Tag: united states
Latest Microsoft outage ‘triggered’ by a cyber-attack
A second outage of several Microsoft services in two weeks, this one attributed to a cyber-attack, is fuelling further questions about the underlying security of the Windows operating system. According to Microsoft: "While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack... initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.” Services affected included Outlook, Azure, and Microsoft 365, with some people complaining on social media that they were unable to work. Starbucks customers also reported issues with the Starbucks app in Boston, New York, Washington DC, Dallas, Chicago, Los Angeles, Tampa and other cities. The disruption caused by this latest outage is, however, minor compared with the Windows outage caused by a mishandled CrowdStrike security upgrade, which resulted in canceled flights and marooned passengers in major international airports around the world last week.
Cybercriminals capitalize on CrowdStrike outage
Organized cybercriminal gangs have lost little time in attempting to cash in on the ongoing CrowdStrike/Windows outage currently affecting banks, airlines and businesses. According to the UK’s National Security Cyber Centre: “An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation. This may be aimed at both organizations and individuals.”
Exclusive: Hostile nations ramp up attacks on US infrastructure
Recent reports that ransomware attacks on industrial organizations increased by over 50 percent in 2023 represent only “the tip of the iceberg.” According to operational technology (OT) cybersecurity company IXDen, critical infrastructure across the US is being attacked at unprecedented levels. “The vast majority of cyber breaches of critical infrastructure such as water and power facilities go unreported, although a precise figure is impossible to gauge. Those that are reported in the media are only the tip of the iceberg. OT attacks on private businesses are not reported at all, and in public organizations, they are rarely reported,” says IXDen CEO and Co-Founder Zion Harel.
Russian gang shuts down two Indiana counties
Clay County, Indiana, in the US, is sounding a Local Disaster Declaration in the wake of a “criminal ransomware attack” that occurred last week, following reports of increasing cyber-attacks on local governments across America. “Clay County local government suffered a significant ransomware attack in the early morning hours of July 9, 2024. This has resulted in an inability to provide critical services required for the daily operation of all offices of the Clay County Courthouse, Community Corrections, and Clay County Probation,” said the county in an official statement.
US to block use of Chinese semiconductor equipment
The US Congress has introduced a new act to prevent the Chinese and “other foreign entities of concern” from infiltrating the US’s domestic chipmaking industry. The bill, the Chip Equipment Quality, Usefulness, and Integrity Protection Act of 2024 (Chip EQUIP Act), follows on from the CHIPS and Science Act, enacted in 2022, which earmarked roughly $280 billion in new funding to boost US domestic research and manufacturing of semiconductors. It included $39 billion in subsidies plus tax breaks for US chipmakers. However, China has recently matched this with a new $40 billion investment in its own semiconductor industry, which will heavily focus on chip manufacturing equipment. In April, Chinese tech giant Huawei announced investing in new R&D capabilities to rival US, Japanese, and Dutch firms.
$10M Reward for LockBit Mastermind – June 10th
The U.S. Government launched a manhunt for the LockBit ransomware mastermind, Dmitry Yuryevich Khoroshev, for a bounty worth $10M. According to the Justice Department, LockBit is suspected to be behind attacks in almost 120 countries that have extorted nearly $1 billion.
New cyber threat from North Korea
Microsoft has identified a new North Korean threat actor, Moonstone Sleet. Also known as Storm-1789, Moonstone Sleet has set up fake companies and job opportunities to engage with potential targets and has even created a fully functioning computer game designed to trap the unwary. The potentially hostile nation-state of North Korea has long been suspected of resorting to cybercrime, targeting the West to fund its military build-up and commit ongoing cyber espionage against countries such as the US and the UK. But Moonstone Sleet is taking cyber-attacks on the West to new levels of sophistication, posing a threat to all organizations. Microsoft says Moonstone Sleet “uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives.”
Officials Take Down the “911 S5 botnet” – May 30th
A US-led law enforcement sting operation against the global '911 S5 botnet' network was a major success. The 911 S5 botnet network of millions of compromised Windows computers was used to facilitate cyber-attacks, fraud, and child exploitation, among other illicit activities.
Chinese Hackers Using ORB Networks to Evade Detection – May 23rd
Mandiant revealed that Chinese-linked state-backed hackers rely on operational relay box (ORBs) network proxy meshes to avoid detection for cyber espionage campaigns. For example, Mandiant pointed out that these advanced persistent threat actors (APTs) used ORBs for the 'SPACEHOP' critical vulnerability campaign earlier this year.
US and UK call time on Silicon Valley
A clarion call has gone out on both sides of the Atlantic for digital technologies to be made secure by design rather than by default. At San Francisco’s RSA cyber conference earlier this month, Jen Easterly, the director of CISA, the US Cyber Defense Agency, called for software to be made far more secure. This week, Ollie Whitehouse, the CTO of the NCSC, the UK’s National Cyber Security Centre, also echoed her thoughts, demanding that the technology industry make its products more cyber-secure from the start.
73% of SME Security Professionals Failed to Act on a High Priority Security Alert – April 17th
According to a survey from Coro, 73% of SME cybersecurity professionals admittedly say that they've missed, ignored, or failed to act accordingly on a high-priority security alert. The survey also found respondents to spend an average of 4 hours and 43 minutes managing their cyber security tools daily, with an average of 11.55 tools in their security stack.
UN drafts US-led AI resolution
The United Nations has drafted a resolution aimed at bringing the rest of the world in line with existing US artificial intelligence (AI) security guidelines. These follow those already developed by the US Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). Both emphasize the importance of “secure-by-design” and “secure-by-default” principles for AI systems. The UN Assembly called on all Member States and stakeholders “to refrain from or cease the use of artificial intelligence systems that are impossible to operate in compliance with international human rights law.” The Assembly added that the same rights that people have offline must also be protected online throughout the life cycle of artificial intelligence systems.