Category: Espionage

How to Protect Your Files From Ransomware

Posted on by esimantiras

How to Protect Your Files From Ransomware

source; WIRED.COM

It’s a growing threat for individual users and businesses alike—but there are ways to protect yourself.

MOVE OVER VIRUSES, step aside worms: Ransomware has the spotlight and isn’t about to give it up. From taking down entire fuel pipelines to hijacking hospital networks, it’s the cyberattack du jour. Not only do you have the potentially disastrous consequences of being locked out of your most important files and systems, you also have to decide if you’re willing to pay cold, hard cash to get access to them again, if you even get access after paying.

That’s where the name comes from—ransomware attacks literally hold your data for ransom. There are a few variations on the theme, but it’s usually very recognizable. Malware is used to encrypt your files (in some cases even double-encrypt them) so they require a specific key to be unlocked. The damage can quickly spread across computers and networks. In some cases you might be locked out of your system completely, along with any other systems on the same network.

Continue reading “How to Protect Your Files From Ransomware”

FBI Opens a Case on Chinese Activity…

Posted on by esimantiras

FBI Opens a Case on Chinese Activity ‘Every 10 Hours,’ Intel Chiefs Say

The threat from China, multi-faceted and severe, is foremost in a pack that includes Russian actions in Ukraine, Iranian nuclear efforts, and North Korea’s existing nukes, U.S. intelligence leaders told the Senate Intelligence Committee on Wednesday.

“We have now over 2,000 investigations that tie back to the Chinese government,” FBI Director Chris Wray said at the hearing. “On the economic espionage side alone, it’s a 1,300 percent increase over the last several years. We’re opening a new investigation on China every ten hours and I assure the committee it’s not because our folks don’t have anything to do with their time.”

Continue reading “FBI Opens a Case on Chinese Activity…”

Russian Foreign Intelligence Service Exploiting U.S. Vulnerabilities

Posted on by esimantiras

Russian foreign intelligence service exploiting five publicly known vulnerabilities to compromise U.S. and allied networks

source: securitymagazine.com

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities. This advisory is being released alongside the U.S. government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them.  

Continue reading “Russian Foreign Intelligence Service Exploiting U.S. Vulnerabilities”

Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack

Posted on by esimantiras

image - hacking

Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack

source:  nytimes.com

The broad Russian espionage attack on the U.S. government and private companies, underway since spring and detected only a few weeks ago, is among the greatest intelligence failures of modern times.

 

WASHINGTON — Over the past few years, the United States government has spent tens of billions of dollars on cyberoffensive abilities, building a giant war room at Fort Meade, Md., for United States Cyber Command, while installing defensive sensors all around the country — a system named Einstein to give it an air of genius — to deter the nation’s enemies from picking its networks clean, again.

It now is clear that the broad Russian espionage attack on the United States government and private companies, underway since spring and detected by the private sector only a few weeks ago, ranks among the greatest intelligence failures of modern times.

Einstein missed it — because the Russian hackers brilliantly designed their attack to avoid setting it off. The National Security Agency and the Department of Homeland Security were looking elsewhere, understandably focused on protecting the 2020 election.

The new American strategy of “defend forward” — essentially, putting American “beacons” into the networks of its adversaries that would warn of oncoming attacks and provide a platform for counterstrikes — provided little to no deterrence for the Russians, who have upped their game significantly since the 1990s, when they launched an attack on the Defense Department called Moonlight Maze.

Something else has not changed, either: an allergy inside the United States government to coming clean on what happened.

Continue reading “Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack”

SPIES EAVESDROP BY WATCHING LIGHT BULB VIBRATE

Posted on by esimantiras

source: wired.com

The so-called lamphone technique allows for real-time listening in on a room that’s hundreds of feet away. 

THE LIST OF sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even bouncing lasers off of a building’s glass to pick up conversations inside. Now add another tool for audio spies: Any light bulb in a room that might be visible from a window.

Researchers from Israeli’s Ben-Gurion University of the Negev and the Weizmann Institute of Science today revealed a new technique for long-distance eavesdropping they call “lamphone.” They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $400 electro-optical sensor—to listen in on any sounds in a room that’s hundreds of feet away in real-time, simply by observing the minuscule vibrations those sounds create on the glass surface of a light bulb inside. By measuring the tiny changes in light output from the bulb that those vibrations cause, the researchers show that a spy can pick up sound clearly enough to discern the contents of conversations or even recognize a piece of music.

“Any sound in the room can be recovered from the room with no requirement to hack anything and no device in the room,” says Ben Nassi, a security researcher at Ben-Gurion who developed the technique with fellow researchers Yaron Pirutin and Boris Zadov, and who plans to present their findings at the Black Hat security conference in August. “You just need line of sight to a hanging bulb, and this is it.”

In their experiments, the researchers placed a series of telescopes around 80 feet away from a target office’s light bulb, and put each telescope’s eyepiece in front of a Thorlabs PDA100A2 electro-optical sensor. They then used an analog-to-digital converter to convert the electrical signals from that sensor to digital information. While they played music and speech recordings in the faraway room, they fed the information picked up by their set-up to a laptop, which analyzed the readings.

side by side images of telescope pointing to window and aerial of bridge

The researchers’ experimental setup, with an electro-optical sensor behind the eyepiece of a telescope, pointing at a lightbulb inside an office building more than 80 feet away.COURTESY OF BEN NASSI

The researchers found that the tiny vibrations of the light bulb in response to sound—movements that they measured at as little as a few hundred microns—registered as a measurable changes in the light their sensor picked up through each telescope. After processing the signal through software to filter out noise, they were able to reconstruct recordings of the sounds inside the room with remarkable fidelity: They showed, for instance, that they could reproduce an audible snippet of a speech from President Donald Trump well enough for it to be transcribed by Google’s Cloud Speech API. They also generated a recording of the Beatles’ “Let It Be” clear enough that the name-that-tune app Shazam could instantly recognize it.

Continue reading “SPIES EAVESDROP BY WATCHING LIGHT BULB VIBRATE”

WHO Targeted in Espionage Attempt, COVID-19 Cyberattacks Spike

Posted on by esimantiras

source: threatpost.com

The DarkHotel group could have been looking for information on tests, vaccines or trial cures.

The World Health Organization (WHO) has attracted the notice of cybercriminals as the worldwide COVID-19 pandemic continues to play out, with a doubling of attacks recently, according to officials there. Problematically, evidence has also now apparently surfaced that the DarkHotel APT group has tried to infiltrate its networks to steal information.

Alexander Urbelis, cybersecurity researcher/attorney at Blackstone Law Group, told Reuters that he personally observed a malicious site being set up on March 13 that mimicked the WHO’s internal email system. Its purpose was to steal passwords from multiple agency staffers, and Urbelis noted that he realized “quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic.”

The attack appeared to be aimed at achieving a foothold at the agency rather than being an end unto itself: “The targeting infrastructure seems to focus on certain types of healthcare and humanitarian organizations that are uncommon for cybercriminals,” Costin Raiu, researcher at Kaspersky, told Threatpost. “This could suggest the actor behind the attacks are more interested in gathering intelligence, rather than being financially motivated.”

As for the “why” of the attack, which was thwarted, Raiu said that information about remediation for coronavirus – such as cures, tests or vaccines – would be invaluable to any nation-state’s intelligence officials.

Continue reading “WHO Targeted in Espionage Attempt, COVID-19 Cyberattacks Spike”