DIRS.INFO The most relevant business & tech news

☆ France Bracing for Cyberattacks During Summer Olympics
▼ + stars: | 2024-04-08 | by ( Julian E. Barnes | ) www.nytimes.com time to read: +1 min

The Summer Olympics and tensions over the war in Ukraine are likely to make Paris a tempting target for a variety of hacking attempts, including from adversarial countries, France’s top cybersecurity official said on Monday. French officials, including Mr. Strubel, are in Washington this week for consultations with cybersecurity officials. The Paris Olympics will run from July 26 to Aug. 11. The opening ceremony of the 2018 Olympics in Pyeongchang, South Korea, was marred by a cyberattack that caused internet disruptions. Security companies quickly blamed Russia, and the Fancy Bear hacking group tied to Moscow’s intelligence services, for that attack.

Persons: Vincent Strubel, France’s, ransomware, Strubel Locations: Ukraine, Washington, Pyeongchang, South Korea, Russia

WASHINGTON (AP) — The nation’s cybersecurity agency has launched a program aimed at boosting election security in the states, shoring up support for local offices and hoping to provide reassurance to voters that this year's presidential elections will be safe and accurate. Officials with the U.S. Cybersecurity and Infrastructure Security Agency planned to introduce its new election security adviser program Thursday to the National Association of State Election Directors and on Friday to the National Association of Secretaries of State. For state and local election officials, the list of security challenges keeps growing. The CISA program includes 10 new hires, all of whom join the federal agency with extensive election experience. CISA Director Jen Easterly announced plans for the program at a July meeting of the state election directors in South Carolina.

Persons: Jen, Cait Conley, ” Conley, Keith Ingram, Spencer Wood, David Stafford, “, ”, Lori Augino, CISA, Al Schmidt, Karen Brinson Bell, Brinson Bell Organizations: WASHINGTON, U.S, Cybersecurity, Infrastructure Security Agency, National Association of State, National Association of, State, Ohio, State’s, North Carolina State Board Locations: New Hampshire, Fulton County , Georgia, Russia, South Carolina, Texas, Escambia County , Florida, Washington, ”, “

☆ Chinese hackers have lurked in some US infrastructure systems for ‘at least five years’
▼ + stars: | 2024-02-07 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +4 min

The report would be the most detailed disclosure yet by the US government of the hackers’ stealthy techniques, one aimed at helping private owners of critical infrastructure spot the Chinese hackers in their networks. The hackers’ presence in critical US networks has sparked a monthslong effort by US national security officials to kick the hackers out. The report, which US officials are set to release this week, makes clear that the Chinese hackers’ activity began much earlier than previously known, with the hackers scoping and accessing IT systems years ago. The Beijing-backed hackers have been probing systems that control heating, cooling and water, access that, if exploited, could allow them to manipulate those systems and cause “significant infrastructure failures,” the report says. Canada’s cybersecurity agency “assesses that the direct threat to Canada’s critical infrastructure” from the Chinese hackers “is likely lower” than that to US infrastructure, but that Canada would still likely still be affected by a disruption to US infrastructure due to “cross-border integration,” the document says.

Persons: Christopher Wray, Canada’s, “ Organizations: CNN, FBI, US, Embassy, National Security Agency, Cybersecurity, Infrastructure Security Agency Locations: Beijing, China, Taiwan, Washington ,, Guam, Australia, Canada, New Zealand, United Kingdom, Pacific

The Aliquippa water authority's chairman, Matthew Mottes, said federal officials told him that hackers also breached four other utilities and an aquarium. The device breached in Pennsylvania was made by Israel-based Unitronics, according to the U.S. Cybersecurity and Infrastructure Security Agency. Known as a programmable logic controller, it is used across a wide spectrum of industries including water and sewage-treatment utilities, electric companies and oil and gas producers. Experts say many water utilities have paid insufficient attention to cybersecurity. In Pennsylvania, the hack prompted the water authority to temporarily halt pumping Saturday in a remote station that regulates water pressure for customers in two nearby towns.

Persons: John Fetterman, Bob Casey, Chris Deluzio, ”, ” Fetterman, Casey, Deluzio, General Merrick Garland, “, ‘, Israel ’, Matthew Mottes, We’ve, that’s, ” Mottes, Sergey Shykevich, Unitronics, Crews, Biden Organizations: U.S . Justice Department, U.S . Rep, Municipal Water Authority, Twitter, U.S, Cybersecurity, Infrastructure Security Agency, Environmental Protection Agency Locations: HARRISBURG, Pa, Pittsburgh, Sens, Pennsylvania, United States, Israel, Aliquippa , Pennsylvania, Iran, hacktivism, Gaza, U.S, Missouri , Arkansas, Iowa

The latest proposal from EU cybersecurity agency ENISA concerns an EU certification scheme (EUCS) which vouches for the cybersecurity of cloud services and determines how governments and companies in the bloc select a vendor for their business. The document retains key provisions contained in earlier drafts such as a requirement that U.S. tech giants set up a joint venture with an EU-based company to qualify for the EU cybersecurity label. Another provision states that cloud service must be operated and maintained from the EU, while all cloud service customer data must be stored and processed in the EU, with EU laws taking precedence over non-EU laws regarding the cloud service provider. The latest draft sets out the possibility for these tough requirements to be extended to the third highest security level. EU countries are now reviewing the latest draft after which the European Commission will adopt a final scheme.

Persons: OpenAI's, CCIA, ENISA, Alexandre Roure, Foo Yun Chee, Jonathan Oatis Organizations: European, Google, Microsoft, Big Tech, EU, Tech, European Banking Federation, European Savings Banks Group, Association for Financial Markets, Federation, Insurance, Thomson Locations: BRUSSELS, European Union, EU, Europe

☆ Federal appeals court expands limits on Biden administration communications with social media companies
▼ + stars: | 2023-10-03 | by ( Devan Cole | ) edition.cnn.com time to read: +2 min

Washington CNN —A federal appeals court has expanded the scope of a ruling that limits the Biden administration’s communications with social media companies, saying it now also applies to a top US cybersecurity agency. Similar to the ruling last month, in which the appeals court said the federal government had “likely violated the First Amendment” when it leaned on platforms to moderate some content, the new ruling says CISA violates the Constitution. “CISA used its frequent interactions with social media platforms to push them to adopt more restrictive policies on censoring election-related speech,” the three-judge panel wrote. But the court’s new ruling was only modified to add CISA as an enjoined entity. The judges said they were pausing their new injunction for 10 days, and the Biden administration has the option of asking the Supreme Court to issue a more lasting pause on the modified ruling.

Persons: “, CISA, “ CISA, ”, Biden Organizations: Washington CNN, Biden, 5th Circuit, White, Centers for Disease Control, FBI, Infrastructure Security Agency, Department Locations: Missouri

☆ US Senator Wyden asks FTC, CISA, DOJ to 'take action' against Microsoft following hack
▼ + stars: | 2023-07-27 | by ( ) www.reuters.com time to read: +1 min

[1/2] Senator Ron Wyden (D-OR) speaks during the Senate Finance Committee hearing on the nomination of Chris Magnus to be the next U.S. Customs and Border Protection commissioner, in the Dirksen Senate Office Building on Capitol Hill in Washington, DC, U.S., October 19, 2021. In a letter released Thursday, Wyden said that "even with the limited details that have been made public so far, Microsoft bears significant responsibility for this new incident." The FTC, the Justice Department, and the Cybersecurity Agency - known as CISA - did not immediately respond to request seeking comment. Microsoft did not immediately return a request for comment. Reporting by Raphael Satter; Editing by Chizu NomiyamaOur Standards: The Thomson Reuters Trust Principles.

Persons: Ron Wyden, Chris Magnus, Mandel Ngan, Read, Wyden, Raphael Satter, Chizu Organizations: Senate, U.S . Customs, Border Protection, Federal Trade Commission, Infrastructure Security Agency, Department of Justice, Microsoft, FTC, Justice Department, Cybersecurity Agency, Thomson Locations: U.S, Dirksen, Washington , DC, Oregon, China

☆ As China's intelligence capabilities grow, spying becomes an increasing flashpoint in ties with US
▼ + stars: | 2023-06-15 | by ( Simone Mccarthy | ) edition.cnn.com time to read: +12 min

They underscore how intelligence gathering – an activity meant to go on without detection, out of the public eye – is becoming an increasingly prominent flashpoint in the US-China relationship. That pushes intelligence gathering itself to become “another factor that is complicating US-China relations,” he said. That’s especially the case, experts say, as China continues to expand its own intelligence gathering capabilities – catching up in an area where the US has traditionally had an edge. Other arms of the Communist Party apparatus also play a role in activities beyond conventional intelligence gathering, experts say. Heightened concern and awareness about Chinese intelligence gathering – or the potential for it – has exploded in the US in recent years.

Persons: Antony Blinken, Blinken, Bill Burns, ”, Lyle Morris, Christopher Johnson, “, there’s, they’ve, Johnson, Xi Jinping, That’s, Xuezhi Guo, Guo, Xi, Hector Retamal, –, TikTok –, Edward Snowden, ’, Shou Zi Chew, Jabin, John Delury, John T, Downey, Delury Organizations: Hong Kong CNN, US, White House, CIA, CNN, Asia Society, Center for, Central Intelligence Agency, China, Group, U.S . Navy, AP, Guilford College, People’s Liberation Army, Ministry of State Security, Communist Party, Federal Bureau of Intelligence, The New York Times, Huawei, TikTok, Tiktok, US Justice Department, China Initiative, Center for Strategic, International Studies, National Security Agency, US Central Intelligence Agency, Washington, China ”, Energy, Commerce, Capitol, Washington Post, Subversion Locations: Hong Kong, United States, China, Beijing, American, Cuba, US, Center for China, South, Russia, AFP, Washington, USA, South China, Washington , DC

☆ EU draft rules propose tougher cybersecurity labelling rules for Amazon, Google, Microsoft
▼ + stars: | 2023-05-09 | by ( Foo Yun Chee | ) www.reuters.com time to read: +3 min

BRUSSELS, May 9 (Reuters) - Amazon (AMZN.O), Alphabet's (GOOGL.O) Google, Microsoft (MSFT.O) and other non-European Union cloud service providers looking to secure an EU cybersecurity label to handle sensitive data can only do so via a joint venture with an EU-based company, according to an EU draft document seen by Reuters. The document adds the cloud service must be operated and maintained from the EU, and all cloud service customer data stored and processed in the EU and that EU laws take precedence over non-EU laws regarding the cloud service provider. The latest draft proposal from EU cybersecurity agency ENISA concerns an EU certification scheme (EUCS) that would vouch for the cybersecurity of cloud services and determine how governments and companies in the bloc select a vendor for their business. The latest draft could fragment the EU single market as each country has full discretion to impose the requirements whenever it sees fit, an industry source said. EU countries will review the draft later this month after which the European Commission will adopt a final scheme.

☆ Russia tried to influence U.S. elections in 2022 and will do it again, nation's top intel agency says
▼ + stars: | 2023-03-08 | by ( Kevin Breuninger | ) www.cnbc.com time to read: +3 min

Russia conducted malign influence operations in the 2022 U.S. midterm elections and is using increasingly clandestine means to "penetrate the Western information environment," the U.S. intelligence community said in a new report Wednesday. The 2023 report came four months after the most recent midterm elections, where concerns about Russian influence efforts were more muted in comparison with the two previous presidential election cycles in 2016 and 2020. Trump — who during that campaign had called on Russia to find his then-rival Hillary Clinton's emails — later questioned whether Russia interfered in the 2016 election. In 2022, for instance, the office determined that Russia "almost certainly" sees U.S. elections as opportunities for malign influence to influence its foreign policy goals. "These activities can include disseminating false content and amplifying information perceived as beneficial to Russian influence efforts or conspiracy theories."

"But after years of dithering, the German 5G network is deeply dependent on Chinese suppliers. Huawei, ZTE and China's government reject these claims, saying that they are motivated by a protectionist desire to support non-Chinese rivals. The government would ban operators from using certain controlling elements from Huawei and ZTE in 5G networks. The German government was last month unable to answer a recent parliamentary request about how many Huawei components operators were using in their 5G networks. The deadline to remove all Huawei gear from Britain's 5G networks by the end of 2027 remains unchanged.

☆ Tech-sponsored study criticises plan to exclude non-EU cloud vendors
▼ + stars: | 2023-03-06 | by ( Foo Yun Chee | ) www.reuters.com time to read: +2 min

[1/2] 3D printed clouds and figurines are seen in front of the Google Cloud service logo in this illustration taken February 8, 2022. REUTERS/Dado Ruvic/IllustrationBRUSSELS, March 6 (Reuters) - A proposed European Union cloud security label that could exclude Amazon (AMZN.O), Alphabet's (GOOGL.O) Google, Microsoft (MSFT.O) and other non-EU cloud services providers from the bloc is discriminatory and could lead to retaliatory measures, a study commissioned by a tech lobbying group said. At issue is a provision in EU cybersecurity agency ENISA's certification scheme (EUCS) that requires cloud services providers to have their registered head office and global headquarters in the EU and to operate cloud services and store and process customer data in the 27-member bloc. "Member states should now call on the cybersecurity agency and also the European Commission to abandon politically motivated EUCS immunity requirements," he added. A ban could also trigger retaliatory measures by EU trading partners, the think tank said.

☆ Germany planning to ban Huawei, ZTE from parts of 5G networks -paper
▼ + stars: | 2023-03-06 | by ( ) www.reuters.com time to read: +2 min

BERLIN, March 6 (Reuters) - Germany's government is planning on forbidding telecoms operators from using certain components from Chinese companies Huawei and ZTE in their 5G networks, German paper Zeit Online reported on Monday. The ban could include components already built into the networks, requiring operators to remove and replace them, Zeit Online wrote, citing government sources. Huawei, ZTE and the Chinese government reject these claims, saying that they are motivated by a protectionist desire to support non-Chinese rivals. Germany passed an IT security law in 2021 setting high hurdles for makers of telecommunications equipment for next-generation networks, but stopping short of banning Huawei and ZTE as some other countries have done. The government would ban operators from using certain controlling elements from Huawei and ZTE in 5G networks.

☆ Cyberattack on food giant Dole temporarily shuts down North America production, company memo says
▼ + stars: | 2023-02-22 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +5 min

CNN —A cyberattack earlier this month forced produce giant Dole to temporarily shut down production plants in North America and halt food shipments to grocery stores, according to a company memo about the incident obtained by CNN. “Dole Food Company is in the midst of a Cyber Attack and have subsequently shut down our systems throughout North America,” Emanuel Lazopoulos, senior vice president at Dole’s Fresh Vegetables division, said in a February 10 memo to retailers. “They [customers] are upset, but it happens,” Russell told CNN. Customers started asking questions about the bare shelves, Underwood said, prompting the store to post the Dole memo about the cyberattack on its Facebook page. The multibillion-dollar company — officially known as Dole Plc after a 2021 merger between Dole Food Company and Ireland’s Total Produce — sources produce from dozens of countries around the world.

☆ ECB's IT head named as next German cybersecurity chief
▼ + stars: | 2023-02-07 | by ( ) www.reuters.com time to read: +1 min

BERLIN, Feb 7 (Reuters) - Claudia Plattner, the European Central Bank's director general for information systems, was named as Germany's next cybersecurity chief on Tuesday, filling a position left empty for months after the previous head was fired following reports of possible Russia ties. Plattner, a trained mathematician who has held her ECB role since July 2021, will take over as head of the BSI cybersecurity agency starting July 1, the German interior ministry said in a statement. Her predecessor, Arne Schoenbohm, was fired in October and an investigation was launched into his conduct after media allegations that he may have come into contact with Russian security circles through a consultancy he co-founded. Schoenbohm said in October he had himself asked the ministry to launch an investigation. Writing by Miranda Murray Editing by Paul CarrelOur Standards: The Thomson Reuters Trust Principles.

☆ Chip equipment maker MKS Instruments says it is investigating ransomware attack
▼ + stars: | 2023-02-06 | by ( ) www.reuters.com time to read: +1 min

Feb 6 (Reuters) - MKS Instruments Inc (MKSI.O) said on Monday it was investigating a ransomware attack that occurred last week and affected the semiconductor equipment maker's production-related systems. The company said it was in the early stages of investigating the attack that it identified on Feb. 3, adding that costs related to the incident have not been determined. Ransomware is a form of malicious software deployed by criminals which works by encrypting data, with hackers offering the victim a key in return for payments. MKS said it would temporarily suspend operations at some of its facilities, as part of its containment efforts. Italy's National Cybersecurity Agency warned on Sunday that thousands of computer servers had been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers.

☆ Italy sounds alarm on large-scale computer hacking attack
▼ + stars: | 2023-02-05 | by ( ) www.reuters.com time to read: +1 min

ROME, Feb 5 (Reuters) - Thousands of computer servers around the world have been targeted by a ransomware hacking attack, Italy's National Cybersecurity Agency (ACN) said on Sunday, warning organisations to take action to protect their systems. The hacking attack sought to exploit a software vulnerability, ACN director general Roberto Baldoni told Reuters, adding it was on a massive scale. Italy's ANSA news agency, citing the ACN, reported that servers had been compromised in other European countries such as France and Finland as well as the United States and Canada. Telecom Italia customers reported internet problems earlier on Sunday, but the two issues were not believed to be related. Reporting by Elvira Pollina; Writing by Keith Weir; Editing by Jan HarveyOur Standards: The Thomson Reuters Trust Principles.

☆ Exclusive: U.S. Chamber of Commerce warns against draft EU plan to exclude non-EU cloud vendors
▼ + stars: | 2022-12-01 | by ( Foo Yun Chee | ) www.reuters.com time to read: +3 min

REUTERS/Paresh Dave/File PhotoBRUSSELS, Dec 1 (Reuters) - The U.S. Chamber of Commerce and 12 other groups on Thursday warned the European Union against adopting rules that could exclude Amazon (AMZN.O), Alphabet (GOOGL.O) unit Google, Microsoft (MSFT.O) and other non-EU cloud services providers from the European market. ENISA's draft dated May seen by Reuters sets out requirements for a certified cloud service provider (CSP) aimed at preventing and limiting interference from non-EU states with the operation of certified cloud services. "If other countries were to pursue similar policies, European cloud providers could see their own opportunities in non-EU markets dwindle," they said. Not all cloud services," a spokesperson said. The size of the global government cloud market is expected to reach $71.2 billion by 2027 from $27.6 billion in 2021, according to market research firm Imarc Group.

☆ The US' top cybersecurity agency warns against making the 'normal out to be nefarious' as conservatives cry foul over election glitches
▼ + stars: | 2022-11-08 | by ( Nicole Gaudiano | ) www.businessinsider.com time to read: +2 min

The US' top cybersecurity agency said there have been no credible threats to election security or integrity. "When you have 8,800 individual election jurisdictions, you're going to see a few issues," Jen Easterly tweeted. "When you have 8,800 individual election jurisdictions, you're going to see a few issues," tweeted Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency. Easterly's warning comes as conservatives have raised questions about election integrity. But Easterly said CISA has seen "no activity that should cause anyone to question the security, integrity, or resilience of our election infrastructure."

☆ Top U.S. cyber agency to monitor midterm election
▼ + stars: | 2022-11-08 | by ( ) www.reuters.com time to read: +1 min

SAN FRANCISCO, Nov 8 (Reuters) - The top U.S. cybersecurity agency said it plans to monitor and issue security alerts on the congressional election on Tuesday, amid worries about potential efforts to interfere with the vote. Election security has emerged as a key issue in the United States after officials found Russia interfered in the 2016 U.S. election with a campaign of hacking and propaganda intended to hurt Hilary Clinton's chances of winning against Donald Trump. The Cybersecurity and Infrastructure Security Agency (CISA) plans to set up an "Elections Day Operations Center" with public and private sector partners across the country to monitor the midterms, it said in a statement on Monday. "In recent years, election officials have had to contend with increasing disinformation from foreign adversaries, which can cause confusion about election infrastructure and undermine voters' faith in the process," Kim Wyman, CISA's senior election security advisor, said in a statement last week. "Now, when something goes wrong - and with 8,800 election jurisdictions across the country, something will go wrong somewhere - the innocuous can be made to look nefarious."

☆ Ukraine war, geopolitics fuelling cybersecurity attacks -EU agency
▼ + stars: | 2022-11-03 | by ( Foo Yun Chee | ) www.reuters.com time to read: +1 min

BRUSSELS, Nov 3 (Reuters) - Geopolitics such as Russia's invasion of Ukraine has led to more damaging and widespread cybersecurity attacks in the year to July, EU cybersecurity agency ENISA said in its annual report on Thursday. The agency said geopolitical situations - in particular the Russian invasion of Ukraine - were game-changers during the period under review. "Today's global context is inevitably driving major changes in the cybersecurity threat landscape. The new paradigm is shaped by the growing range of threat actors," ENISA Executive Director Juhan Lepassaar said in a statement. About 24% of cybersecurity attacks targeted public administration and governments while 13% targeted digital services providers, the report said.

☆ Australia pathology data stolen as hacking epidemic widens
▼ + stars: | 2022-10-27 | by ( Byron Kaye | ) www.reuters.com time to read: +3 min

SYDNEY, Oct 27 (Reuters) - One of Australia's largest pathology providers said hackers stole medical data of thousands of patients, the country's second such breach in two weeks, deepening fears about how companies collect sensitive customer information. 1 health insurer Medibank Private Ltd (MPL.AX) said criminals took data of all 4 million of its customers. [ read more read moreACL said it first knew of unauthorised access to the IT system of its pathology unit, Medlab, in February and received advice that no information was compromised. 1 grocery chain Woolworths Group Ltd (WOW.AX) then revealed that the data of millions of customers using its bargain shopping website had been compromised. Australia has said it plans to fine companies up to A$50 million ($32 million) for failing to prevent data breaches, but Christie said damages awarded for thefts of medical data were typically higher than for other personal data because of non-economic harm like mental health repercussions.

Last week, Killnet targeted the websites of several U.S. states, successfully knocking Colorado.gov offline for more than a day and briefly interrupting Kentucky.gov. Killnet frequently posts lists of targeted websites on its Telegram channel, encouraging fellow Russia supporters with entry-level hacker skills to join it in trying to disrupt them. The U.S. Department of Transportation and Hartsfield-Jackson Atlanta International Airport didn’t immediately respond to requests for comment. It listed the city of Chicago’s general air travel website, flychicago.com, which was inaccessible Monday, but not that of its major airports, like O’Hare International or Midway International. Similarly, it targeted Hawaii’s state website for air travel, which was also inaccessible, but not Honolulu International.

Search resuls for: "Cybersecurity Agency"

23 mentions found