now browsing by tag
Whenever we hear about major cyber security attacks such as data breaches, it’s typically larger enterprises that are the victims. That makes sense, considering those events can potentially impact a lot of people and therefore are more likely to grab headlines and garner attention.
But that doesn’t mean small and mid-sized companies (SMBs) are immune to such attacks. In fact, smaller organizations are frequent targets of cyber incidents, and they generally have far fewer resources with which to defend themselves.
A recent study by the Ponemon Institute, which conducts research on a variety of security-related topics, presents a clear picture of the cyber security challenges SMBs are facing. The report, “The 2019 Global State of Cybersecurity in SMBs,” states that for the third consecutive year small and medium-sized companies reported a significant increase in targeted cyber security breaches.
For its report, Ponemon conducted an online survey of 2,391 IT and IT security practitioners worldwide in August and September 2019, and found that attacks against U.S., U.K., and European businesses are growing in both frequency and sophistication.
Nearly half of the respondents (45%) described their organization’s IT posture as ineffective, with 39% reporting that they have no incident response plan in place.
Cyber criminals are continuing to evolve their attacks with more sophisticated tactics, and companies of all sizes are in their crosshairs, noted Larry Ponemon, chairman and founder of the Ponemon Institute. The report shows that cyber attacks are a global phenomenon, as is the lack of awareness and preparedness by businesses globally, he said.
Overall, cyber attacks are increasing dramatically, the report said. About three quarters of the U.S. companies surveyed (76%) were attacked within the previous 12 months, up from 55% in a 2016 survey. Globally, 66% of respondents reported attacks in the same timeframe.
Attacks that rely on user deception are on the rise, the study said. Overall, attacks are becoming more sophisticated, with phishing (57%), compromised or stolen devices (33%), and credential theft (30%) among the most common attacks waged against SMBs globally.
Data loss is among the most common impact of cyber security events. Worldwide, 63% of businesses reported an incident involving the loss of sensitive information about customers and employees in the previous year.
SMBs around the world increasingly are adopting emerging technologies such as mobile devices and apps, the Internet of Things (IoT), and biometrics, despite having a lack of confidence in their ability to protect their sensitive information.
Nearly half of the survey respondents (48%) access more than 50% of their business-critical applications from mobile devices, yet virtually the same portion of respondents said the use of mobile devices to access critical applications diminishes their organization’s security posture.
Furthermore, a large majority of respondents (80%) think it is likely that a security incident related to unsecured IoT devices could be catastrophic. Still, only 21% monitor the risk of IoT devices in the workplace.
The report also suggests that biometrics might finally be moving toward the mainstream. Three quarters of SMBs currently use biometrics to identify and authenticate users or have plans to do so soon.
Small and mid-sized companies can take several steps to bolster their cyber security programs. One is to educate users and managers throughout the organization about the importance of strong security and taking measures to keep data safe.
Because so many attacks begin with employees opening suspicious email attachments or clicking on links that lead to malware infestations or phishing, training users to identify these threats is vital. Companies can leverage a number of free training resources online to help spread the word about good security hygiene.
Smaller companies, particularly those will limited internal cyber security skills, can also consider hiring a managed security services provider (MSSP) to help build up a security program. Many of these firms are knowledgeable about in the latest threats, vulnerabilities, and tools, and can help SMBs quickly get up to speed from security standpoint.
And companies can deploy products and services that are specifically aimed at securing small businesses. Such tools provide protection for common IT environments such as Windows, macOS, Android, and iOS devices. They are designed to protects businesses against ransomware and other new and existing cyber threats, and prevent data breaches that can put personal and financial data at risk.
Some of these offerings can be installed in a matter of minutes with no cyber security or IT skills required, which is ideal for smaller companies with limited resources and a need to deploy stronger defenses quickly.
View full post on National Cyber Security
#nationalcybersecuritymonth | DFARS / CMMC for 2020: Culmination of Efforts to Protect National Security Data and Networks – Cybersecurity and Privacy Alert | Bradley Arant Boult Cummings LLP
Updated: May 25, 2018:
JD Supra is a legal publishing service that connects experts and their content with broader audiences of professionals, journalists and associations.
Please note that if you subscribe to one of our Services, you can make choices about how we collect, use and share your information through our Privacy Center under the “My Account” dashboard (available if you are logged into your JD Supra account).
Collection of Information
Registration Information. When you register with JD Supra for our Website and Services, either as an author or as a subscriber, you will be asked to provide identifying information to create your JD Supra account (“Registration Data“), such as your:
- First Name
- Last Name
- Company Name
- Company Industry
Other Information: We also collect other information you may voluntarily provide. This may include content you provide for publication. We may also receive your communications with others through our Website and Services (such as contacting an author through our Website) or communications directly with us (such as through email, feedback or other forms or social media). If you are a subscribed user, we will also collect your user preferences, such as the types of articles you would like to read.
Information from third parties (such as, from your employer or LinkedIn): We may also receive information about you from third party sources. For example, your employer may provide your information to us, such as in connection with an article submitted by your employer for publication. If you choose to use LinkedIn to subscribe to our Website and Services, we also collect information related to your LinkedIn account and profile.
How do we use this information?
We use the information and data we collect principally in order to provide our Website and Services. More specifically, we may use your personal information to:
- Operate our Website and Services and publish content;
- Distribute content to you in accordance with your preferences as well as to provide other notifications to you (for example, updates about our policies and terms);
- Measure readership and usage of the Website and Services;
- Communicate with you regarding your questions and requests;
- Authenticate users and to provide for the safety and security of our Website and Services;
- Conduct research and similar activities to improve our Website and Services; and
- Comply with our legal and regulatory responsibilities and to enforce our rights.
How is your information shared?
- Content and other public information (such as an author profile) is shared on our Website and Services, including via email digests and social media feeds, and is accessible to the general public.
- If you choose to use our Website and Services to communicate directly with a company or individual, such communication may be shared accordingly.
- Readership information is provided to publishing law firms and authors of content to give them insight into their readership and to help them to improve their content.
- Your information may also be shared to parties who support our business, such as professional advisors as well as web-hosting providers, analytics providers and other information technology providers.
- Any court, governmental authority, law enforcement agency or other third party where we believe disclosure is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights, the rights of any third party or individuals’ personal safety, or to detect, prevent, or otherwise address fraud, security or safety issues.
- To our affiliated entities and in connection with the sale, assignment or other transfer of our company or our business.
How We Protect Your Information
JD Supra takes reasonable and appropriate precautions to insure that user information is protected from loss, misuse and unauthorized access, disclosure, alteration and destruction. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. You should keep in mind that no Internet transmission is ever 100% secure or error-free. Where you use log-in credentials (usernames, passwords) on our Website, please remember that it is your responsibility to safeguard them. If you believe that your log-in credentials have been compromised, please contact us at email@example.com.
Our Website and Services are not directed at children under the age of 16 and we do not knowingly collect personal information from children under the age of 16 through our Website and/or Services. If you have reason to believe that a child under the age of 16 has provided personal information to us, please contact us, and we will endeavor to delete that information from our databases.
Links to Other Websites
Our Website and Services may contain links to other websites. The operators of such other websites may collect information about you, including through cookies or other technologies. If you are using our Website or Services and click a link to another site, you will leave our Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We are not responsible for the data collection and use practices of such other sites. This Policy applies solely to the information collected in connection with your use of our Website and Services and does not apply to any practices conducted offline or in connection with any other websites.
Information for EU and Swiss Residents
JD Supra’s principal place of business is in the United States. By subscribing to our website, you expressly consent to your information being processed in the United States.
- Your Rights
- Right of Access/Portability: You can ask to review details about the information we hold about you and how that information has been used and disclosed. Note that we may request to verify your identification before fulfilling your request. You can also request that your personal information is provided to you in a commonly used electronic format so that you can share it with other organizations.
- Right to Correct Information: You may ask that we make corrections to any information we hold, if you believe such correction to be necessary.
- Right to Restrict Our Processing or Erasure of Information: You also have the right in certain circumstances to ask us to restrict processing of your personal information or to erase your personal information. Where you have consented to our use of your personal information, you can withdraw your consent at any time.
You can make a request to exercise any of these rights by emailing us at firstname.lastname@example.org or by writing to us at:
JD Supra, LLC
10 Liberty Ship Way, Suite 300
Sausalito, California 94965
You can also manage your profile and subscriptions through our Privacy Center under the “My Account” dashboard.
We will make all practical efforts to respect your wishes. There may be times, however, where we are not able to fulfill your request, for example, if applicable law prohibits our compliance. Please note that JD Supra does not use “automatic decision making” or “profiling” as those terms are defined in the GDPR.
- Onward Transfer to Third Parties: As noted in the “How We Share Your Data” Section above, JD Supra may share your information with third parties. When JD Supra discloses your personal information to third parties, we have ensured that such third parties have either certified under the EU-U.S. or Swiss Privacy Shield Framework and will process all personal data received from EU member states/Switzerland in reliance on the applicable Privacy Shield Framework or that they have been subjected to strict contractual provisions in their contract with us to guarantee an adequate level of data protection for your data.
California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, our customers who are California residents have the right to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.
You can make a request for this information by emailing us at email@example.com or by writing to us at:
JD Supra, LLC
10 Liberty Ship Way, Suite 300
Sausalito, California 94965
Some browsers have incorporated a Do Not Track (DNT) feature. These features, when turned on, send a signal that you prefer that the website you are visiting not collect and use data regarding your online searching and browsing activities. As there is not yet a common understanding on how to interpret the DNT signal, we currently do not respond to DNT signals on our site.
Access/Correct/Update/Delete Personal Information
For non-EU/Swiss residents, if you would like to know what personal information we have about you, you can send an e-mail to firstname.lastname@example.org. We will be in contact with you (by mail or otherwise) to verify your identity and provide you the information you request. We will respond within 30 days to your request for access to your personal information. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. If you would like to correct or update your personal information, you can manage your profile and subscriptions through our Privacy Center under the “My Account” dashboard. If you would like to delete your account or remove your information from our Website and Services, send an e-mail to email@example.com.
Contacting JD Supra
As with many websites, JD Supra’s website (located at www.jdsupra.com) (our “Website“) and our services (such as our email article digests)(our “Services“) use a standard technology called a “cookie” and other similar technologies (such as, pixels and web beacons), which are small data files that are transferred to your computer when you use our Website and Services. These technologies automatically identify your browser whenever you interact with our Website and Services.
- Improve the user experience on our Website and Services;
- Store the authorization token that users receive when they login to the private areas of our Website. This token is specific to a user’s login session and requires a valid username and password to obtain. It is required to access the user’s profile information, subscriptions, and analytics;
- Track anonymous site usage; and
- Permit connectivity with social media networks to permit content sharing.
There are different types of cookies and other technologies used our Website, notably:
- “Session cookies” – These cookies only last as long as your online session, and disappear from your computer or device when you close your browser (like Internet Explorer, Google Chrome or Safari).
- “Persistent cookies” – These cookies stay on your computer or device after your browser has been closed and last for a time specified in the cookie. We use persistent cookies when we need to know who you are for more than one browsing session. For example, we use them to remember your preferences for the next time you visit.
- “Web Beacons/Pixels” – Some of our web pages and emails may also contain small electronic images known as web beacons, clear GIFs or single-pixel GIFs. These images are placed on a web page or email and typically work in conjunction with cookies to collect data. We use these images to identify our users and user behavior, such as counting the number of users who have visited a web page or acted upon one of our email digests.
JD Supra Cookies. We place our own cookies on your computer to track certain information about you while you are using our Website and Services. For example, we place a session cookie on your computer each time you visit our Website. We use these cookies to allow you to log-in to your subscriber account. In addition, through these cookies we are able to collect information about how you use the Website, including what browser you may be using, your IP address, and the URL address you came from upon visiting our Website and the URL you next visit (even if those URLs are not on our Website). We also utilize email web beacons to monitor whether our emails are being delivered and read. We also use these tools to help deliver reader analytics to our authors to give them insight into their readership and help them to improve their content, so that it is most useful for our users.
Analytics/Performance Cookies. JD Supra also uses the following analytic tools to help us analyze the performance of our Website and Services as well as how visitors use our Website and Services:
- HubSpot – For more information about HubSpot cookies, please visit legal.hubspot.com/privacy-policy.
- New Relic – For more information on New Relic cookies, please visit www.newrelic.com/privacy.
- Google Analytics – For more information on Google Analytics cookies, visit www.google.com/policies. To opt-out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout. This will allow you to download and install a Google Analytics cookie-free web browser.
Facebook, Twitter and other Social Network Cookies. Our content pages allow you to share content appearing on our Website and Services to your social media accounts through the “Like,”https://www.jdsupra.com/”Tweet,” or similar buttons displayed on such pages. To accomplish this Service, we embed code that such third party social networks provide and that we do not control. These buttons know that you are logged in to your social network account and therefore such social networks could also know that you are viewing the JD Supra Website.
Controlling and Deleting Cookies
The processes for controlling and deleting cookies vary depending on which browser you use. To find out how to do so with a particular browser, you can use your browser’s “Help” function or alternatively, you can visit http://www.aboutcookies.org which explains, step-by-step, how to control and delete cookies in most browsers.
Updates to This Policy
Contacting JD Supra
The post #nationalcybersecuritymonth | DFARS / CMMC for 2020: Culmination of Efforts to Protect National Security Data and Networks – Cybersecurity and Privacy Alert | Bradley Arant Boult Cummings LLP appeared first on National Cyber Security.
View full post on National Cyber Security
#nationalcybersecuritymonth | U.S. and China Strike Phase One Trade Agreement; Washington Steps up Efforts to Block Chinese Tech Amidst Mounting Opposition
U.S. and China Announce Agreement on Phase One Trade Deal
On Dec. 13, President Trump announced that the U.S. and China had agreed to a “Phase One” trade deal. Under the agreement, the U.S. will roll back tariffs on Chinese goods in exchange for more U.S. goods purchases and structural reforms from the Chinese side. According to Trump, he will sign the deal on Jan. 15 with Chinese representatives at the White House. If the signing goes as planned, it will represent the U.S. and China’s first agreement to reduce import duties since the two countries began implementing bilateral tariffs in July 2018.
So far, most details of the agreement have not been made public. But as for U.S. commitments, Trump on Dec. 13 already canceled new 15 percent duties scheduled to hit $160 billion of Chinese exports on Dec. 15. Additionally, the Office of the U.S. Trade Representative (USTR) has confirmed that the U.S. will reduce tariffs on $120 billion of China’s exports from 15 percent to 7.5 percent. According to Chinese Vice Commerce Minister Wang Shouwen, the Trump administration will make these cuts in phases, though neither side has specified a timeline. Tariffs of 25 percent will remain, meanwhile, on $250 billion of Chinese goods.
As for China’s commitments, China has already cut tariffs on a slew of agricultural products and commodities. The USTR also reports that China will raise its imports of U.S. goods to $200 billion above 2017 levels—though China has yet to commit to import quantities for specific goods, like agricultural products. China has further pledged to heighten intellectual-property protections, end forced technology transfers and liberalize its financial services; however, the deal does not touch Chinese government subsidies to domestic firms. The deal also includes a process by which the U.S. may impose punitive tariffs if China does not adhere to its promises.
The Phase One deal has handed outsize benefits to U.S. and Chinese tech companies. Technology products (along with other consumer-retail goods) were disproportionately represented among the imports originally scheduled for new tariffs on Dec. 15. U.S. tech companies like Apple that produce in China will no longer see foreign-manufactured goods like phones and computers slapped with tariffs. And as analysts at Morgan Stanley have noted, following the deal, technology companies in China will likely experience the largest valuation increases among Chinese firms. Foreign financial firms may also be winners from the deal. Both sides have represented that, as part of the trade agreement, China will for the first time allow foreign companies to enter its financial sector without a joint venture. (China had already announced in July 2019 that it planned to abolish this joint-venture requirement.) This forthcoming change may also expand financing opportunities for firms raising funds in China.
Business groups in the U.S. have widely praised the deal as a positive step, and U.S. stocks rallied on news of the deal. Some commentators have argued that the Phase One agreement—which had remained in doubt for months—signifies a thaw in U.S.-China tensions and sanguine prospects for future agreements. Chinese negotiators are, reportedly, already attempting to work with the Trump administration in hammering out the next phase of the deal.
Still, reactions in the U.S. to the substance of Trump’s deal have been mixed. Although U.S. officials have touted the deal’s impact on the American economy, commentators have criticized it for resulting in few tangible concessions—particularly on structural reforms—that China had not previously been willing to make. And many remain skeptical that, even with this deal, the two sides will reach further trade agreements before November’s presidential election. Reports also suggest that Chinese leaders consider the deal a huge victory—and one that justifies a hardline approach to future U.S. trade talks.
State Department Steps up Efforts to Block Chinese Tech Imports, But Faces Mounting Opposition
Reporting broke in December that the State Department has, in recent months, attempted to stop American companies from purchasing Chinese technology components. The State Department’s Under Secretary for Economic Growth, Energy, and the Environment Keith Krach has led the initiative, which asks firms to sign a set of principles titled the Global Digital Trust Standard (GDTS). The GDTS would, in effect, commit firms not to buy products from Huawei and possibly other Chinese companies. Krach has reportedly approached thirteen business entities—including telecom carriers AT&T and Verizon, as well as chip manufacturers—about signing the GDTS. None appear to have signed.
The GDTS—by covering U.S. purchases, not sales—represents a more expansive attempt to influence U.S. supply chains than many past government actions against Huawei. But it also builds on recent steps in this direction by the Trump administration. On Nov. 26, the Commerce Department proposed a process for reviewing, and possibly prohibiting, information-technology acquisitions from “foreign adversar[ies].” These measures are widely considered to target Chinese companies like Huawei (although they have yet to take effect). Last month, the Federal Communications Commission (FCC) also labeled Huawei and ZTE national-security threats. This categorization bars purchases of their products through an FCC fund subsidizing rural telecom services.
The State Department’s requests, however, have met significant resistance from U.S. companies. Corporate leaders worry that signing the GDTS will commit them to anticompetitive behavior, exposing them to antitrust lawsuits. Concerned about higher costs and supply-chain disruption, businesses are also increasingly rebuffing Washington’s broader efforts to regulate tech imports, with many pushing back against the Commerce Department’s Nov. 26 purchase-review proposal. Unease about that rule change—and the review process’s complexity—led many trade associations on Dec. 6 to request a two-month extension to the rule’s comment period.
Chinese opposition to U.S. restrictions on Huawei has likewise grown more forceful, which may portend rising tensions on tech issues between the two countries. On Dec. 18, the Chinese state-owned paper China Daily published an editorial condemning U.S. efforts “to put Huawei out of business” as “dangerous” and “nothing but protectionism.” Huawei, meanwhile, has lately tried to market itself to American allies as more faithful than the U.S. to shared western values. And Huawei announced plans in December to sue the FCC for deeming it a national-security threat without due process. This legal challenge may compound U.S. firms’ fears about antitrust lawsuits should they cease importing Huawei goods.
It is not yet clear how the pushback will affect the Trump administration’s import-regulation efforts. Trump has continually ramped up restrictions against Huawei since May 2019, when he placed Huawei on a blacklist—still just partially implemented—that precludes it from purchasing U.S. components. However, there are some signs that regulators are open to tweaking such policies in response to feedback. Throughout November and December, the Commerce Department has issued export licenses to certain companies applying for exceptions from the ban against selling to Huawei.
In Other News
Reports emerged on Dec. 15 that the U.S. expelled two Chinese diplomats last September for suspected espionage after the two officials drove onto a military base in Virginia. At least one of the diplomats, U.S. officials suspect, was an undercover Chinese intelligence officer. The decision represents the first espionage-related expulsion of Chinese diplomats in over thirty years. After reports of the event broke, China denied that the embassy officials engaged in any wrongdoing and urged the U.S. “to correct its mistake.” The expulsions come amidst growing concerns among intelligence agencies worldwide that China is conducting espionage on a “mass scale.” Shortly after reports of the expulsions emerged, separate reporting indicated that a Chinese student had stolen research materials from a lab in Boston as an act of suspected biotechnology espionage.
Beijing last month reprimanded tech giants Tencent and Xiaomi for violating users’ data privacy with certain applications—including Tencent’s instant-messaging app QQ. Specifically, the government alleged that these apps violated national laws against collecting and selling personal data, such as through the use of designs that make it hard for users to delete accounts. In response to the transgressions, China’s Ministry of Industry and Information Technology (MIIT) on Dec. 19 published the names of dozens of problematic apps; it also threatened “punishment” if their problems were not addressed by end-2019. The crackdown gives force to an MIIT campaign announced last November to rein in mobile-app privacy violations, particularly among apps with high user volumes. Still, this campaign contrasts with Beijing’s recent efforts to scale up the government’s own data collection, which includes a Dec. 2 law requiring anyone registering a mobile number to undergo facial-recognition scans. Following the government’s announcement, Tencent issued a public pledge to amend its privacy statements.
On Dec. 8, the Financial Times obtained information that the Chinese government has ordered that all foreign-made hardware and software be removed from state institutions within three years. The substitutions will occur steadily through 2022—30 percent in 2020, 50 percent the next year and 20 percent the final year—and they complement similar moves by the U.S. to restrict Chinese tech imports. Analysts suspect executing the replacement will be difficult, because Chinese substitutes for some foreign products fall well below those foreign products’ levels of sophistication and developer support. China has wanted to remove foreign tech from key government operations since at least 2014, and doing so fits in with its objective of technological self-reliance under its “Made in China 2025” program. Still, the announced three-year timeframe is faster than expected, and the shift may harm some U.S. tech companies, which generate an estimated $150 billion in annual revenue from total sales to China. Some analysts expect, however, that major tech firms have anticipated and prepared for a move such as this.
Paul Krugman argues in the New York Times that the “Phase One” trade deal achieves few of Trump’s objectives, while Max Boot contends in the Washington Post the benefits it will bring the U.S. are speculative. Writing for Foreign Policy, Peter E. Harrell predicts that the next phase of U.S.-China trade disputes will center on export and investment controls rather than tariffs. Michael Ivanovitch argues in CNBC that a Phase One deal will do little to end the U.S.-China trade deficit and forestall future trade spats.
Henry Paulson writes in the Washington Post that the U.S. needs to catch up with China on developing 5G technologies. For Project Syndicate, Ngaire Woods questions whether Huawei really poses a greater security threat to the U.S. than companies like Facebook. Yukon Huang and Jeremy Smith discuss for the Carnegie Endowment for International Peace why the U.S. and China should resolve their technology disputes in multilateral forums.
For the New York Times, Ian Johnson examines how the Chinese Communist Party is incorporating traditional Chinese values into its governing strategy, and Roger Cohen explores the origins of political unrest in Hong Kong. In the Diplomat, Remco Zwetsloot and Dahlia Peterson argue that China’s immigration practices hold it back from competing with the U.S. in tech.
For Lawfare, Christopher C. Krebs discusses how the Cybersecurity and Infrastructure Security Agency can tackle U.S. cybersecurity vulnerabilities. Richard Altieri and Benjamin Della Rocca explore potential U.S. executive and legislative responses to Xinjiang internment camps. Tom Wheeler explains how Trump administration policies have set the U.S. back in its competition with China on 5G technologies.
The post #nationalcybersecuritymonth | U.S. and China Strike Phase One Trade Agreement; Washington Steps up Efforts to Block Chinese Tech Amidst Mounting Opposition appeared first on National Cyber Security.
View full post on National Cyber Security
Chinese hackers, once some of the most careless and noisy hackers around, have become very careful and much more strategic at choosing the targets they go after.
The prototype of the Chinese hacker is well documented in the cyber-security industry. Chinese actors hack whatever they can, grab whatever they can, and sift through the data after the fact.
They also don’t care about stealth, rarely hide their tracks, and operate based on a set of general instructions that trickle down through a convoluted network of state agencies and private companies.
Nation-state cyber operations have been going on since the mid-90s, but it was only after the appearance of Chinese actors in the early 2000s that people started to pay more attention to the world of cyber-espionage.
While Russian and US groups were focusing on carrying out secret operations, putting most of their efforts in remaining hidden, Chinese hackers came like a flood and drove a truck through the front door with no regard to getting detected.
In fact, the term APT (advanced persistent threat) that is now used to describe hacker groups believed to be operating at orders and under the protection of local governments, initially stood for Asia-Pacific Threat, mainly because of the onslaught of Chinese hacks at the start of the 2000s.
US-China pact had a temporary effect on Chinese hacking operations
Their clumsiness and noisy actions eventually landed China at odds with the US, and political tensions rose so much that in the autumn of 2015, Chinese and US authorities had to meet and sign a mutual pact where neither government would “conduct or knowingly support cyber-enabled theft of intellectual property.”
The pact effectively limited nation-state hacking between the two countries to intelligence gathering operations only.
This agreement had an immediate result and after six months, cyber-security firm FireEye noted that the pact and a series of military reforms had visibly slowed down’s China’s cyber-espionage operations.
In reality, Chinese hackers didn’t stop hacking, but just started choosing their targets more carefully.
Chinese hackers become more careful
Instead of driving a truck through the front door, Chinese hacker groups started to pick locks and operate in the shadows.
For example, the clever hack and poisoning of the CCleaner app is believed to have been carried out by a Chinese APT codenamed Axiom. And let’s not forget the well-planned hacks of cloud providers so Chinese hackers could silently reach into organizations’ internal networks.
“There was indeed a decrease in activity of Chinese APTs following the pact,” Tom Hegel, Senior Threat Researcher at 401TRG, told Bleeping Computer.
“They became more strategic and operate with improved tactics since then,” Hegel added. “They were once very noisy with little care for operational security. These days it’s more strategically controlled.”
Three reports detail new Chinese hacking operations
This is why it’s so rare and most likely a coincidence that we’ve seen three reports released in the past two weeks describing various cyber operations, all linked to China.
“I personally wouldn’t say these reports are a resurgence [of Chinese hacking activity], but rather a continued increase in public reporting and identification,” Hegel said.
The first of these three new reports detailing Chinese APT activity was published last week by RiskIQ. The report details a new remote access trojan named htpRAT that was used against various targets in Laos.
The RAT comes with the ability to log keystrokes, take screenshots, record audio and video from a webcam or computer microphone, install and uninstall programs and manage files. Infrastructure reuse links the group behind this malware with PlugX, the decade-old favorite malware of multiple Chinese APTs.
A second report was released yesterday by Pwc’s cyber-security division. The report highlights new activity from a Chinese APT known as KeyBoy [1, 2], previously dormant for around four years.
The report also highlights a new RAT that can take screenshots, exfiltrate files, and download and run other malware. While previously the group targeted Taiwan, Tibet, and the Philippines, the group is now going after Western organizations. Parys says the group appears to currently be interested in corporate espionage.
Last but not least we have Check Point’s revised report on the IoT_Reaper botnet. New evidence reveals that command and control domains used by Reaper botnet were registered with an email address that is connected to the Black Vine Chinese APT, the group that breached health insurance provider Anthem in 2015.
It’s still a mystery why a cyber-espionage group would be building an IoT botnet. Some could say the group is creating a tool that could be used to launch DDoS attacks against targets the Chinese government would like to silence. Another theory is that Black Vine would use the botnet as a layer of proxies to hide future operations.
All in all, we’re seeing both a curb and maturation of Chinese hacking efforts, some of which can be attributed to the military reforms enforced by President Xi Jinping after he took power in 2012 when he said that government and military elements should stop using state resources for their own agendas.
The post Chinese #Hacking Efforts More #Strategic, Less #Noisy appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
HBO’s ‘Real Sports’ Examines Risks, Safety Efforts in Youth Football – Schooled in Sports – Education Week
In Tuesday night’s episode of HBO’s Real Sports with Bryant Gumbel, the safety of youth football came under the microscope.
View full post on Education Week: Bullying
#pso #htcs #b4inc
View full post on Parent Security Online
Take a look at some of these numbers from Symantec’s 2016 Internet Security Threat Report. In 2015, Symantec discovered more than 400 million new pieces of malware, an increase of 36 percent over 2014. On average, there was one new
The post Too Much Threat Data Hinders Cybersecurity Efforts appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Following the theft of millions of dollars from Bangladesh Bank via the international financial messaging system SWIFT, US banking regulators have outlined steps to tighten cyber-security at the nation’s banks.
US banking regulators issued a joint letter outlining ways they
The post US Bank Regulators Tighten Cyber-Security Efforts Around SWIFT appeared first on National Cyber Security.
View full post on National Cyber Security
As governments all around the world are finding a peaceful solution for the political tension in Ukraine , the cyber-criminals could catch government with online attacks , warned Kaspersky Lab CEO Eugene Kaspersky.
“It is good news for the local IT projects, but the international projects will have less budgeted,” says Kaspersky.
“When the governments don’t talk to each other and cooperate, that damages traditional industry and economies, but also cyberspace” They added.
“It will damage global Internet projects,” he said. “Nations will be more focused on the national projects. That’s good news for the local IT companies, but … the evolution of cyberspace will slow down.” They continued.
The post Ukraine tensions could hurt international security efforts, Kaspersky says appeared first on Am I Hacker Proof.
View full post on Am I Hacker Proof
(ISC)2 Foundation and University of Phoenix Research identify gaps hindering efforts to fill cybersecurity jobs
Cybersecurity breaches affect businesses large and small, and the annual cost of computer- and network-based crimes worldwide is estimated to be more than $400 billion, according to a report from McAfee and the Center for Strategic and International Studies. As […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
View full post on National Cyber Security