Changes meant to improve PLA high-tech warfighting
A recent Chinese military reorganization is increasing the danger posed by People’s Liberation Army cyber warfare and intelligence units that recently were consolidated into a new Strategic Support Force.
The announcement of the military reorganization made on Dec. 31 by the Chinese government provided few details of what has changed for three military intelligence units formerly under the now-defunct General Staff Department. Continue reading
Unified command would allow military to create specialised forces as well as give leaders greater control over cyberspies who may be acting on their own, experts say
China’s military chiefs are seeking to unify the country’s cyberwarfare capabilities as they build a modern fighting force that relies less on ground troops.
The plan is part of a broader shift towards a unified military command similar to that of the US to meet President Xi Jinping’s goal of transforming the People’s Liberation Army into a force that can “fight and win modern wars”.
“Response” is exactly what’s allowing this to happen. It’s the culture of reactionary ‘patch and pray” that continues to be the industry norm instead of proactive defense that is the issue. Reactionary means only reacting, therefore you have to wait for something to happen.
Obama administration’s diplomatic, legal response is encouraging more cyber attacks
The United States will continue to suffer increasingly damaging cyber attacks against both government and private sector networks as long as there is no significant response, according to a recent U.S. intelligence community assessment.
Disclosure of the intelligence assessment, an analytical consensus of 16 U.S. spy agencies, comes as the Obama administration is debating how to respond to a major cyber attack against the Office of Personnel Management. Sensitive records on 22.1 million federal workers, including millions cleared for access to secrets, were stolen by hackers linked to China’s government. Continue reading
Washington: Two years ago, the Obama administration announced a new strategy to curb online espionage.
The White House said it would increase public awareness of the threat, encourage the private sector to increase its defences, focus diplomacy on protecting trade secrets overseas, improve trade secret theft legislation and make investigations and prosecutions of corporate and state-sponsored trade secret theft a top priority.
Since then, public awareness is up and so is spending. But the hacking continues. Continue reading
JPMorgan’s own investigators have found clues that a global network of computers available for hire by sophisticated criminals was used to reroute data stolen from the bank to a major Russian city, according to people familiar with the probe.
Like street magicians using sleight of hand, the hackers tapped computers from Latin America to Asia to send commands and obscure their identity while ferrying malicious traffic past one of the most heavily guarded networks on Wall Street.
Bank investigators working nearly around the clock have identified what they believe to be the assault’s staging ground, called a “bulletproof” hosting platform because of its resilience to other attackers and to law enforcement, according to one of the people, who requested anonymity because of the continuing investigation. The constellation of computers was used in previous hacking attacks and is now being tapped by professional cybercriminals operating out of Eastern Europe to target banks. Continue reading
Russian hackers attacked the U.S. financial system in mid-August, infiltrating and stealing data from JPMorgan Chase & Co. (JPM) and at least one other bank, an incident the FBI is investigating as a possible retaliation for government-sponsored sanctions, according to two people familiar with the probe.
The attack resulted in the loss of gigabytes of sensitive data, said the people, who asked not to be identified because the probe is still preliminary. Authorities are investigating whether recent infiltrations of major European banks using a similar vulnerability are also linked to the attack, one of the people said.
In one case, the hackers used a software flaw known as a zero-day vulnerability in one of the banks’ websites. They then plowed through layers of elaborate security to steal the data, a feat security experts said appeared far beyond the capability of ordinary criminal hackers. The incidents occurred at a low point in relations between Russia and the West. Russian troops continue to mass on the Ukrainian border and the West tightens sanctions aimed at crippling Russian companies, including some of the country’s most important banks. Continue reading