Hans-Georg Maassen said his agency, known by its German acronym BfV, believes more than 10,000 Germans have been targeted by Chinese intelligence agents posing as consultants, headhunters or researchers, primarily on the social networking site LinkedIn.
“This is a broad-based attempt to infiltrate in particular parliaments, ministries and government agencies,” Maassen said.
China is building massive databases of Americans’ personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary, U.S. officials and analysts say.
Groups of hackers working for the Chinese government have compromised the networks of the Office of Personnel Management, which holds data on millions of current and former federal employees, as well as the health insurance giant Anthem, among other targets, the officials and researchers said.
“They’re definitely going after quite a bit of personnel information,” said Rich Barger, chief intelligence officer of ThreatConnect, a Northern Virginia cybersecurity firm. “We suspect they’re using it to understand more about who to target [for espionage], whether electronically or via human recruitment.” Continue reading
The malicious software, dubbed Regin, has a rare level of sophistication and has been targeting government agencies, telecoms, utilities, airlines, research facilities, private individuals and others since at least 2008, according to Symantec Corporation.
Attacks on telecom firms appeared aimed at getting access to calls being routed through networks.
“Regin is a highly complex threat which has been used in systematic data collection or intelligence gathering campaigns,” the Silicon Valley-based computer security firm said in a paper detailing the threat. Continue reading
The hackers, according to Kaspersky, were likely backed by a nation state and used techniques and tools similar to ones employed in two other high-profile cyber espionage operations that Western intelligence sources have linked to the Russian government.
Kaspersky, a Moscow-based security software maker that also sells cyber intelligence reports, declined to say if it believed Russia was behind the espionage campaign.
Dubbed “Epic Turla,” the operation stole vast quantities of data, including word processing documents, spreadsheets and emails, Kaspersky said, adding that the malware searched for documents with terms such as “NATO,” “EU energy dialogue” and “Budapest.” Continue reading
San Francisco: A private US cyber-security company on Monday accused a unit of China’s military of conducting far-reaching hacking operations to advance the country’s satellite and aerospace programs.
Security company CrowdStrike said Shanghai-based unit 61486 of the People’s Liberation Army 12th bureau has attacked networks of Western government agencies and defence contractors since 2007.
CrowdStrike said the hacking targeted the US space, aerospace and communications sectors. The cyberspying targeted “popular productivity applications such as Adobe Reader and Microsoft Office to deploy custom malware through targeted email attacks,” CrowdStrike said. Continue reading
Vodafone, one of the world’s largest mobile phone groups, has revealed the existence of secret wires that allow government agencies to listen to all conversations on its networks, saying they are widely used in some of the 29 countries in which it operates in Europe and beyond.
The company has broken its silence on government surveillance in order to push back against the increasingly widespread use of phone and broadband networks to spy on citizens, and will publish its first Law Enforcement Disclosure Report on Friday . At 40,000 words, it is the most comprehensive survey yet of how governments monitor the conversations and whereabouts of their people. Continue reading
A few years back, the White House had a brilliant idea: Why not create a single, secure online ID that Americans could use to verify their identity across multiple websites, starting with local government services. The New York Times described it at the time as a “driver’s license for the internet.”
Sound convenient? It is. Sound scary? It is.
Next month, a pilot program of the “National Strategy for Trusted Identities in Cyberspace” will begin in government agencies in two US states, to test out whether the pros of a federally verified cyber ID outweigh the cons.
The goal is to put to bed once and for all our current ineffective and tedious system of using passwords for online authentication, which itself was a cure for the even more ineffective and tedious process of walking into a brick-and-mortar building and presenting a human being with two forms of paper identification. Continue reading
Well, it’s been pretty obvious for a while now that China’s been hacking into some of America’s most important businesses and government agencies and stealing reams of data. We’ve heard countless reports about Pentagon info being stolen orabout critical data on the F-35 Joint Strike Fighter being plucked from defense contractors networks — with China being the main suspect.
Here’s what Clarke Recently told Smithsonian Magazine:
“My greatest fear,” Clarke says, “is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese. And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China.…After a while you can’t compete.”
But Clarke’s concerns reach beyond the cost of lost intellectual property. He foresees the loss of military power. Say there was another confrontation, such as the one in 1996 when President Clinton rushed two carrier battle fleets to the Taiwan Strait to warn China against an invasion of Taiwan. Clarke, who says there have been war games on precisely such a revived confrontation, now believes that we might be forced to give up playing such a role for fear that our carrier group defenses could be blinded and paralyzed by Chinese cyber intervention. (He cites a recent war game published in an influential military strategy journal called Orbis titled “How the U.S. Lost the Naval War of 2015.”)
Full article: Richard Clarke: All U.S. Electronics From China Could Be Infected (Defense Tech)
The hacker group known as LulzSec appears to be back after many months of laying low, claiming to have exposed the accounts of nearly 171,000 members of the military.
The group, which in 2011 went after government agencies and companies including the FBI, CIA, Sony and the Public Broadcasting Service, claims to have exposed the email accounts of thousands of members on the website MilitarySingles.com.
“There are emails such as @us.army.mil; @carney.navy.mil; @greatlakes.cnet.navy.mil; @microsoft.com; etc.,” the group said in a note posted on the website PasteBin.
The group said it dumped a database including a total of 170,937 email accounts from the website, which bills itself as “the dating site for single soldiers.”
Full story: Hackers Claim To Have Exposed 170,000 Military Email Accounts (Business Insider)