The office email accounts of 27 senior U.S. Justice Department prosecutors were hacked last year through SolarWinds software. In disclosing the attack, the department blamed Russian interests for what it considers the worst cyber-espionage attack on the federal government. [node:read-more:link]
The U.S. intelligence community no longer collects mobile phone location or related data under the law used to justify spy agencies’ bulk surveillance programs, the Office of the Director of National Intelligence says. The disclosure comes as Congress considers whether to reauthorize the permissive element of the USA Patriot Act that’s due to expire Dec. 15. The practice actually stopped last year after a Supreme Court ruling limited its application. [node:read-more:link]
The Romanian-based Bitdefender cybersecurity company says it has uncovered a new form of malware which installs through online advertising and targets devices using Microsoft Windows software. It says MosaicLoader is used to steal passwords, install cryptocurrency miners, and deliver additional trojan malware. [node:read-more:link]
Responding to a ransomware attack on a Texas pipeline company in May, the Transportation Security Administration today directed owners and operators of critical facilities to take specific measures to protect their operations and to have recovery plans in place. Blamed on Russia-based cyber criminals, the attack resulted in gasoline shortages in several states. [node:read-more:link]
Allegations that software developed by an Israeli company has been used in a series of international cyber attacks are being investigated by an interdepartmental government team led by the National Security Council. Investigation was prompted by complaints from several countries that the Pegagus software had been used for illegal activities. [node:read-more:link]
Canada has joined the U.S. and other countries in blaming China for a massive hack of the Microsoft Exchange email server software and accusing it of working with criminal hackers in ransomware attacks and other cyber operations. “This activity put several thousand Canadian entities at risk, a risk that persists in some cases even when patches from Microsoft have been applied,” the government said in a statement. [node:read-more:link]
The Communications Security Establishment says that Canadians are “very likely to encounter some form of foreign cyber interference” before and during the next federal election. “We assess that an increasing number of threat actors have the cyber tools, the organizational capacity, and a sufficiently advanced understanding of Canada's political landscape to direct cyber activity against future Canadian federal elections,” it says in a new threat assessment. [node:read-more:link]
U.S. responds to Chinese cyberattacks Measures designed to expose and disrupt China’s government-sponsored cybercrimes have been confirmed by the U.S. in collaboration with its allies. U.S. officials say the international effort flows from President Joe Biden’s meeting last month with G7 and NATO leaders. China’s Ministry of State Security is identified as a key player and there are suggestions the latest development could lead to further sanctions. [node:read-more:link]
Cybersecurity experts tracking the activities of REvil, a ransomeware gang based in Russia or Eastern Europe which has targeted western businesses, say it has disappeared from the Internet. “All REvil sites are down, including the payment sites and data leak site,” one observer said in social media. The development comes after U.S. President Joe Biden told Russian President Vladimir Putin that would be “consequences” if the problem wasn’t addressed. [node:read-more:link]
The pace of science and technology breakthroughs are so dramatically redesigning the global security outlook that an Australian think-tank is urging the country’s military, defence industry and universities to pool their resources. It envisages the equivalent of the U.S., Defence Applied Research Projects Agency, calling it “a significant opportunity” to cooperation within the Five Eyes nations. [node:read-more:link]
A U.S. Marine Corps officer serving as general counsel at U.S. Cyber Command has suggested that says some transnational criminal hacking could warrant a military response. “Under ideal conditions, law enforcement organizations would address any type of criminal activity,” LCol Kurt Sanger argues in a co-authored article, noting that ideal conditions are rare in cyberspace. “Operational opportunities often must be seized immediately by whatever entity is best positioned to do so.” [node:read-more:link]
Hackers linked to the Russian General Staff Main Intelligence have been scaling up attacks on western targets in the public and private sectors, according to the U.S. and Britain. “These are almost certainly still ongoing,” their security agencies caution in a new report. [node:read-more:link]
Despite increased ransomware and other cyberattacks, U.S. companies evidently are reluctant to invest in appropriate protection until they are directly affected. Concerned about the potential for economic and strategic harm, the National Security Agency and the Cybersecurity and Infrastructure Security Agency say businesses need detailed resilience plans, including manual overrides when automated controls fail. [node:read-more:link]
The NATO Communication and Information Agency plans to procure new cyber defence systems as part of a sweeping upgrade. Starting in early 2022 and worth a projected €27 billion to contractors, the project includes new firewalls, penetration testing tools, and other defensive technologies. [node:read-more:link]
An all-party House of Commons committee says the government should give more weight to national security than costs of information technology and security hardware procurements. In its report to Parliament, the committee expressed concerns about Chinese state-owned enterprises and recommended more rigorous screening of contractors who install and maintain equipment in sensitive facilities such as embassies. [node:read-more:link]
