DIRS.INFO The most relevant business & tech news

Caesars paid around $15 million in ransom to regain access to its systems from the hackers, according to reporting by the Wall Street Journal. Some have been collecting evidence leading to the hackers' identities and are assisting law enforcement, according to the five insiders. The sources say that, following the September casino hacks, the FBI's investigation took on new urgency. Mandia didn't respond directly when asked whether Scattered Spider's identities were known to law enforcement. But he did say that there was no excuse for not arresting hackers who operated from the West.

Persons: Bridget Bennett, Michael Sentonas, Sentonas, Alphabet's, James Foster, Foster, cybercriminals, gona, Kevin Mandia, Mandiant, you've, Zeba Siddiqui, Raphael Satter, Christopher Bing, Chris Sanders, Claudia Parsons Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, U.S . Federal Bureau of Investigation, FBI, MGM Resorts International, Caesars Entertainment, Industry, Reuters, Department of Justice, Caesars, Wall Street, Palo Alto Networks, Microsoft, ex, Telegram, Thomson Locations: Las Vegas , Nevada, U.S, WASHINGTON, America, Palo, American, Baltimore , Maryland, United States, Newark , New Jersey, sextortion, San Francisco, Washington

CNN —The Chinese government has built up the world’s largest known online disinformation operation and is using it to harass US residents, politicians, and businesses—at times threatening its targets with violence, a CNN review of court documents and public disclosures by social media companies has found. Victims face a barrage of tens of thousands of social media posts that call them traitors, dogs, and racist and homophobic slurs. While tech and social media companies have shut down thousands of accounts targeting these victims, they’re outpaced by a slew of new accounts emerging virtually every day. As part of a mission “to manipulate public perceptions of [China], the Group uses its misattributed social media accounts to threaten, harass and intimidate specific victims,” the complaint states. In the past, the Spamouflage network mostly focused on issues domestically relevant to China.

Persons: –, Xi Jinping, Biden, Mike Gallagher, Chen Pokong, ”, Chen, “, Spamouflage’s, Liu Pengyu, ” Liu, Jiayang, Darren Linvill, hasn’t, Fan, Communist Party playbook, Mandiant, Nancy Pelosi, ” Ben Nimmo, George Floyd’s, Ben Nimmo, Lindsay Gorman, Gorman, ” Linvill, Linvill, Spamouflage, Jiajun Qiu, Qiu, ” Qiu Organizations: CNN, US State Department, FBI, Communist Party, Meta, Google, ”, CCP, US Department of Justice, Department, DOJ, China’s Ministry of Public Security, Group, New Yorker, telltale, Media, Clemson University, Capitol, Department of Homeland Security, Marshall Fund’s Alliance, Securing Democracy, YouTube Locations: United States, Beijing, San Francisco, China “, New York, China, New York City, America, Washington, Hong Kong, US, Texas, Virginia, Manassas , Virginia

☆ Russian Spies Behind Cyberattack on Ukrainian Power Grid in 2022 - Researchers
▼ + stars: | 2023-11-09 | by ( Nov. | At A.M. | ) www.usnews.com time to read: +2 min

By James PearsonLONDON (Reuters) - Russian cyber spies were behind a hack which disrupted part of Ukraine's power grid in late 2022, U.S. cybersecurity firm Mandiant, part of Google, said in a report on Thursday, in a rare and advanced form of cyberwarfare. Last October, a massive wave of Russian missile strikes on Ukraine's power network caused blackouts in many parts of the country, prompting Kyiv to halt electricity exports and leaving four regions temporarily without electricity. Sandworm hackers rose to prominence in 2015 after a separate cyberattack against Ukraine’s power grid which cut off power for around 255,000 people. The disruptive, digital, intrusion was widely considered to be one of the first, known, successful cyberattacks against a power network. “There have only been a handful of incidents similar to this, with the majority carried out by Sandworm,” Mandiant analyst Nathan Brubaker said.

Persons: James Pearson, ”, Sandworm, Nathan Brubaker, Christopher Bing, Sharon Singleton Organizations: James Pearson LONDON, Google Locations: Russian, Russia, Ukraine, Kyiv, London, Washington

☆ Israel’s cyber defense chief tells CNN he is concerned Iran could increase severity of its cyberattacks
▼ + stars: | 2023-11-06 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +8 min

So far, suspected Iranian hackers appear to have had minimal impact on their publicly claimed targets in Israel in the last month. But Portnoy said those hackers have been relatively quiet in the latest Israel-Hamas war (Israeli airstrikes have decimated internet infrastructure in Gaza.) “There is a gap between their [cyber] capabilities and their rhetoric,” the official told CNN, referring to Iran-backed hackers. “Even the successful, real cyberattacks are probably not going to be about the actual attack,” John Hultquist, Mandiant’s chief analyst, told CNN. This campaign is “maybe the most sophisticated we have seen from Iran on a technological level,” Sergey Shykevich, threat intelligence group manager at Check Point, told CNN.

Persons: “, ”, Gaby Portnoy, ” Portnoy, Portnoy, –, Christopher Wray, ” Wray, ” Eric Goldstein, CrowdStrike, ” John Hultquist, “ It’s, Solomon, Israel, Adam Meyers, CrowdStrike’s, ” Meyers, Sergey Shykevich Organizations: CNN, Israel National Cyber Directorate, Lebanese, Hezbollah, Palo Alto Networks, Hamas, Infrastructure Security Agency, FBI, Boston Children’s Hospital, ” CNN, Iranian, United Nations, “, Islamic Revolutionary Guard Corps Locations: Iran, Israel, Saudi Arabia, East, Iranian, Syria, Iraq, Tehran, –, Palo, Gaza, Palestine, China, Russia

☆ Alphabet chief Pichai labored in trenches but rose to defend search giant
▼ + stars: | 2023-10-30 | by ( ) www.reuters.com time to read: +2 min

The move was done to give Page fewer direct reports and product units to oversee. * Pichai became CEO of Google in 2015 and all of Alphabet in 2019. * Alphabet, Google's parent company, has a long list of other businesses. Since Pichai became CEO, it acquired Fitbit in 2021 and the security company Mandiant in 2022. * Pichai's total compensation was about $226 million in 2022, more than 800 times the median employee's pay, the company said in a securities filing in April.

Persons: Sundar Pichai, Joe Biden, Narendra Modi, Evelyn Hockstein, Larry Page, Andy Rubin, Page, Pichai, Bard, Diane Bartz, Jonathan Oatis Organizations: Google, U.S, India's, White, REUTERS, Rights, Big Tech, Wharton, Stanford University, Indian Institute of Technology, McKinsey & Co, Thomson Locations: Washington , U.S, Washington, Madurai, Tamil Nadu, India, Indian Institute of Technology Kharagpur

☆ Iranian, Chinese Trolls Seen Pushing Information Operations
▼ + stars: | 2023-10-10 | by ( ) www.wsj.com time to read: 1 min

Known cyber groups linked to Iran and China have been observed by U.S. security researchers promoting online influence operations in relation to the conflict in Israel and Gaza across multiple social media platforms. Iranian-linked actors have been seen posing as Egyptian citizens in order to peddle narratives--largely targeted at Egyptian audiences--supportive of Hamas and critical of Israel’s response to the attacks, said John Hultquist, chief analyst at Google Cloud’s Mandiant Intelligence division. Separately, a China-linked cyber group has been attempting to criticize the Biden administration’s handling of the attacks, he said.

Persons: John Hultquist Organizations: Google, Mandiant Intelligence, Biden Locations: Iran, China, Israel, Gaza

The FBI is investigating the MGM and Caesars breaches, and the companies did not comment on who may be behind them. In some cases - Mandia did not say which ones - hackers tied to Scattered Spider placed bogus emergency calls to summon heavily armed police units to the homes of executives of targeted companies. ALPHV, which according to Mandiant is a "ransomware-as-a-service", would provide services such as a helpdesk, webpage and branding, and in turn get a cut of whatever Scattered Spider would make from the hack. While many ransomware attacks go unpublicised, the MGM hack was a vivid example of the real-world impact of such incidents. Ransomware gangs often function like large organizations, and continue to evolve their methods to adapt to the latest security measures organizations use.

Persons: Bridget Bennett, helpdesk, they’d, Wendi Whitmore, Adam Meyers, it's, Kevin Mandia, Mandiant, Reuters couldn't, CrowdStrike's Meyers, helpdesks, David Bradbury, they've, Bradbury, ALPHV, Okta's Bradbury, Whitmore, Zeba Siddiqui, Raphael Satter, Chris Sanders, Claudia Parsons Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, Alto Networks, Caesars Entertainment, FBI, Caesars, Google, Reuters, Microsoft, British, Thomson Locations: Las Vegas , Nevada, U.S, WASHINGTON, Canada, Japan, United States, reassign, Las Vegas, San Francisco, New York

☆ Hackers who breached casino giants MGM, Caesars also hit 3 other firms, Okta says
▼ + stars: | 2023-09-19 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +3 min

David Bradbury, chief security officer of the identity management company Okta, said five of the company's clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August. In an interview with Reuters, Bradbury didn't name the other companies, but said Okta was cooperating with official investigations into the breaches. "We've seen consistently over the past six to 12 months, a ramp up in these types of attacks," Bradbury said. Bradbury said the group had breached into MGM and obtained access to its Okta client, which allowed it further access to more credentials in the identity management firm's system. Bradbury said Mandiant's description of the group's tactics aligned with what Okta had observed in the recent hacks.

Persons: Bridget Bennett, David Bradbury, Bradbury didn't, Okta, Bradbury, We've, ALPHV, Google's, Zeba Siddiqui, Michael Perry Organizations: MGM, MGM Resorts, REUTERS, FRANCISCO, MGM Resorts International, Caesars Entertainment, Caesars, Reuters, Google's Mandiant Intelligence, Thomson Locations: Las Vegas , Nevada, U.S, Las Vegas, Macau, San Francisco, United States

☆ Cyber criminals are able to break in because they're breaking human trust: Mandiant CEO Kevin Mandia
▼ + stars: | 2023-09-19 | by ( ) www.cnbc.com time to read: 1 min

Share Share Article via Facebook Share Article via Twitter Share Article via LinkedIn Share Article via EmailCyber criminals are able to break in because they're breaking human trust: Mandiant CEO Kevin MandiaKevin Mandia, Mandiant CEO, joins 'Squawk Box' to discuss the cyber security landscape after the recent string of high-profile ransomeware attacks, the cyber security threats facing corporate America, and more.

Persons: Kevin Mandia Kevin Mandia Locations: America

☆ FBI director urges private sector to lend government more support in cyber intelligence
▼ + stars: | 2023-09-18 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +3 min

FBI Director Christopher Wray testifies during a Senate Appropriations Subcommittee on Commerce, Justice, Science, and Related Agencies hearing on Capitol Hill May 10, 2023 in Washington, DC. WASHINGTON, D.C. – FBI Director Christopher Wray said Monday that the federal government is relying more than ever on private sector support to ensure that U.S. infrastructure remains secure. Wray said that artificial intelligence may help China's cyber intelligence operations in their efforts to overpower U.S. defenses, and reiterated that Chinese hackers outnumber the FBI's cyber and intelligence agents by at least 50 to 1. China is poised to "use the fruits of their widespread hacking to power, with AI, even-more-powerful hacking efforts," he added. North Korean hacking groups, for example, often seek to generate revenue for the government while gathering espionage for the state.

Persons: Christopher Wray, Wray, it's, Colonial's Organizations: Commerce, Justice, Science, Capitol, WASHINGTON , D.C, Mandiant's mWise Conference, Google, FBI, Cybersecurity Infrastructure Agency, Colonial Pipeline Locations: Washington , DC, WASHINGTON ,, Washington, China, Korean, Ukraine, Eastern Europe, U.S, East

☆ How a North Korean cyber group impersonated a Washington D.C. analyst
▼ + stars: | 2023-09-18 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +4 min

Jenny Town is a leading expert on North Korea at the Stimson Institute and the director of Stimson's 38 North Program. She uses publicly available data points to paint a picture of North Korean dynamics. But her colleague didn't believe her, Town said, and decided to ask the doppelganger if he was a North Korean spy. The North Korean doppelganger, in the meantime, had decided to break off contact and in a bizarre turn of events, apologized for any confusion and blamed it on "Nk hackers." "I love it," joked Mandiant North Korea analyst Michael Barnhart.

Persons: Kim Jong Un, Jenny Town, They're, didn't, Michael Barnhart Organizations: Sputnik, Russian, Vostochny, WASHINGTON, WASHINGTON , D.C, —, Stimson Institute, APT43, Google, D.C, U.S, Nk Locations: Amur, WASHINGTON ,, North Korea, Mandiant, Koreans, Korean, Korea, North Korean

The cybercrime group has made a ransom demand to MGM as well, those sources told CNBC's Contessa Brewer. The 8-K report, similar to one filed by MGM Resorts on Wednesday, acknowledges the hack as a material event. The cybercrime group demanded a $30 million ransom from Caesars, but the company ultimately agreed to pay about half that, sources said. Bloomberg previously reported the ransom and that the same group is behind the attacks on both companies. It wasn't immediately clear why Caesars delayed filing the report disclosing the hack and ransom for weeks.

Persons: CNBC's Contessa Brewer, Charles Carmakal Organizations: Caesars, CNBC, MGM, U.S . Securities, Exchange, MGM Resorts, Google, Bloomberg, vx, Twitter, Security, SEC Locations: United States, Twilio

☆ Caesars and MGM grapple with cybeattacks as their security in Vegas falls under scrutiny
▼ + stars: | 2023-09-14 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

CNN —Hackers stole Social Security numbers and driver’s license numbers from a “significant number” of loyalty program customers of Caesars Entertainment, the hospitality and casino giant said Thursday. The hackers broke into computer systems via “a social engineering attack” on an IT support contractor, according to the filing. “We have taken steps to ensure that the stolen data is deleted by the unauthorized actor, although we cannot guarantee this result,” Caesars Entertainment said. The company said on Monday, when news of the incident broke, that it had shut down certain computer systems to protect its data. Bloomberg News reported on Wednesday that Scattered Spider was responsible for the pair of cyberattacks on Caesars Entertainment and MGM Resorts.

Persons: “, ”, Charles Carmakal, Mandiant, Rachel Tobac Organizations: CNN, Caesars Entertainment, MGM Resorts, Securities and Exchange Commission, FBI, Mandiant Consulting, Google, Bloomberg, SocialProof Locations: Vegas, Las Vegas, United States, United Kingdom

LAS VEGAS (AP) — Casino company Caesars Entertainment on Thursday joined Las Vegas gambling rival MGM Resorts International in reporting that it was hit by a cyberattack, but added in a report to federal regulators that its casino and online operations were not disrupted. Caesars is the largest casino owner in the world, with more than 65 million Caesars Rewards members and properties in 18 states and Canada under the Caesars, Harrah’s, Horseshoe and Eldorado brands. MGM Resorts said reservations and casino floors in Las Vegas and other states were affected. MGM Resorts has has about 40 million loyalty rewards members and tens of thousands of hotel rooms in Las Vegas at properties including the MGM Grand, Bellagio, Aria and Mandalay Bay. Some MGM Resorts computer systems were still down Thursday, including hotel reservations and payroll.

Persons: “, ”, ” Brett Callow, Emsisoft, Callow, Charles Carmakal, ” Carmakal, Mandiant, ” Mandiant, Brian Ahern, pinky, ’ ”, Frank Bajak Organizations: LAS VEGAS, —, Caesars Entertainment, Las, MGM Resorts International, Securities and Exchange Commission, Social, New, MGM Resorts, “, Caesars, Associated Press, SEC, MGM, Aria, FBI, CNA Financial Locations: Las Vegas, Reno, New Zealand, Russia, U.S, Canada, Harrah’s, Eldorado, Mandalay, China, Macau, British Columbia, Boston

☆ MGM Resorts is still suffering from a massive outage after a notorious group of young hackers apparently tricked workers into handing over access to the company's network
▼ + stars: | 2023-09-14 | by ( Will Gendron | ) www.businessinsider.com time to read: +5 min

MGM Resorts and Caesars Entertainment were compromised by data breaches within weeks of each other. Scattered Spider, the hacking group, tricks people into handing over access to private systems. A cybersecurity expert says Scattered Spider is comprised of mostly young adults from the US and UK. MGM Resorts followed suit, filing its own Form-8K with the SEC. MGM Resorts and Caesars Entertainment both did not immediately respond to Insider's request for comment.

Persons: Charles Carmakal, Carmakal Organizations: MGM Resorts, Caesars Entertainment, US, Service, MGM, Las Vegas . Bloomberg, Caesars, Bloomberg, CNBC, TechCrunch, Mandiant Inc, Google, LinkedIn, US Securities and Exchange Commission, SEC, US Treasury Department Locations: Wall, Silicon, Las Vegas, New York, Vegas, United States

☆ Chinese operatives are using AI photos to trick American voters and turn them against each other, Microsoft says
▼ + stars: | 2023-09-08 | by ( Matthew Loh | ) www.businessinsider.com time to read: +4 min

Microsoft warned that China has been using AI-generated images to sow discord among US voters. Microsoft analysts said it was posted by an account suspected of being run as a Chinese influence operation. "This relatively high-quality visual content has already drawn higher levels of engagement from authentic social media users," the analysts warned. Videos of their protests were then "amplified" by social media accounts used by the operatives, Mandiant added. The social media company said it removed all of them.

Persons: Clint Watts, Watts, Liu Pengyu, Mandiant, Meta Organizations: Microsoft, Embassy, Washington , D.C, Service, Analysts, Chinese Communist Party, Liberty, CCP, Facebook Locations: China, Washington ,, Wall, Silicon, North Korea, Xinjiang

☆ One of the most successful VCs in cybersecurity, Ted Schlien, names 3 new trends to watch
▼ + stars: | 2023-09-07 | by ( Julie Bort | ) www.businessinsider.com time to read: +5 min

One of Kleiner Perkins longest-serving investors quietly launched a firm to specialize in security startups. Schlein sees three big new security markets, including an area he's "most scared about." That's partly because strong security startups tend to command higher-than-typical prices when acquired, Schlein says. Security startup trendsSchlein says he currently sees three big trends for next-gen cybersecurity startups. While at Kleiner, Schlein backed startup Apurio, and wrote a check at Ballistic for ArmorCode.

Persons: Kleiner Perkins, Ted Schlein, Schlein, It's, he's Organizations: Ballistic Ventures, Symantec, Security, Companies, Cequence, IT, Software, Hewlett, Packard, ArmorCode Locations: Kleiner

☆ Google to make disclosure of AI-generated content mandatory for election advertisers
▼ + stars: | 2023-09-06 | by ( ) www.reuters.com time to read: +1 min

Google logo and AI Artificial Intelligence words are seen in this illustration taken, May 4, 2023. REUTERS/Dado Ruvic/Illustration/file photo Acquire Licensing RightsSept 6 (Reuters) - Alphabet Inc's (GOOGL.O) Google will make it mandatory for all election advertisers to add a clear and conspicuous disclosure starting mid-November when their ads contain AI generated content, the company said on Wednesday. The policy would apply to image, video, and audio content, across its platforms, the company said in a blog post. Generative AI would enable groups with limited resources to produce higher quality content at scale, according to Mandiant. Any synthetic content that is irrelevant to the claims made in the ad will be exempted from the disclosure requirements, the advertising and search engine giant said.

Persons: Dado Ruvic, Deepfakes, Mandiant, Akshita, Shailesh Organizations: REUTERS, Google, Thomson Locations: United States, Bengaluru

☆ Russian hackers broke into Ukrainian battlefield tech, pillaging data from Android devices: intel agencies
▼ + stars: | 2023-09-01 | by ( Sinéad Baker | ) www.businessinsider.com time to read: +3 min

Russian hackers breached devices Ukraine was using on the battlefield, Western intel agencies said. The hacking campaign targeted Android devices used by the Ukrainian military, they said. They said they discovered malware that can "steal sensitive information" was being used in a campaign targeting Android devices used by the Ukrainian military. The Five Eyes agencies' announcement backs up Ukraine's claim that Russia was hacking its battlefield tech. The Five Eyes agencies did not comment on this claim.

Persons: Sandworm, John Hultquist, SBU, Elon Musk's Organizations: Western intel, Service, Infrastructure Security Agency, NSA, FBI, GRU, South, Armed Forces, Defense Forces, CNN Locations: Ukraine, Western, Ukrainian, Wall, Silicon, UK, Australia, Canada, New Zealand, Russia

☆ Russian military hackers take aim at Ukrainian soldiers’ battle plans, US and allies say
▼ + stars: | 2023-08-31 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +4 min

CNN —Russian military hackers have been targeting Ukrainian soldiers’ mobile devices in a bid to steal sensitive battlefield information that could aid the Kremlin’s war on Ukraine, the US and its allies warned Thursday. The news shows how the struggle to control sensitive military data in cyberspace has been a key front in Russia’s full-scale war on Ukraine. The Ukrainian government has encouraged a loose band of thousands of volunteer hackers to launch attacks on Russian assets in Ukraine and on Russian soil. Some analysts and US officials have attributed the relatively limited impact of Russian hacking – at least compared with the outsize expectation of Russian cyber prowess – during the war to the same disorganization that has plagued Russian kinetic operations. But the true scope and impacts of Russian cyber operations in Ukraine is very difficult to pin down in the fog of war, where both sides have incentive to exaggerate their successes.

Persons: Elon Musk’s, “, ”, John Hultquist, Hultquist, ” Paul Chichester, idly, Paul Nakasone Organizations: CNN, Google, Russian Embassy, Cyber Security, Pentagon, Command Locations: Russian, Ukraine, Australia, Canada, New Zealand, United Kingdom, Russia’s, Washington ,, Russia, Ukrainian

☆ A.I. use rising in influence campaigns online, but impact limited - US cyber firm
▼ + stars: | 2023-08-17 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

An AI (Artificial Intelligence) sign is seen at the World Artificial Intelligence Conference (WAIC) in Shanghai, China July 6, 2023. Researchers at the Virginia-based company found "numerous instances" since 2019 in which AI-generated content, such as fabricated profile pictures, had been used in politically-motivated online influence campaigns. Generative AI would enable groups with limited resources to produce higher quality content at scale, Mandiant researchers said. Yet, the impact of such campaigns was limited. "Thus far, we haven't seen a single incident response where AI played a role," said Joyce.

Persons: Aly, Mandiant, Sandra Joyce, Joyce, Zeba Siddiqui, Alexandra Hudson Organizations: Artificial Intelligence, REUTERS, FRANCISCO, Google, Security, targetting, Mandiant Intelligence, Alexandra Hudson Our, Thomson Locations: Shanghai, China, Virginia, Russia, Iran, Ethiopia, Indonesia, Cuba, Argentina, Mexico, Ecuador, El Salvador, Hong Kong, North Korea, San Francisco

☆ Pro-Chinese online influence campaign promoted protests in Washington, researchers say
▼ + stars: | 2023-07-24 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +2 min

CNN —A Chinese marketing firm likely organized and promoted protests in Washington last year as part of a wide-ranging pro-Beijing influence campaign, according to new research. One of the protests only attracted roughly a dozen people but it showed the scope and ambition of the pro-China efforts. The hired protesters, who included self-proclaimed musicians and actors in the Washington, DC, area, apparently had no idea they were being enlisted in a pro-China influence campaign, the Mandiant researchers said. Haixun, the Chinese firm, distributed videos of the protesters online to further the influence campaign, according to Mandiant. Liu Pengyu, a spokesperson for the Chinese Embassy in Washington, said he was unaware of the details of the research.

Persons: Mandiant, ” Ryan Serabian, Liu Pengyu, ” Liu, Joe Biden, Republican Sen, Marco Rubio Organizations: CNN, China, Shanghai Haixun Technology, Embassy, Washington Post, stoke American, FBI, Republican Locations: Washington, Beijing, China, Xinjiang, DC, Shanghai, Mandiant, Russia, Marco Rubio of Florida

☆ Factbox: The Chinese groups accused of hacking the US and others
▼ + stars: | 2023-07-21 | by ( ) www.reuters.com time to read: +4 min

July 21 (Reuters) - Chinese hacking teams have been blamed by Western intelligence agencies and cybersecurity groups for digital intrusion campaigns across the world, targeting everything from government and military organisations to corporations and media groups. The Chinese authorities said it was not aware of such hacking and described the accusations as baseless. Palo Alto Networks, a U.S. cybersecurity firm, said its research showed BackdoorDiplomacy had links to the Chinese state and was part of the APT15 hacking group. The Chinese authorities have described such reports as "groundless accusations." APT 27Western intelligence agencies and cybersecurity researchers say Chinese hacking team APT 27 is sponsored by the state and has launched multiple attacks on Western and Taiwanese government agencies.

Persons: Gina Raimondo, China Nicholas Burns, Daniel Kritenbrink, BackdoorDiplomacy, TeamT5, Nancy Pelosi, Pelosi, Mandiant, Fanny Potkin, John Geddie, Jamie Freed Organizations: Microsoft, . Commerce, Wall, Storm, Reuters, Alto Networks, APT, U.S Department Justice, U.S, Thomson Locations: China, Beijing, U.S, East Asia, Washington, Western, Taiwan, Japan, South Korea, United States, Hong Kong

WASHINGTON/LONDON, July 12 (Reuters) - Chinese state-linked hackers since May have secretly accessed email accounts at around 25 organizations, including U.S. government accounts, in a stealthy cyberespionage campaign, Microsoft (MSFT.O) and U.S. officials said on Wednesday. Microsoft did not say which organizations or governments had been affected, but added that the hacking group involved primarily targets entities in Western Europe. White House National Security Council spokesman Adam Hodge said an intrusion in Microsoft's cloud security "affected unclassified systems," without elaborating. The State Department "detected anomalous activity" and "took immediate steps to secure our systems," a department spokesperson said in a statement. Private sector cybersecurity experts have said newly discovered hacking activity shows how Chinese groups are improving their cyber capabilities.

Persons: Jake Sullivan, ABC's, Adam Hodge, Hodge, John Hultquist, Will Dunham Organizations: WASHINGTON, Microsoft, White House, U.S . State Department, ., White, National Security, The State Department, U.S, Thomson Locations: LONDON, U.S, United States, Western Europe, China's, London, China

☆ Chinese intelligence hacked State Department emails in ‘significant’ breach
▼ + stars: | 2023-07-12 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +4 min

US National Security Council Coordinator for Strategic Communications John Kirby speaks during the daily briefing in the James S Brady Press Briefing Room of the White House in Washington, DC, on June 5, 2023. Chinese intelligence hacked into Microsoft email accounts belonging to two dozen government agencies, including the State Department, in the United States and Western Europe in a "significant" breach, according to Microsoft and U.S. national security officials. "The Senate Intelligence Committee is closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence," Sen. Mark Warner, D-VA, and chair of the Select Committee on Intelligence said Wednesday. The compromise was "mitigated" by Microsoft cybersecurity teams after it was first reported to the company in mid-June 2023, Microsoft said in a pair of blog posts about the incidents. It's also a timely example of the kind of threat that U.S. national security officials have been warning about for months and years.

Persons: Strategic Communications John Kirby, James, Brady, Sen, Mark Warner, Mandiant, Charles Carmakal, Adam Hodge, Covington Organizations: National Security, Strategic Communications, White, Microsoft, State Department, Senate Intelligence, Intelligence, U.S, Warner, of State, CNBC, National Security Council, FBI, Infrastructure Security Agency, Security, Wall Street Locations: Washington ,, United States, Western Europe, China, Burling, Guam, It's, U.S

Search resuls for: "Mandiant"

25 mentions found