FBI Director Wray says Chinese hackers are preparing to attack critical US infrastructure

Wray-at-Podium

Important Takeaways:

  • Chinese government-linked hackers have burrowed into U.S. critical infrastructure and are waiting “for just the right moment to deal a devastating blow,” FBI Director Christopher Wray said on Thursday.
  • An ongoing Chinese hacking campaign known as Volt Typhoon has successfully gained access to numerous American companies in telecommunications, energy, water and other critical sectors, with 23 pipeline operators targeted, Wray said in a speech at Vanderbilt University.
  • “Its plan is to land low blows against civilian infrastructure to try to induce panic.”
  • Earlier this week, a Chinese Ministry of Foreign Affairs spokesperson said Volt Typhoon was in fact unrelated to China’s government, but is part of a criminal ransomware group.
  • Wray said China’s hackers operated a series of botnets – constellations of compromised personal computers and servers around the globe – to conceal their malicious cyber activities.

Read the original article by clicking here.

FBI claims China is engaging in both traditional, economic espionage, and more

FBI Wray

Important Takeaways:

  • FBI says China is ‘defining threat of our generation’ with hackers ready to ‘wreak havoc’ in US
  • FBI Director Christopher Wray has said the national security threats in the US are ‘more complex and sophisticated than ever’ as he claimed China is ‘becoming more aggressive’
  • He said: “Today’s national security threats are more complex and sophisticated than ever. We’re seeing hostile nation-states becoming more aggressive in their efforts to steal our secrets and our innovation, target our critical infrastructure, and export their repression to our shores.
  • “Front and center is China—the defining threat of our generation. To put it simply, the CCP [Communist Party of China] is throwing its whole government at undermining the security and economy of the rule-of-law world.”
  • Wray warned officials that “China’s hacking program is larger than that of every other major nation combined.”
  • “If each one of the FBI’s cyber agents and intelligence analysts focused exclusively on the China threat, China’s hackers would still outnumber FBI cyber personnel by at least 50 to 1”, he added.
  • In the alarming speech, the FBI claimed China is engaging in “traditional espionage and economic espionage, foreign malign influence, election interference, and transnational repression—often working in tandem.”

Read the original article by clicking here.

China hackers are targeting water reservoirs, and treatment plants, pipelines and transportation

China-US-flags-burning

Important Takeaways:

  • China’s ‘Unrestricted Warfare’: Is It Here Already?
  • China-linked hackers appear to be looking to attack U.S. infrastructure, especially key components such as the electrical grid, water reservoirs and treatment plants, pipelines, and transportation and communications systems, among other targets.
  • The goal is seemingly to disrupt the U.S. everything critical to life – if you have no electricity, your cellphone will not work; no water will come out of the tap; gas pumps will not pump gas; flights and trains will stop, and disease from disabled sewage treatment plants will spread. There will be havoc and panic. The government and military will be unable to protect the nation. That is what is meant by “unrestricted warfare.” Not a bullet was fired. It did not have to be. According to Sun Tzu’s The Art of War, it is perfect.
  • What are some of the steps that should be taken?
  • The West has correctly identified the CCP as the malign threat that it is; now we have a responsibility to put into place the measures and deterrents to prevent it from attacking us through cyberspace or any other way. Let us not wait until we experience a 9/11-scale cyberattack that could be far more damaging to the U.S. than what took place on that dark day more than 20 years ago.

Read the original article by clicking here.

Million Dollar Question: Michael Snyder speculates the possibility of what caused major telecommunication failure across the country

hacker-cyberwar

Important Takeaways:

  • Was America Just Attacked? We Have Now Been Put On Notice That Our Communication Infrastructure Is Extremely Vulnerable
  • [Daily Mail reported] Once the outage began, federal authorities moved very rapidly to determine whether it was a cyberattack or not…
    • Federal agencies are ‘urgently investigating’ whether the massive cellular outage that plagued Americans on Thursday was a cyberattack.
    • The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) are on the hunt to track down what disrupted service AT&T, Verizon, T-Mobile and a dozen other cellular providers.
    • While the agencies have not shared details, a security expert told DailyMail.com that the outage has hallmarks of a hack.
    • McKnight, associate professor at Syracuse University in New York, said the widespread nature appears to be ‘a massive Distributed Denial of Service (DDOS) attack on core Internet infrastructure.’
  • I have a feeling that they will assure the general public that it was not a cyberattack no matter what they discover.
  • In situations such as these, keeping everyone calm is often deemed more important than telling them the truth.
  • [The Express Reports] Interestingly, pharmacies all over the U.S. were also having major problems on Thursday due to a cyberattack against “one of the biggest healthcare technology companies in the nation”…
    • Pharmacies all over the country are experiencing delays in prescription orders due to a cyberattack on one of the biggest healthcare technology companies in the nation, Change Healthcare.
    • Change Healthcare first noticed the “cyber security issue” affecting its networks on Wednesday morning on the East Coast.
  • Today, there are a number of foreign powers that possess very robust cyberattack capabilities.
  • One of them is China, and the Washington Post is reporting on a trove of leaked documents that show that the Chinese “are attempting large-scale, systematic cyber intrusions against foreign governments, companies and infrastructure”…
    • A trove of leaked documents from a Chinese state-linked hacking group shows that Beijing’s intelligence and military groups are attempting large-scale, systematic cyber intrusions against foreign governments, companies and infrastructure — with hackers of one company claiming to be able to target users of Microsoft, Apple and Google.
    • The cache — containing more than 570 files, images and chat logs — offers an unprecedented look inside the operations of one of the firms that Chinese government agencies hire for on-demand, mass data-collecting operations.
    • Of course, I have no idea if China was involved in the incidents that we witnessed today.
    • But without a doubt the Chinese have some of the most advanced cyberattack capabilities in the entire world.
  • On Thursday, U.S. Senator Marco Rubio ominously warned about what China could do to us if a full-scale war breaks out…
    • ‘I don’t know the cause of the AT&T outage,’ said Sen. Marco Rubio, Fla., top Republican on the Intelligence Committee.
    • ‘But I do know it will be 100 times worse when #China launches a cyber attack on America on the eve of a #Taiwan invasion. And it won’t be just cell service they hit, it will be your power, your water and your bank,’ he went on.
  • He is right.
  • But the Russians have similar capabilities.
  • So do the North Koreans.
  • In all of human history, there has never been a “cyberwar”, and so we don’t know exactly what one would look like.
  • But it is clear that our communication infrastructure is extremely vulnerable, and what we just witnessed should definitely be a wakeup call for all of us

Read the original article by clicking here.

Iran-backed hackers targeting local water station in the US using Israeli made equipment

Hacker

Important Takeaways:

  • The Iranian group loaded the water station’s computer screens with messages saying “Down with Israel!” and “Every equipment ‘Made in Israel’ Is Cyber Av3ngers legal target.”
  • The station attacked by the Iranian hackers is part of the water pressure system for Raccoon and Potter Townships in Pennsylvania.
  • According to Municipal Water Authority of Aliquippa board chairman Matthew Mottes, alarms were triggered as soon as the system was compromised, and the water quality of the two townships was never in serious danger.
  • Mottes said the water booster station uses equipment made by Unitronics, an automation company headquartered in Israel. The compromised system was disabled for safety as soon as the hack was detected.

Read the original article by clicking here.

U.S. Infrastructure being targeted according to NSA memo

Revelations 6:3-4 “when he opened the second seal, I heard the second living creature say, “Come!” 4 And out came another horse, bright red. Its rider was permitted to take peace from the earth, so that people should slay one another, and he was given a great sword.

Important Takeaways:

  • Microsoft warns that China hackers attacked U.S. infrastructure
  • Chinese state-sponsored hackers have compromised “critical” cyber infrastructure in a variety of industries, including government and communications organizations, Microsoft said Wednesday.
  • The hacking group is code-named “Volt Typhoon,” and has been in operation since 2021.
  • Impacted parties have already been notified.
  • The National Security Agency put out a bulletin Wednesday, detailing how the hack works and how cybersecurity teams should respond.
  • The attack is apparently ongoing. In the advisory, Microsoft urged impacted customers to “close or change credentials for all compromised accounts.”
  • U.S. intelligence agencies became aware of the incursion in February, around the same time that a Chinese spy balloon was downed, The New York Times reported.

Read the original article by clicking here.

US airports targeted by Russian Hackers

Revelations 6:3-4 “when he opened the second seal, I heard the second living creature say, “Come!” 4 And out came another horse, bright red. Its rider was permitted to take peace from the earth, so that people should slay one another, and he was given a great sword.

Important Takeaways:

  • Russian-speaking hackers knock multiple US airport websites offline. No impact on operations reported
  • More than a dozen public-facing airport websites, including those for some of the nation’s largest airports, appeared inaccessible Monday morning, and Russian-speaking hackers claimed responsibility.
  • No immediate signs of impact to actual air travel were reported, suggesting the issue may be an inconvenience for people seeking travel information.
  • The 14 websites include the one for Atlanta’s Hartsfield-Jackson International Airport. An employee there told CNN there were no operational impacts.
  • The Los Angeles International Airport website was offline earlier but appeared to be restored shortly before 9 a.m. Eastern. A spokesman did not immediately return a request for comment.

Read the original article by clicking here.

‘Time for Hacktivism’ Hackers target prolife organizations and prolife government offices

Matthew 5:10 ““Blessed are those who are persecuted for righteousness’ sake, for theirs is the kingdom of heaven.”

Important Takeaways:

  • HACKERS DECLARE WAR ON ANTI-ABORTION STATES
  • The group, called SeigedSec,.. mostly work to cull user data from private companies.
  • The Supreme Court decision has led them to declare that it’s “time for some hacktivism”
  • As added pressure to the [US] government, we have leaked many internal documents and files retrieved from Kentucky’s and Arkansas’ government server.”
  • The group claims to have already stolen about 8 gigabytes of data, which they say includes government workers’ personal information.
  • “THE ATTACKS WILL CONTINUE!” The hackers promised in their Telegram post. “Our main targets are any pro-life entities, including government servers of the states with anti-abortion laws.”

Read the original article by clicking here.

U.S. and Russian officials will meet next week on ransomware – White House

By Raphael Satter and Andrea Shalal

WASHINGTON (Reuters) -Ransomware attacks on U.S. businesses, such as the latest one centered on Florida IT firm Kaseya, will be discussed at a meeting of senior U.S. and Russian officials next week, the White House said on Tuesday.

“We expect to have a meeting next week focused on ransomware attacks,” spokeswoman Jen Psaki told reporters.

The ransomware attack on Friday scrambled the data of hundreds of small businesses worldwide, including many in the United States. Kaseya said in a statement on Tuesday they were never a threat to critical U.S. infrastructure, however.

The cyberattack was the latest in a series of intrusions from hackers who have made a lucrative business out of holding organizations’ data hostage in return for digital currency payments.

Although cybercrimes have been going on for years, the attacks have escalated dramatically recently, and an intrusion at Colonial Pipeline in May snarled U.S. gasoline supplies up and down the East Coast.

Psaki said Biden would meet with officials from the Justice Department, State Department, the Department of Homeland Security and the intelligence community on Wednesday to discuss ransomware and U.S. efforts to counter it.

The hack that struck Kaseya’s clients – many of whom are back office IT shops commonly referred to as managed service providers – did not have the same kind of impact in the United States as the ransoming of Colonial Pipeline.

Disruption elsewhere was more severe.

In Sweden, many of the 800 grocery stores run by the Coop chain are still in the process of recovering from the attack, which knocked out most of its supermarkets, though a spokesman told Reuters “we have more open stores than closed ones now.”

In New Zealand, 11 schools and several kindergartens were affected.

Germany’s cybersecurity watchdog, BSI, said on Tuesday that it was aware of three IT service providers in Germany that have been affected, with a spokesperson estimating that several hundred companies were touched overall.

“In Germany there are no cases as prominent as the one in Sweden,” the spokesperson added.

The hackers who claimed responsibility for the breach have demanded $70 million to restore all the affected businesses’ data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters.

(Reporting by Raphael Satter; Douglas Busvine in Frankfurt and Johan Ahlander in Stockholm also contributed reporting. Editing by Kirsten Donovan, Alistair Bell and Sonya Hepinstall)

Russian security chief says Moscow will work with U.S. to find hackers

MOSCOW (Reuters) -Russia will work with the United States to track down cyber criminals, the head of the FSB security service said on Wednesday, a week after U.S. President Joe Biden and Russian President Vladimir Putin agreed to increase cooperation in certain areas.

“We will work together (on locating hackers) and hope for reciprocity,” the RIA news agency quoted FSB chief Alexander Bortnikov as saying at a security conference in Moscow.

Deputy Foreign Minister Sergei Ryabkov told an investor conference that Russia had been “able to establish a very thorough and down-to-earth exchange with the U.S. side” on cyber security.

Another senior ministry official said Moscow was awaiting an answer from Washington on starting consultations, TASS news agency reported.

Biden told Putin at the summit that certain critical infrastructure should be “off-limits” to cyber-attacks after hackers seeking ransom money triggered the brief closure of a major U.S. oil pipeline network.

Washington has said those responsible for some cyber-attacks in the United States have been working either directly for the Russian government or from Russian territory. The Kremlin has denied any state involvement.

Putin and Biden also agreed to embark on negotiations to lay the groundwork for arms control agreements and risk-reduction measures.

Defense Minister Sergei Shoigu said on Wednesday that Moscow had requested greater transparency about the deployment of missiles in Europe.

He said Putin had proposed measures such as a moratorium on the deployment of intermediate- and short-range missiles in Europe to build mutual trust. The Kremlin has accused NATO of dismissing the proposals.

“The overall situation in Europe is explosive, which requires concrete steps to de-escalate it,” Shoigu said. “We are ready to work towards this.”

Russia’s relations with the West are at post-Cold War lows, strained by issues ranging from Moscow’s 2014 annexation of Crimea from Ukraine to allegations of Russian hacking of U.S. elections.

(Reporting by Maria Kiselyova and Tom Balmforth; Writing by Olzhas Auyezov/Gabrielle Tétrault-Farber; Editing by Kevin Liffey)