Items tagged with cybersecurity

Last month, US and Chinese governments agreed to a "digital truce", where neither country would knowingly support cyberattacks against each other to steal commercial secrets. While the agreement is solid overall, it does have a number of caveats, including the lack of protection where government secrets are concerned. Nonetheless, based on the findings of security research firm CrowdStrike, it seems like this agreement could be considered pointless. Since the agreement took place, CrowdStrike monitored seven different instances where Chinese-based hackers tried to penetrate U.S. businesses. Five... Read more...
As the years pass, our lives continue to become intertwined even more with the Internet. Today, the Internet acts as a backbone to critical infrastructure, and much like the risk of someone exploiting a flaw to break into our home PC, a real risk exists that enemies of the government could break into and cause harm to utilities. It's for that reason that all governments are overdue on penning up agreements with friendly countries to lessen the chance of a cyberattack. Nonetheless, it's being reported that President Obama is going to be taking some important steps in this when... Read more...
In line with a HotHardware report published last October, officials yesterday confirmed to CNN that the White House was hacked last year and that the alleged culprit is the Russian government. The hackers — believed to be the same group that managed to gain entry to State Department computer system last October — were able to access sensitive information regarding President Barack Obama, including his private schedule. White House officials say although these cyber-attacks are among the most advanced to ever hit the US government, no classified systems were in breach. “This report is not referring... Read more...
U.S. President Barack Obama is getting a little hot under the collar, and we’re not talking about the speech that Israeli Prime Minister Benjamin Netanyahu gave this morning. Instead, President Obama is troubled over new regulations that are being proposed by the Chinese government, which would affect American tech companies that conduct business within China’s borders. President Obama is fearful that China’s plans — which include allowing the Chinese government to install security backdoors, requiring companies to hand over encryption keys, and keeping user data on Chinese soil — are an assault... Read more...
When engaged in war, it's of utmost importance to keep plans and secrets secure. On the other side of the coin, it's likewise important to do what you can to gather intelligence on the opposition -- something quite difficult given the obvious fact that the opposition is also doing its best to keep its secrets, secret. But lest we forget that there are sometimes much easier ways to get information you need. Sometimes it can involve social engineering of the most modest levels, because after all, the bearers of this important information are still human. Hackers targeting the Syrian opposition (an... Read more...
Sometimes, it just makes sense to go open source. We've seen Microsoft do it, and we've seen Google do it. Now, we see none other than the US Department of Defense do it, with DShell, a network foresnics tool. It's an impressive thing to see the DoD release a home-built tool to the wild, but like most moves to open source, the agency has reached a ceiling and now welcomes improvements from outside sources. Whenever the DoD gets hit by a cyber attack, DShell is brought in to analyze the what and where of it. It seems certain that an agency like the DoD would see some unique attacks, but for the... Read more...
It should strike no one as a surprise at this point that the US and China have a bit of a strained relationship when it comes to trust. Both have accused each other of cyber offenses, and likewise, neither has much faith in the products it sources from the other. Post-Snowden, the situation has only become worse. That leads us to this point, where China is demanding that American companies that sell software products to Chinese banks must hand over their source code to be reviewed. And, it gets even better. China also wants these same companies to begin using Beijing-sanctioned algorithms in lieu... Read more...
Most of the time, when we hear about data breaches, it's because companies have either been compromised or failed to properly protect data. This time around, however, it's the United Postal Service in the limelight. Data on as many as 800,000 employees may have been stolen along with data on customers who called the USPS' various call centers between January and August of this year. USPS spokesperson David Partenheimer told Reuters that "The intrusion is limited in scope and all operations of the Postal Service are functioning normally." What appears to set this attack apart from most other intrusions... Read more...
It appears that hackers were able to breach the White House’s unclassified computer network, used by employees of the Executive Office of the President, according to anonymous White House officials. The breach has led to temporary disruptions to some of the services as cybersecurity teams work to contain the incursion. "In the course of assessing recent threats we identified activity of concern on the unclassified EOP network,” said a White House official. “Any such activity is something that we take very seriously. In this case we took immediate measures to evaluate and mitigate... Read more...
Zero-day exploits are a nightmare for end-users and vendors alike as both groups have to scramble to patch and resolve problems. Today, Microsoft got tagged with one of the worst types of disclosures -- not only is there a vulnerability in every single shipping version of Windows, the vulnerability has been exploited for years by a team of Russian hackers, codenamed Sandworm. According to the iSight Partners, the Sandworm Team has been caught seeking data on the Ukrainian crisis (further undercutting the idea that the crisis in that state was anything but a Russian operation -- if such evidence... Read more...
News is out today of a survey from video advertising platform Ebuzzing claiming that it would cost an average of E140 per year per UK citizen to pay for an ad-free Internet and that the majority of users (98% of them, in fact) would never, ever be willing to pay such fees. I'm not surprised by results like this -- if someone asked me "Would you pay $185 a year to avoid pop-up ads?" my first thought would be "No, I'd install Ad Block" or "No, I'd just avoid the websites that show obnoxious ads I don't want to see." According to Ebuzzing's results, that's precisely what most of its respondents do.... Read more...
Community Health Systems Inc revealed on Monday that personal had been stolen by hackers from its computer network. According to the U.S. Hospital operator, 4.5 million accounts were stolen that included patient names and addresses sometime in April and June. The 4.5 million people who were either referred to or received services from doctors affiliated with the service in the last five years were the ones affected by the attack. The attackers, according to Community Health, used malware and other technology to acquire the data from its system. The company, one of the largest hospital operators... Read more...
Over the past year, as criticism and anger have built over the NSA's numerous excesses and abuses of American civil rights, it's been easy to forget that underneath the justified anger, a genuine war has been raging. The NSA may have overreached in many respects, but that doesn't mean the government agency has invented problems from whole cloth -- and a new report drives that point home. According to the New York Times, top government officials have stated that Chinese hackers penetrated US government networks in March, potentially gaining access to thousands of dossiers on exactly which US citizens... Read more...
One of the most troubling facts that came out of Edward Snowden's disclosures last year was the degree to which the government has relied on National Security Letters to compel companies to reveal information about their clients without producing a warrant. Many NSLs were accompanied by non-disclosure orders that forbade the receiving company from revealing to the accused that their information had been demanded. Microsoft had previously gone to court over such tactics and today, the details of the company's strategic victory became public for the first time. Last year, the FBI demanded information... Read more...
1 2 Next