tests

now browsing by tag

 
 

CHINA #TESTS THE #LIMITS OF ITS #US #HACKING TRUCE

Source: National Cyber Security – Produced By Gregory Evans

CHINA #TESTS THE #LIMITS OF ITS #US #HACKING TRUCE

FOR THE LAST two years, America’s cybersecurity relationship with China has been held up as a triumph of digital diplomacy: Since the two countries signed an agreement not to hack each others’ private sector companies for commercial gain in late 2015, that pact has come to represent one of the most effective demonstrations in history of government negotiation to curtail state-sponsored cyberspying.

Yet under the surface of that deal, cybersecurity researchers suspect China’s intrusions of American companies continue—including one recent, brazen breach that used a backdoor in the popular CCleaner security to target US companies including Google, Microsoft, Intel and VMware, and left behind a few tell-tale indicators of Chinese involvement. And other researchers say they’ve seen signs of earlier Chinese intrusions designed to siphon exactly the sort of corporate intel the US-China cybersecurity agreement was meant to protect.

Earlier this month, the Trump administration’s Department of Justice and its Chinese counterparts agreed to formally reaffirm that agreement, renewing its promises for years to come. Whatever holes have appeared in the US-China hacking détente, a White House that otherwise wants to erase all sign of the previous administration believes it’s worth maintaining. All of which makes China’s behavior over the last two years—toeing the furthest edge of the agreement’s red line and occasionally crossing it entirely—a case study in the power and limits of diplomacy when applied to curbing secret, deniable, and often invisible digital misbehavior.

Pushing the Limits

“The total threat from China didn’t decrease, it just changed shape” in the two years since America’s cybersecurity agreement with China was first signed, says Chris Porter, the chief intelligence strategist for security firm FireEye, which has closely tracked Chinese hacking activity. For the most part, he says he’s seen China’s hacking groups shift their targeting to their own region, and move from pillaging US companies for intellectual property theft to a focus on traditional government-focused espionage, which falls outside the agreement’s tightly defined ban on hacking foreign companies to give domestic companies a business advantage.

“They’ve been careful to go after targets where you can’t clearly say what they’re taking, or where they can defend what they’re taking as permissible” under the agreement’s exceptions for traditional security-focused espionage, says Porter. “These groups are still taking data they can when they feel it won’t be held against them diplomatically.”

But China’s strategy—essentially doing everything it can get away with under the agreement-—isn’t limited to merely hacking American government targets in its recent spying campaigns. In the CCleaner attack that was uncovered in September, for instance, hackers used a backdoor in a popular security tool distributed by the security firm Avast to infect hundreds of thousands of computers, and tried to use that infection to plant malware on computers at 18 specific tech firms, according to researchers at Cisco’s Talos security division. They successfully planted that second, more targeted payload on machines owned by American companies including Intel, VMware, and DNS provider Dyn, among a longer list of largely Asian companies.

While the link to China remains far from certain, researchers found that the hackers’ server was set to the Chinese time zone, and both the initial malware and that targeted payload shared a significant portion of its code with tools used by a hacker group known as Axiom or APT17, long believed to be based in China.

If that operation were Chinese in origin, it might still not technically violate China’s agreement with the US, so long as those American companies were hacked as part of a traditional, government-focused espionage operation—say, to find hackable vulnerabilities in Intel chips that might allow Chinese operatives to spy on American intelligence agencies.

But FireEye’s Porter says the company’s analysts have tracked cases that edged closer to a violation of the US-China agreement, too, including Chinese hacking groups compromising American firms that were targets for Chinese investment or acquisition, possibly to gain an upper hand in negotiations. Even in those cases, however, Porter says that the motivations behind those thefts—and thus any violation of the US-China agreement—are very tough to prove.

FireEye notes two cases of specific Chinese hacker groups penetrating American private-sector targets with possible business intelligence goals: In April 2016, FireEye saw a suspected Chinese group known as Wekby penetrate a series of US, Canadian, and European targets in the petrochemical, tech, and insurance industries. A couple of months later, a suspected Chinese group known as APT10 restarted its hacking activities after a lull following the initial signing of the US-China agreement, hacking a US managed services provider to access a collection of victim companies.

Letting It Slide

Why, then, has the Trump administration renewed that Obama-era deal, even as China appears to nibble at its edges? The Justice Department didn’t respond to WIRED’s request for comment on its decision to reaffirm the Obama-era agreement. But some of the Obama administration officials who helped to architect the pact argue that the continuation of the deal makes sense. In the vast majority of cases, they say, it continues to accomplish its objectives.

“In broad terms, it was successful,” say J. Michael Daniel, who served as Obama’s White House cybersecurity coordinator. After all, despite the nagging exceptions, as much as 90 percent of Chinese hacking incidents targeting the US private sector did disappear following the agreement, according to numbers from both FireEye and security firm Crowdstrike. “I think it continues to be a success. It did what it was intended to do: It shifted Chinese thinking and behavior.”

And as for the remaining cases of US corporate penetrations that FireEye and other cybersecurity companies continue to point to? “There’s an understanding that you’re not going to reduce intrusions into private companies to zero,” Daniel says. “We never expected that every single instance of stealing intellectual property or trade secrets for commercial gain would go away.”

Daniel argues the few cases in which China has continued to hack American companies could be false flags or misattributions, where non-Chinese activity has been mistakenly pinned on Chinese. They could be traditional espionage, using companies as footholds to get into governmental targets. Or they could be rogue Chinese hacker groups moonlighting for private interests, conducting corporate espionage without the government’s involvement.

“The Chinese government doesn’t have complete and total control over all these Chinese hacker groups,” Daniel says. “Some of that activity may not be the Chinese government, but the companies that it would benefit, hiring those hackers to conduct these operations.”

But playing down violations of the agreement could be shrewd pragmatism as much as a lack of a smoking gun, says Robert Knake, a director of cybersecurity policy in the Obama administration who served until early 2015, before the US-China agreement was made. “It’s not always a bright-line bureaucratic decision,” Knake says. “Will you get the outcome you want by declaring someone in violation? Or do you get it by validating the agreement and then quietly pushing them?”

Knake notes it’s possible the Trump administration is focused on its escalating conflict with North Korea, and doesn’t want to ruffle its relationship with a key ally in the region. “The thinking could be, ‘let’s not start a fight with China too, we need them on North Korea,’” Knake says. “If this were the Obama administration, I would consider that a real possibility.”

The upshot for potential targets of that hacking, regardless, means that China’s teams of well-resourced spies remains a real, if now rarer, threat to corporate cybersecurity. America’s two-year old accord with China shows that diplomacy can indeed tamp down state-sponsored hacking. But it can’t stamp it out.

The post CHINA #TESTS THE #LIMITS OF ITS #US #HACKING TRUCE appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Mom arrested after 12-year-old son tests positive for meth

A Rock Hill mother is facing a slew of charges after police say she was distributing methamphetamine and her young son tested positive for the drug.

Jennifer Bradway, 40, of Rock Hill was arrested at her home along Bridgewood Drive Thursday, according to a York County narcotics investigator.

Bradway is charged with exposing her 12-year- old son to meth and unlawfully neglecting him.

Leland Harrelson with The Narcotics Unit explained how the boy tested positive for having meth in his system.

“It could have been when she was handling the meth, packaging it and selling it. She didn’t wash her hands. She prepared food for her son or if she touched her son, it could be transmitted that way.

Read More

The post Mom arrested after 12-year-old son tests positive for meth appeared first on Parent Security Online.

View full post on Parent Security Online

Iowa tests secure school-based Wi-Fi service for officers – Education Week

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Iowa tests secure school-based Wi-Fi service for officers – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Delaware students show slight improvement in statewide tests – Education Week

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Delaware students show slight improvement in statewide tests – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

North Korea’s Punggye-ri Facility Appears Ready to Support New Nuclear Tests

Source: National Cyber Security – Produced By Gregory Evans

A 38 North exclusive with analysis by Jack Liu. Recent commercial satellite imagery indicates continued activity at North Korea’s Punggye-ri nuclear test site that does not appear directed at further tunnel excavation but rather to maintain existing tunnels as well as to clean up after the January 2016 nuclear test. It is highly likely that […] North Korea’s Punggye-ri Facility Appears Ready to Support New Nuclear Tests is an article from 38 North: Informed Analysis of North Korea, published by the US-Korea Institute at SAIS. View full post on 38 North: Informed Analysis of North Korea

The post North Korea’s Punggye-ri Facility Appears Ready to Support New Nuclear Tests appeared first on National Cyber Security.

View full post on National Cyber Security

More Rockets in Kim Jong Un’s Pockets: North Korea Tests A New Artillery System

Source: National Cyber Security – Produced By Gregory Evans

On Friday, March 4, North Korea showed off a new “large-caliber” artillery rocket system. In this context, large-caliber probably means between 300-400 mm. North Korea appears to have tested the system from its coastal test range at Wonsan, with the projectiles flying about 150 km. Although Kim Jong Un watched a number of tests of […] More Rockets in Kim Jong Un’s Pockets: North Korea Tests A New Artillery System is an article from 38 North: Informed Analysis of North Korea, published by the US-Korea Institute at SAIS. View full post on 38 North: Informed Analysis of North Korea

The post More Rockets in Kim Jong Un’s Pockets: North Korea Tests A New Artillery System appeared first on National Cyber Security.

View full post on National Cyber Security

The Challenge of Predicting Future North Korean Nuclear Tests

Source: National Cyber Security – Produced By Gregory Evans

A 38 North exclusive with analysis by Jack Liu. Summary The latest North Korean nuclear test at the Punggye-ri test site apparently surprised the international community as there were few indicators seen before it took place. Unlike the 2013 test, when heavy activity was seen in the weeks prior to that test, very little preparation […] The Challenge of Predicting Future North Korean Nuclear Tests is an article from 38 North: Informed Analysis of North Korea, published by the US-Korea Institute at SAIS. View full post on 38 North: Informed Analysis of North Korea

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post The Challenge of Predicting Future North Korean Nuclear Tests appeared first on National Cyber Security.

View full post on National Cyber Security

Healthy Testicles: 7 Tests to Keep Your Balls in Check

Whether you have a history of testicular problems or not, it always pays to know how to check if your family jewels are in tiptop condition. Ah, the “family jewels” – the biological hard drive for your progeny, and the literal sperm bank. Read More….

The post Healthy Testicles: 7 Tests to Keep Your Balls in Check appeared first on Dating Scams 101.

View full post on Dating Scams 101

Oklahoma Wants STI Tests Before You Can Get Your Marriage License

There’s a lot to plan for once you decide to get married. You need to decide what sort of wedding you will have, you need to set a date, potentially book a place to host it, find someone to officiate, be sure to actually get a marriage license and, oh, yes, get tested for STIs. Read More….

The post Oklahoma Wants STI Tests Before You Can Get Your Marriage License appeared first on Dating Scams 101.

View full post on Dating Scams 101