(BEIJING) Microsoft Cybersecurity Report: China has roundly rejected the “groundless” and “irresponsible” hacking allegations made by the United States and its allies, saying they are “fabricated out of nothing.” #AceNewsDesk report

#AceSecurityDesk says China: US-led hacking allegations fabricated out of nothing AceDailyNews said US for first time accuses China of cyberattacks, including Microsoft hackThe United States has formally accused the Chinese government of widespread destabilizing activities in cyberspace.

Tuesday, 20 July 2021 6:23 AM  [ Last Update: Tuesday, 20 July 2021 9:46 AM ]

US Rep. Ilhan Omar (D-MN) (L) talks with Speaker of the House Nancy Pelosi (D-CA) during a rally with fellow Democrats before voting on H.R. 1, or the People Act, on the East Steps of the US Capitol on March 08, 2019 in Washington, DC. (AFP photo)
PRESS TV REPORT:

Chinese Foreign Ministry spokesman Zhao Lijian hit back at Washington on Tuesday, calling the US the “world champion” of cyber-attacks.

“The US has mustered its allies to carry out unreasonable criticisms against China on the issue of cybersecurity,” he said. “This move is fabricated out of nothing.”

In a coordinated move, Washington and several allies in Europe and Asia publicly accused Beijing of hacking the Microsoft Exchange Server software in March. Microsoft Exchange is an email platform used by corporations around the world.

Senior US officials claimed that hackers tied to China’s Ministry of State Security carried out the unusually indiscriminate hacking. Secretary of State Antony Blinken said on Monday that Washington and “countries around the world” are holding China “accountable for its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security.”

Japanese government spokesperson Katsunobu Kato followed suit on Tuesday, saying that Japanese companies had been targeted by a hacking group called APT40. He alleged that “the Chinese government is highly likely” behind the attack.

US for first time accuses China of cyberattacks, including Microsoft hack

Earlier, China’s diplomatic missions around the world reacted to the charges.

The Chinese Embassy in New Zealand’s capital, Wellington, said the accusations were “totally groundless and irresponsible” and a “malicious smear.”

“Given the virtual nature of cyberspace, one must have clear evidence when investigating and identifying cyber-related incidents,” said the embassy.

The Chinese mission in Canberra said Australia was “parroting” US rhetoric. It also described the US as “the world champion of malicious cyber-attacks.”

The United Kingdom (UK) and European Union (EU) also joined the others in accusing China of carrying out hacking attacks, which they alleged to have targeted an estimated hundreds of thousands of mostly small businesses and organizations.

The Chinese Embassy in Norway also reacted to the allegations made by Oslo, saying that Beijing was a staunch defender of cyber security and was resolutely opposed to any form of cyberattacks.

“It is reasonable to question and doubt whether this is a collusively political manipulation,” it said, demanding that Oslo provide evidence for the claims. The embassy said that Beijing was “willing to cooperate with all relevant parties, based on facts and evidence, to jointly combat illegal activities in cyber space.”

The US-led global campaign against China is an apparent move to open a new front in cyber offensive following years of blaming Russia for cyberattacks against American organizations. Moscow time and again denied involvement.

#AceNewsDesk report ……..Published: July.21: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#beijing, #china, #cybersecurity-2, #five-eyes, #hacking, #microsoft

(WORLDWIDE) #Cybersecurity Attack Report: The gang behind a “colossal” ransomware attack has demanded $70m (£50.5m) paid in Bitcoin in return for a “universal decryptor” that it says will unlock the files of all victims #AceNewsDesk report

#AceSecurityReport – July.06: But because Kaseya provides software to managed service providers, firms which themselves provide outsourced IT services to other companies, the number of victims may be much greater.

#AceSecurityDesk UPDATE: Says that a Gang behind huge cyber-attack demands $70m in Bitcoin and the REvil group claims its malware, which initially targeted US IT firm Kaseya, has hit one million “systems”BBC Tech has reported after we published this on Monday about 17-countries being attacked and over 200-companies and this number has not been verified and the exact total of victims is unknown: However, it does include 500 Swedish Coop supermarkets and 11 schools in New Zealand. …….Two Dutch IT firms have also been hit, according to local media reports.

Illustration of ransomware
Ransomeware Attack

Counting victims

On Friday, cyber-security firm Huntress Labs estimated about 200 firms had been affected: The “supply chain” attack initially targeted Kaseya, before spreading through corporate networks that use its software.

Kaseya said that fewer than 40 of its own customers had been affected: And the number of individual computer systems within those victim organisations could be greater still.

Kaseya chief executive Fred Voccola told the Associated Press that the number of victims would probably be in the low thousands, made up of small organisations such as dental practices and libraries.

For hundreds, perhaps thousands, of IT teams around the world this ransomware attack is a horrendous headache that is still growing.But the way the cyber-security world has pulled together to reduce the impact of the attack has been incredible. Cyber-defenders, both private and public sector, have been issuing alerts while experts work out how best to untangle the web of victims.

There could have been far more victims if it wasn’t for a busy and stressful weekend of work: However, we now know that the secret digital doorway in the Kaseya system that let in the REvil hackers was known about before the attack.Researchers from the Dutch Institute for Vulnerability Disclosure found the problem and were helping Kaseya plug the hole long before the hackers found it.It was a case of the good hackers racing to stop the bad hackers from getting in and, as Victor Gevers from the institute puts it: “Unfortunately, we were beaten by REvil in the final sprint.”This case shows how skilled, persistent and determined these criminals are, and that in spite of all the efforts of the cyber-security world, we are losing the race against ransomware. “

#AceSecurityDesk reported that ……..DarkSide ransomware group, responsible for shutting down the Colonial Oil Pipeline.“Following the money remains one of the most basic, yet powerful tools we have”, said Deputy Attorney General Lisa O. Monaco.Tom Robinson, founder and chief scientist of the firm Elliptic, which analyses bitcoin payments, told the BBC it had observed REvil continuing to negotiate with individual customers for smaller ransoms of about $200,000, despite the $70m request to unlock everything. He said REvil preferred to use Monero, but it would be difficult to purchase $70m of the currency for practical and regulatory reasons.But he said: “More and more ransomware operators are asking for Monero.”

The scale and sophistication of this global crime is rare, if not unprecedented,” Prof Ciaran Martin, founder of the National Cyber Security Centre, told Radio 4’s Today programme.Most of REvil’s members are believed to be based in Russia or countries that were formerly part of the Soviet Union.Prof Martin criticised Russia for providing a safe environment for ransomware hackers, but said that the West was making it too easy for these gangs to be paid and “unsurprisingly they are coming back for more”.Getty ImagesTraceable BitcoinExperts have expressed surprise at the group’s demand that the ransom should be paid in Bitcoin, as opposed to harder-to-trace cryptocurrencies such as Monero.

On Twitter, Prof Martin called REvil’s decision to demand payment in Bitcoin, “weird”.Earlier this month the US Justice Department announced it had traced and seized millions of dollars worth of bitcoin paid to the

Providers: #AceSecurityDesk / AP/BBC/

#AceNewsDesk report ………Published: July.06: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cybersecurity-2, #hacked, #usa

(WASHINGTON) JUST IN: The US Cybersecurity & Infrastructure Agency Report: That it was taking action after 200 US businesses have been hit by a “colossal” ransomware attack, according to a cyber-security firm #AceNewsDesk report

#AceNewsReport – July.03: Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

#AceSecurityDesk says that acording to the BBC a number of US companies have been hit by a ‘colossal’ cyber-attack and according to the US Cybersecurity and Infrastructure Agency, a federal agency, said in a statement that it was taking action to address the attack and its source ….

1 hour ago

Hands typing on a keyboard

FBI accuses Russia-linked hackers of attack on JBSThe ransomware surge ruining livesShould paying hacker ransoms be banned?The group sometimes threatens to post stolen documents on its website – known as the “Happy Blog” – if victims don’t comply with its demands.REvil was also linked to a co-ordinated attack on nearly two dozen local governments in Texas in 2019.

Kaseya said in a statement on its own website that it was investigating a “potential attack”.

Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.

The cyber-breach emerged on Friday afternoon as companies across the US were clocking off for the long Independence Day weekend.

Another supply-chain attack nightmareThe two big things that are keeping cyber-security professionals up at night lately are ransomware attacks and supply chain attacks. This latest incident combines both nightmares into one big Independence Holiday weekend-ruining event for hundreds of US IT teams.

Ransomware is the scourge of the internet. Multiple organised criminal gangs are constantly attempting to gain access to computer networks to hold them hostage. The rate of attack is relentless but it can take a lot of time and effort on the criminals part to successfully hijack one victim’s computer system.In this latest incident the hackers showed that by going after the software supplier of multiple organisations they can pop dozens, perhaps hundreds of victims in one go. We’ve seen horrendous supply chain attacks in the past but this one has the potential to be the biggest incident involving ransomware yet.It shows that ransomware gangs are thinking creatively about how to have the most impact possible and command the biggest ransom possible.Kaseya said one of its applications that runs corporate servers, desktop computers and network devices might have been compromised in the attack.The company said it was urging customers that use its VSA tool to immediately shut down their servers.

Kaseya said in its statement that a “small number” of companies had been affected, though Huntress Labs said the number was greater than 200.It is not clear what specific companies have been affected and a Kaseya representative contacted by the BBC declined to give details.Kaseya’s website says it has a presence in over 10 countries and more than 10,000 customers.Technology explained: what is ransomware?”This is a colossal and devastating supply chain attack,” Huntress Labs’ senior security researcher John Hammond said in an email to Reuters news agency.At a summit in Geneva last month, US President Joe Biden said he told Russian President Vladimir Putin he had a responsibility to rein in such cyber-attacks.Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking.REvil – also known as Sodinokibi – is one of the most prolific and profitable cyber-criminal groups in the world.The gang was blamed by the FBI for a hack in May that paralysed operations at JBS – the world’s largest meat supplier.

#AceNewsDesk report …Published: July.03: 2021:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily all of our posts fromTwitter can be found here: https://acetwitternews.wordpress.com/ and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cybersecurity-2, #ransomeware, #washington

(WASHINGTON) #Cybersecurity Report: U.S. State Department and World Bank and co-founder of The Balance Group warn of protecting GPS Satellites after attacks with Solar Winds & Microsoft Exchange #AceNewsDesk report

#AceNewsReport – May.19: Sometimes when you exclaim the sky is unprotected, they mentally label you as Chicken Little and ignore your alarms. Or sometimes they might believe your warnings yet quietly follow the group inertia that’s the cornerstone of groupthink:

WASHINGTON: ‘Cybersecurity Experts Push President Biden To Protect GPS Satellites And The Connected Car: And then a watershed event or three occurs: cybersecurity attacks against SolarWinds SWI , Microsoft Exchange and the Colonial Pipeline’

And those who spoke-up look like geniuses in bittersweet fashion akin to the mortgage doubters from The Big Short.

07:10am EDTTransportation

Global Network
Despite satellites not being listed as critical infrastructure, its lack of cybersecurity poses a … [+

I have worked in the auto industry for over 27 years for both OEMs and Tier 1s. Now I’m a Principal Consultant at Kugler Maag Cie helping companies improve their product development.

Such is the tale of Lisa Donnan, an internationally recognized expert in cybersecurity and operating partner at Option3 Ventures, and Julian Gresser, the former advisor to the U.S. State Department and World Bank and co-founder of The Balance Group. They have vigorously waved the Caution Flag regarding an insecure, trusted, non-critical infrastructure (satellites) communicating to a trusting non-critical infrastructure (vehicles) that could disrupt a vast network of highways, bridges and tunnels that are recognized as critical infrastructure.

But before jumping to the ending, let’s look back at how we collectively got here, the dangerous implications, and the meat still left on the bone towards a safer tomorrow.

Senate Homeland Security Hearing On SolarWinds Supply Chain Attack
Brandon Wales, acting director of cybersecurity and information security agency at the U.S. … [+]© 2021 Bloomberg Finance LP

The Days of Naiveté

Almost fifty years ago (1973), the Global Positioning Satellite (GPS) project was begun by The United States Department of Defense with the first satellite launched into space five years later (1978). Originally GPS was designated as military system, but the tragedy of Korean Air Lines flight 007 in 1983 inspired the U.S. government to make GPS satellites available for civilian usage with intentionally degraded accuracy, thus enabling the first handheld navigation device by Magellan (1989). By 1995, all twenty-four (24) satellites in the GPS constellation were declared Full Operational Capability (FOC) and General Motors GM +0.1%began installing Guidestar as the first embedded navigational system outside of Japan. Five years later (2000), the U.S. government ends Selective Availability and enables greater use within vehicles, phones and handheld devices. 

Simultaneously, another technology was beginning to take root: the Controller Area Network (CAN). This serial bus system was introduced in 1986, and was designed to handle small, unencrypted, un-authenticated messages between modules or systems within the cars, trains and ships. Production quickly ramped up in the late 90’s and in the year 2000 alone more than 100 million CAN devices were sold. Although other network technologies would eventually be invented (e.g., FlexRay, MOST), CAN retained the throne due to chip availability, lower piece cost and the high switchover costs of changing all carryover modules.

And although automotive would experience its first cybersecurity hacks a few years later, the vast majority of visible attacks on the overall system were “white hat” attackers (a.k.a. researchers or ‘good guys’) and, therein, did not truly raise the alarm.

Smart city and communication network concept. 5G. LPWA (Low Power Wide Area). Wireless communication.
As technological breakthroughs promise true self-driving capabilities and smart cities, legacy … [+]getty

Today’s Reality

The community has begun to awaken to the threat. “The automotive industry is frankly behind when it comes to cybersecurity, mitigation, management and even building cybersecurity from the get-go rather than as a bolt-on,” says Donnan. “Car-owners know little-to-nothing about the threat. And the amount of software is growing exponentially. Automotive has to take lessons and best practices from other industries that have already had to address the very-extended threat landscape when it comes to cybersecurity.” Yes, new regulations (e.g., UNECE) shall require ongoing operations by manufacturers including the monitoring, protecting and updating of vehicles’ software long after it drives off the dealers’ lots. Certifications that enforce these regulations essentially require manufacturers’ Cybersecurity and Functional Safety Engineers to forensically investigate potential hacks and their supplanted software. But even here, the newest standards (e.g., ISO/SAE 21434) suggest that the boundary of consideration for the Threat Analysis and Risk Assessment (TARA) is the vehicle’s physical exterior, thereby making satellite signals out of scope.

“We are so reliant upon GPS,” states Donnan, “and the reality is our adversaries know that. Frankly, there are not a lot of countermeasures. They’re working on it, but still are not there.”

So in the end, the satellite system could get hacked and start communicating that certain roadways are blocked by construction or traffic and force gridlock within critical throughways such as tunnels or bridges. “There are some striking omissions in President Biden’s National Infrastructure Plan,” says Gresser. “Why are satellites not considered an essential sector in critical national infrastructure? Also, transportation is recognized as an essential sector. But, then cybersecurity risks of connected cars somehow got excluded. Policy makers need to view these complex issues from a whole systems perspective. A coherent infrastructure plan must connect the dots with a keen understanding of how a deep cybersecurity attack on one sector can rapidly cascade to many others. These failings reflect a deep national vulnerability, including from Space, that the Biden Administration must urgently address.” Maybe the hope is that hacks won’t happen, though. 

But they will.

Arguably the worst outcome of the last week was the realization that Colonial Pipeline paid nearly $5M in ransom to the hackers and now confirmed a third element to our Cyber-Pandemic: financial motive. Already the accelerated digitization of businesses during Covid-19 significantly increased Interpol-measured cybersecurity opportunities(by upwards of 59%) and larger unemployment created additional idle hands, but the large pay day will likely inspire additional hackers in the coming months. 

As possibly said best by Jennifer Granholm, the Secretary of Energy, last Thursday in an interview by Axios, “These hacks are not going to stop. Because everything is now smart technology and using the cloud, we are vulnerable everywhere. And so every private sector entity – whether you are an energy business or not – has to be thinking about how you protect your system; your [operations]. So that, I think, is a big lesson for the private sector, and it’s a big lesson the government to think about. What should we be doing inside the government itself to prevent hacks and attacks on us …?”

President Biden Delivers Remarks On Colonial Pipeline Hack
WASHINGTON, DC – MAY 13: U.S. President Biden delivers remarks on the Colonial Pipeline incident in … [+]Getty Images

Still Work To Do

Per an Op-Ed in Newsweek on May 6th, Donnan and Gresser pressed President Biden to 1) designate “space” as a critical infrastructure and 2) sign an Executive Order to effect a 180 Day Pause on the Federal Communications Commission (FCC) launch-approvals for new satellites under the uninsured Satellite Experiment.

On May 12th, President Biden did, in fact, sign an Executive Order on Cybersecurity requiring an investigation, public comment and action on Federal Information Systems that “… include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT))” within 60, 90 and 120 days respectively. “In the end, the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is, and to the consequences we will incur if that trust is misplaced.”

The Order does not pause satellite launches. It does not recognize any new genres of existing assets as critical to national security (e.g., satellites, commercial fleets). It does not require a deadline for containment actions. It says that by September, we will take a first, concrete step towards protection.

In the meantime, the automotive sector moves forward with autonomy, and yesterday (May 17thanother U.S. satellite was propelled into space.

“Just because we can do something technically due to versatility and genius,” says Gresser, “doesn’t mean we should rush ahead and do it unwisely without considering the risks; a ‘ready, fire, aim’ approach. How do we develop a framework that allows us to develop a pathway that maximizes the benefits and mitigates the risks?”

A great question. Let’s hope groupthink doesn’t squelch it.

#AceNewsDesk report ……….Published: May.19: 2021:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

#cybersecurity-2, #gps, #microsoft, #solar-winds, #washington

(WASHINGTON) US Cybersecurity Infrastructure & Security Agency & FBI Report: In a joint security alert published this week, warned about increased cyber-attacks targeting the US K-12 educational sector, often leading to ransomware attacks, the theft of data, and the disruption of distance learning services #AceNewsDesk report

#AceNewsReport – Dec.11: As of December 2020, the FBI, CISA, and MS-ISAC continue to receive reports from K-12 educational institutions about the disruption of distance learning efforts by cyber actors,” the alert reads. “Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year,” it added: But of all the attacks plaguing the K-12 sector (kindergarten through twelfth-grade schools), ransomware has been a particularly aggressive threat this year, CISA and the FBI said:

Ransomware Attacks on the Increase

CISA has observed continuing ransomware attacks across the country and around the world: See CISA’s Awareness Briefings on Combating RansomwareJoint Ransomware Statement, and CISA Insights – Ransomware Outbreak. Below, please find resources on CISA’s newly redesigned ransomware information page to better connect you with helpful resources and tools you and your organization need to guard against the ransomware threat. 

Looking to learn more about this growing cyber threat? With industry best practices and individualized checklists, the NEW Ransomware Guide is a great place to start. The guide, released in September 2020, represents a joint effort between CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The joint Ransomware Guide is a customer-centered, one-stop resource with best practices and ways to prevent, protect and/or respond to a ransomware attack. 

Ransomware Guide
Ransomware Outbreak

Ransomware GuideCISA Insights – Ransomware Outbreak

In addition to reviewing the Ransomware Guide, we invite you to click on resources below to find additional Ransomware-related information. These resources are designed to help individuals and organizations prevent attacks that can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services.

According to MS-ISAC data, the percentage of reported ransomware incidents against K-12 schools increased at the beginning of the 2020 school year,” the two agencies said. “In August and September, 57% of ransomware incidents reported to the MS-ISAC involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July,” they said:

#AceNewsDesk report …………Published: Dec.11: 2020:

#ans2020, #cybersecurity-2, #fbi, #ransomeware, #united-states

‘ OBAMA SILENTLY SIGNS FIVE CYBER-SECURITY BILLS INTO LAW THOUGH THE EXECUTIVE ORDER GOES BACK TO 2013 ‘

#AceNewsServices – WASHINGTON:Dec.19 – President Obama on Thursday signed five cyber-security bills into law, after an unexpected spate of legislative activity on the issue. 

Though we need to go back to Tuesday Feb.12 2013 when President Obama signed an executive order on cybersecurity — an order that aims to increase cyber defenses of our nation’s critical infrastructure, improve information sharing about cyberthreats between the public and private sectors, and establish a framework of cybersecurity best practices.

There has been talk of such an order since August 2012, following the Cybersecurity Act’s failure to pass in Congress. Obama signaled he may invoke his power of executive order to pass similar legislation, and on Sept. 19, 2012, Homeland Security Secretary Janet Napolitano said the executive order on cybersecurity was “close to completion.”

But it wasn’t quite ready back then, and the White House worked on crafting the order for the last several months, The Hill reported.

Theses five bills won’t satisfy the strongest backers of tough cyber protections, but they should help many government officials beef up their networks and were cheered by supporters when they rushed through Congress in the final days of its 2014 session.

The bills largely direct various arms of government to deal in a more forceful way with cyber issues, but should also clarify current operations. The Cybersecurity Enhancement Act, for instance, allows the Commerce Department to write voluntary standards to protect critical infrastructure and tells the White House’s Office of Science and Technology Policy to develop a federal cyber research plan.

Most of the bills are aimed at the Department of Homeland Security (DHS). The National Cybersecurity Protection Act establishes in law the department’s national cybersecurity center, while the Federal Information Security Modernization Act updates 12-year-old federal information security laws.

The Cybersecurity Workforce Assessment Act directs the DHS to build out a new strategy to recruit and hang onto the best and brightest workers in the field, and the Border Patrol Agent Pay Reform Act allows the department to exempt some cyber staffers from normal government hiring rules.

#ANS2014

#cybersecurity-2, #executive-order, #obama