations, with one saying “Do you really expect me to answer?!” 

“Robert” is the same fake persona referred to in the U.S. indictment, according to FBI emails sent to journalists and reviewed by Reuters. 

Iran’s mission to the United Nations said in a statement that reports of the country’s involvement in hacking against the U.S. election were “fundamentally unfounded, and wholly inadmissible,” adding that it “categorically repudiates such accusations.” The FBI, which is investigating Iran’s hacking activity against both presidential campaigns in this election, declined to comment.

David Wheeler, the founder of American Muckrakers, said the documents he shared were authentic and in the public interest. Wheeler said his goal was to “expose how desperate the Trump campaign is to try to win” and to provide the public with factual information. He declined to discuss the material’s origin. 

Without making any specific references, the Trump campaign said earlier this month that Iran’s hacking operation was “intended to interfere with the 2024 election and sow chaos throughout our democratic process,” adding any journalists reprinting the stolen documents “are doing the bidding of America’s enemies.”

 In 2016, Trump took a different position when he encouraged Russia to hack into Hillary Clinton’s emails and provide them to the press.

LEAK OPERATION

The leak operation started around July when an anonymous email account, [email protected], began communicating with reporters at several media outlets, using the Robert moniker, according to two people familiar with the matter. They initially contacted Politico, the Washington Post and the New York Times, promising damning internal information about the Trump campaign.

In early September, the accused Iranian hackers used a second email address, [email protected], in a fresh round of overtures, including to Reuters and at least two other news outlets, the two people familiar with the matter, said.

At the time, they offered research compiled with public information by the Trump campaign into Republican politicians JD Vance, Marco Rubio and Doug Burgum, all of whom were under consideration as Trump’s running mate.

The vice presidential reports were authentic, a person familiar with the Trump campaign told Reuters. Neither Politico, the Washington Post, the New York Times, nor Reuters published stories based on the reports.

New York Times spokesperson Danielle Rhoades Ha, said the newspaper only published articles based on hacked material “if we find newsworthy information in the materials and can verify them.”

In an email, the Washington Post referred Reuters to past comments made by its executive editor, Matt Murray, who said the episode reflected the fact that news organizations “aren’t going to snap at any hack” provided to them. A spokesperson for Politico said the origin of the documents was more newsworthy than the leaked material. Reuters did not publish this material because the news agency did not believe it was newsworthy, a spokesperson said.

Both AOL email accounts identified by Reuters were taken offline in September by its owner Yahoo, which worked with the FBI before the indictment to trace them to the Iranian hacker group, according to two people familiar with the investigation. Yahoo did not respond to a request for comment.

Before losing email access, Robert suggested reporters might need an alternate contact and offered a telephone number on the encrypted chat application Signal. Signal, which is more difficult to monitor by law enforcement, did not return messages seeking comment.

Some senior U.S. intelligence and law enforcement officials have said that Iran’s interference efforts this election cycle are focused on denigrating Trump as they hold him responsible for the 2020 American drone assassination of former Iranian military general Qassem Soleimani. 

Thus far, the already-published leaks do not appear to have changed the public dynamics of the Trump campaign.   

MUCKRAKERS

On Sept. 26, North Carolina-based American Muckrakers, began publishing internal Trump campaign emails. Active since 2021, the PAC has a history of publicizing unflattering material about high-profile Republicans. According to public disclosure reports, it is funded through individual, small-dollar donors from around the country.

On its website, American Muckrakers said the leaks came from “a source,” but, ahead of the publication last month, the group publicly asked Robert to get in touch. “HACKER ROBERT, WHY THE F DO YOU KEEP SENDING THE TRUMP INFORMATION TO CORPORATE MEDIA?” the group said in a post to X. “Send it to us and we’ll get it out.”

When asked whether his source was the alleged Iranian persona Robert, Wheeler said “that is confidential” and that he had “no confirmation of the source’s location.” He also declined to comment on whether the FBI had warned him that the communication was the product of a foreign influence operation. 

In one example, Muckrakers published material on Oct. 4th purporting to show an unspecified financial arrangement with lawyers representing former Presidential candidate Robert F. Kennedy Jr. and Trump. RFK Jr. attorney Scott Street, said in an email to Reuters he could not speak publicly about the incident. Reuters confirmed the authenticity of the material. 

Muckrakers subsequently published documents from Robert about two high-profile races. It included alleged campaign communication about North Carolina Republican gubernatorial candidate Mark Robinson and Florida Republican representative Anna Paulina Luna, both of whom were endorsed by Trump. 

   The exchange about Robinson concerned an attempt by Republican adviser W. Kirk Bell, to seek guidance from the Trump camp after the scandal over comments attributed to Robinson on a pornographic forum. Robinson has previously denied the comments. The other message came from a Republican adviser sharing information with the campaign about Luna’s personal life. 

Robinson and Luna’s campaigns did not return messages seeking comment.

One of the few journalists contacted by Robert who did publish material was independent national security reporter Ken Klippenstein, who posted the vice presidential research documents to Substack late last month. Robert confirmed to Reuters that they gave the material to Klippenstein.

Substack did not respond to a question about its policies concerning hacked material. 

  After the story, Klippenstein said FBI agents contacted him over his communication with Robert, warning that they were part of a “foreign malign influence operation.” In a post, Klippenstein said the material was newsworthy and he chose to publish it because he believed the news media should not be a “gatekeeper of what the public should know.”

A spokesperson for Reuters, which received similar notifications from the FBI, said, “We cannot comment on our interactions, if any, with law enforcement.” An FBI spokesperson declined to comment on its media notification effort. 

Wheeler said he had new leaks in store “soon” and that he would continue to publish similar documents as long as they were “authentic and relevant.” REUTERS
By

WASHINGTON – Chinese hackers are positioning themselves in US critical infrastructure in the event of a clash with the United States, a top American cybersecurity official said on Nov 22.

Ms Morgan Adamski, the executive director of US Cyber Command, said ongoing Chinese-linked cyber operations are aimed at gaining “an advantage in the event of a major crisis or conflict with the US.”

Ms Adamski made the comments to researchers at the Cyberwarcon security conference in Arlington, Virginia.

On Nov 21, US Senator Mark Warner told the Washington Post that a suspected China-linked hack on US telecommunications firms was “the worst telecom hack in our nation’s history – by far.”

That cyberespionage operation, dubbed “Salt Typhoon,” has included stolen call records data, the compromise of communications of top officials of both major US presidential campaigns before the Nov 5 election, and telecommunications information related to US law enforcement requests, the FBI said, in a recent statement.

Beijing routinely denies cyber operations targeting US entities.

The Chinese Embassy in Washington did not immediately respond to a request for comment. REUTERS

Leave a Reply

Your email address will not be published. Required fields are marked *