Skip Navigation

Terrorism News

A collection of open-source terrorism news from around the world.
Keyword: cyber security

U.S. officials say two Chinese citizens acting on behalf of their country’s main intelligence agency carried out an extensive hacking campaign to steal data from military service members, government agencies and private companies in the United States and nearly a dozen other nations. It was the latest in a series of Justice Department indictments targeting cyberespionage from Beijing.

The two are accused of breaching computer networks in a broad swath of industries, including aviation and space, banking and finance, oil and gas exploration and pharmaceutical technology. Prosecutors say they also compromised the names, Social Security numbers and other personal information of more than 100,000 Navy personnel.

All told, prosecutors say, the alleged hackers — identified as Zhu Hua and Zhang Shillong — stole “hundreds of gigabytes” of data, breaching computers of more than 45 entities in 12 states. They are not in custody.

U.S. law enforcement officials described the case as part of a trend of state-sponsored hackers breaking into American networks and stealing trade secrets and confidential and valuable information. More than 90 percent of Justice Department economic espionage cases over the last seven years involve China, said Deputy Attorney General Rod Rosenstein, and more than two-thirds of trade secrets cases are connected to the country.

“China’s state-sponsored actors are the most active perpetrators of economic espionage,” FBI Director Chris Wray said Thursday in announcing the case. “While we welcome fair competition, we cannot and will not tolerate illegal hacking, stealing or cheating.”

Last week, officials from the Justice Department, the FBI and the Department of Homeland Security testified to the Senate Judiciary Committee that China is working to steal trade secrets and intellectual property from U.S. companies in order to harm America’s economy and further its own development. Those efforts have continued even after Beijing committed in 2015 to halting the theft of trade secrets following a first-of-its-kind indictment that accused Chinese hackers of stealing corporate data from brand-name U.S. companies.

“We want China to cease illegal cyber activities and honor its commitment to the international community, but the evidence suggests that China may not intend to live up to its promises,” Rosenstein said.

In recent months, the Justice Department has filed separate cases against several Chinese intelligence officials and hackers. A case filed in October marked the first time that a Chinese Ministry of State Security officer was extradited to the United States to stand trial. Chinese espionage efforts have become “the most severe counterintelligence threat facing our country today,” Bill Priestap, the assistant director of the FBI’s counterintelligence division, told the Senate committee.

As the U.S. was announcing its charges Thursday, the British government accused China of conducting a “widespread and significant” campaign of cyberespionage against the U.K. and its allies. The Foreign Office said a group known as APT 10 — the same one cited by the U.S. — carried out “a malicious cyber campaign targeting intellectual property and sensitive commercial data in Europe, Asia and the U.S.” It said the group “almost certainly continues to target a range of global companies, seeking to gain access to commercial secrets.”

Hacking by Chinese state-backed hackers dramatically escalated over the summer in response to the trade war with the U.S. and military tensions in the South China Sea, said Tom Kellermann, chief cybersecurity officer of Carbon Black, whose company’s threat-hunting tool is used in global cyber investigations.

He credited the Justice Department with targeting a group that he said was China’s “most prolific hacker crew.” He said he was not optimistic that the pair would be prosecuted in the U.S., but that’s not the point. “The Chinese are operating on a 50-year plan of information dominance, a comprehensive national strategy, and it’s high time we actually reacted,” Kellermann said.


Source: Associated Press 

Microsoft has issued an emergency update that fixes a critical Internet Explorer vulnerability that attackers are actively exploiting on the Internet.

The memory-corruption flaw allows attackers to remotely execute malicious code when computers use IE to visit a booby-trapped website, Microsoft said Wednesday. Indexed as CVE-2018-8653, the flaw affects all supported versions of Windows. The vulnerability involves the way Microsoft's scripting engine handles objects in memory in Internet Explorer.

In a separate advisory, Microsoft said the vulnerability is being used in targeted attacks, but the company didn't elaborate. Microsoft credited Clement Lecigne of Google's Threat Analysis Group with discovering the vulnerability. No other details were available about the vulnerability or exploits at the time this post was being reported.

Microsoft said that customers who have Windows Update enabled and have applied the latest security updates are automatically protected against exploits. Microsoft said it knows of no workarounds or mitigations. Windows users should ensure their computer installs the update as soon as possible, even if they don't normally use IE to browse sites.

Source: Ars Technica