Tag: china
Joe Biden to cripple China’s car industry
US President Joe Biden has dealt a potentially devastating blow to China’s tottering economy by accusing China’s auto industry of posing a serious cyber risk to US national security. An impassioned speech from the President concerning the cyber threat posed by China comes only weeks after a similar warning from the US Federal Bureau of Investigation (FBI) concerning China’s plans to launch a cyber-attack on US national infrastructure. “China is determined to dominate the future of the auto market, including by using unfair practices. China’s policies could flood our market with its vehicles, posing risks to our national security. I’m not going to let that happen on my watch,” promises the President.
FBI declares cyber-war on China
US Federal Bureau of Investigation (FBI) director Christopher Wray used his keynote speech at the weekend’s Munich Cyber Security Conference, which many regard as the security version of Davos, to effectively declare cyber-war on the People’s Republic of China (PRC). “Our adversaries have been improving exponentially,” warns Wray. “Chief among those adversaries is the Chinese government…the cyber threat posed by the Chinese government is massive.” Wray added that China’s hacking program is larger than that of all the other major world nations combined and that the PRC is using AI technology stolen from the Western powers to vastly increase the present threat. The FBI director told the major world powers assembled in Munich at the weekend that a new enhanced level of cooperation between government agencies such as his and the private sector is the only way to counter this new Red Menace.
11 Romantic AI Chatbots Fail Security Tests – February 15th
The Mozilla Foundation released research that unveils that all 11 romantic AI chatbots tested, failed security and privacy tests. All 11 chatbots feature data privacy concerns, pulling much more data than is needed from the collective 100 million users of these chatbots. Mozilla urges these chatbots to minimize exploiting vulnerable users through more transparent data privacy practices.
Blocked IP Addresses Increase by 116% – February 9th
According to a report by Qrator Labs, blocked IP addresses associated with malicious activity increased by 116% in Q3 2023. The increase in blocked IP addresses is credited to threat actors attempting to bypass geo-blocking. Top top 5 countries originating these blocked IP addresses consist of the United States (5.66 million), China (4.97 million), Germany (1.39 million), Indonesia (1.32 million), and Singapore (1.03 million).
Chinese Malware Breaches Dutch Defense Department – February 7th
Specialists from the Netherlands' Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) announced a Chinese nation-state-sponsored malware 'Coathanger' and its breach on the Dutch Ministry of Defense (MoD). The stealthy 'Coathanger' malware's code revealed a remote access trojan (RAT) specifically built to infiltrate Fortinet's FortiGate firewalls through the 'CVE-2022-42475' vulnerability, which resulted in stolen user account credentials from the Dutch MoD's servers.
‘Pig Butchering’ crypto-fraudsters net billions
‘Pig Butchering’, a new and particularly mean and ruthless form of cryptocurrency fraud that originated in China, has evolved into a global scourge. Sha zhu pan, which translates as “pig-butchering”, uses sophisticated fraudulent decentralized finance (DeFi) applications to bypass most of the defenses provided by mobile device vendors. WhatsApp is the preferred platform for targets outside China; Telegram is also used, as is Skype. According to cybersecurity firm Sophos: “Originating in China at the beginning of the COVID pandemic, ‘pig butchering’ scams have expanded globally ever since, becoming a multi-billion-dollar fraud phenomenon.”
Critical infrastructure under increased attack
France-based Schneider Electric became the latest utility company to succumb to a ransomware attack on January 17, when some of its business divisions serving several critical industries were taken down. Although access to the system was eventually re-opened on January 31st, the incident underlines the growing seriousness of cyber-attacks aimed at the West’s critical infrastructure. Schnieder Electric has an annual turnover of over 42 billion and employs over 150,000 people. The ransomware attack on Schneider Electric coincides with news that, in the US, the Federal Bureau of Investigation (FBI) has recently neutralized a botnet controlled by a Chinese threat group. The White House had previously authorized the FBI to take down the botnet after federal agencies and private sector researchers had accused cyberespionage gang Volt Typhoon of a major campaign aimed at a wide range of the US’s critical infrastructure.
CISA and EPA Launch Water Sector Cyber Toolkit – February 2nd
CISA and EPA Launch Water Sector Cyber Toolkit Amid the recent string
JP Morgan Chase Combats 45 Billion Cyber Attacks Daily – January 18th
On Wednesday, January 17th, JPMorgan Chase's asset and wealth management division head, Mary Callahan Erdoes, said during the World Economic Forum in Davos that the firm faces a staggering 45 billion breach attempts daily. Mary explained on a panel session that they have more security engineers than Google and Amazon, out of necessity, as threat actors increasingly get "smarter, savvier, quicker, more devious and mischievous."
Geopolitical tensions fuel botnet boom
Recent weeks have seen an exponential rise in malicious botnets performing reconnaissance scanning to scout out victims. According to researchers at cybersecurity firm Netscout, the number of potentially compromised devices rose from around 10,000 to roughly 144,000 over December, with no sign of the trend letting up. “The trend continued into the new year, with the largest spikes occurring on January 5 and 6, eclipsing one million distinct devices. The levels reached an unprecedented 1,294,416 on the 5th,” reports Netscout. The Netscout researchers say that this increased malicious scanning has been isolated to five key countries: The United States, China, Vietnam, Taiwan, and Russia. All have seen a rise in attackers using cheap or free cloud and hosting servers to create botnet launch pads.
Ukrainian Hacking Group Dismantles Russian Telco – January 11th
A source informed Reuters that the Ukrainian spy agency-backed "Blackjack" hacking group successfully deleted 20TB of data from M9 Telecom, massively disrupting their operations. Seemingly coming as a retaliation attack to the "largest telco cyber attack in history" on Ukrainian telco, Kyivstar, the attack on M9 Telecom shut down internet use for thousands in Moscow.
Nuclear facility reportedly hacked by Russia and China
In what is an urgent and stark warning to nuclear facilities around the world, UK nuclear facility Sellafield, formerly called Windscale, is reported to have been hacked by groups linked to China and Russia. The 70-year-old sprawling six-square-kilometre facility, located on the North-West coast of England, holds the planet's largest store of plutonium as a result of processing nuclear waste from decades of atomic power generation and weapons programs. The UK authorities do not know exactly when the hack originally occurred, according to The Guardian newspaper, although breaches are said to have been detected as long ago as 2015, when sleeper malware, used to attack systems remotely and at will over a long period, was found to have been embedded. In what amounts to a national scandal for the UK, it is still not yet known if the malware has actually been eradicated.