Groups Similar Look up By Text Browse About

Similar articles
Article Id Title Prob Score Similar Compare
212194 ARSTECHNICA 2021-7-19:
US warns China over state-sponsored hacking, citing mass attacks on Exchange
1.000 Find similar Compare side-by-side
212428 ZDNET 2021-7-19:
DOJ charges four members of Chinese government hacking group
0.983 0.738 Find similar Compare side-by-side
212426 ZDNET 2021-7-19:
UK and White House blame China for Microsoft Exchange Server hack
0.948 0.722 Find similar Compare side-by-side
212326 TECHREPUBLIC 2021-7-19:
US and allies finger China in Microsoft Exchange hack
0.965 0.676 Find similar Compare side-by-side
212302 ZDNET 2021-7-21:
China dismisses Exchange attribution and accuses US of whitewashing its cyber heists
0.169 0.625 Find similar Compare side-by-side
212524 ARSTECHNICA 2021-7-21:
Home and office routers come under attack by China state hackers, France warns
0.033 0.425 Find similar Compare side-by-side
212329 ZDNET 2021-7-20:
DHS releases new mandatory cybersecurity rules for pipelines after Colonial ransomware attack
0.394 Find similar Compare side-by-side
212608 ZDNET 2021-7-21:
Japanese government official says Olympic ticket data leaked
0.389 Find similar Compare side-by-side
212543 ARSTECHNICA 2021-7-22:
Saudi Aramco confirms data leak after $50 million cyber ransom demand
0.386 Find similar Compare side-by-side
212411 ZDNET 2021-7-16:
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks
0.376 Find similar Compare side-by-side
212432 ZDNET 2021-7-19:
Singapore goes online in hunt for intelligence officers
0.373 Find similar Compare side-by-side
212207 ARSTECHNICA 2021-7-19:
“Clickless” exploits from Israeli firm hacked activists’ fully updated iPhones
0.350 Find similar Compare side-by-side
211992 ZDNET 2021-7-16:
Chinese APT LuminousMoth abuses Zoom brand to target gov't agencies
0.347 Find similar Compare side-by-side
212279 THEVERGE 2021-7-21:
‘PlugWalkJoe’ arrested in connection with 2020 hack of famous Twitter accounts
0.341 Find similar Compare side-by-side
212421 ZDNET 2021-7-19:
NSO Group's Pegasus spyware used against journalists, political activists worldwide
0.333 Find similar Compare side-by-side
212603 ZDNET 2021-7-21:
US House terminates deal with iConstituent after company waited days to raise ransomware alarm
0.331 Find similar Compare side-by-side
212601 ZDNET 2021-7-22:
Saudi Aramco denies breach after hackers hawk stolen files
0.328 Find similar Compare side-by-side
212430 ZDNET 2021-7-19:
MITRE announces first evaluations of cybersecurity tools for industrial control systems
0.323 Find similar Compare side-by-side
212431 ZDNET 2021-7-19:
Law firm for Ford, Boeing, Exxon, Marriott, Walgreens, and more hacked in ransomware attack
0.322 Find similar Compare side-by-side
212585 TECHREPUBLIC 2021-7-22:
The ransomware risk management calculus is changing for OT, ICS and critical infrastructure
0.321 Find similar Compare side-by-side
212609 ZDNET 2021-7-21:
UK national arrested in Spain after DOJ indictment for Twitter hack
0.321 Find similar Compare side-by-side
212441 ZDNET 2021-7-20:
Microsoft heads to court to take on imposter, homoglyph domains
0.316 Find similar Compare side-by-side
212633 ZDNET 2021-7-22:
Attacks on critical infrastructure are dangerous. Soon they could turn deadly, warn analysts
0.315 Find similar Compare side-by-side
212251 ARSTECHNICA 2021-7-17:
Facebook catches Iranian spies catfishing US military targets
0.314 Find similar Compare side-by-side
212063 ZDNET 2021-7-16:
May ransomware blight all the cyber stragglers and let God sort them out
0.310 Find similar Compare side-by-side


ID: 212194


Date: 2021-07-19

US warns China over state-sponsored hacking, citing mass attacks on Exchange

US: Chinese state-backed hackers perpetrated "massive cyber espionage operation." The US government blamed the Chinese government on Monday for attacks on thousands of Microsoft Exchange servers. China's Ministry of State Security (MSS) "has fostered an ecosystem of criminal contract hackers who carry out both state-sponsored activities and cybercrime for their own financial gain," US Secretary of State Antony Blinken said in a statement that blamed the MSS for the Microsoft Exchange hacks. The US government and its allies "formally confirmed that cyber actors affiliated with the MSS exploited vulnerabilities in Microsoft Exchange Server in a massive cyber espionage operation that indiscriminately compromised thousands of computers and networks, mostly belonging to private sector victims," Blinken said. Blinken's statement was released alongside a Justice Department announcement that three MSS officers and one other Chinese national were indicted by a federal grand jury on charges related to a different series of hacks into the "computer systems of dozens of victim companies, universities, and government entities in the United States and abroad between 2011 and 2018. " Blinken said that the US "and countries around the world are holding the People's Republic of China (PRC) accountable for its pattern of irresponsible, disruptive, and destabilizing behavior in cyberspace, which poses a major threat to our economic and national security." The US did not announce any new sanctions against China, but Blinken said the indictment is evidence that "the United States will impose consequences on PRC malicious cyber actors for their irresponsible behavior in cyberspace." The Microsoft Exchange attacks have been public knowledge for over four months. "Tens of thousands of US-based organizations are running Microsoft Exchange servers that have been backdoored by threat actors who are stealing administrator passwords and exploiting critical vulnerabilities in the email and calendaring application," we wrote on March 6. The attacks were unusual because six hacking groups exploited vulnerabilities before Microsoft issued a patch. Compromised Exchange servers were also hit with multiple types of ransomware. Today, Blinken said, "Responsible states do not indiscriminately compromise global network security nor knowingly harbor cyber criminals —let alone sponsor or collaborate with them. These contract hackers cost governments and businesses billions of dollars in stolen intellectual property, ransom payments, and cybersecurity mitigation efforts, all while the MSS had them on its payroll. " The European Union issued a statement today saying the attacks were "conducted from the territory of China for the purpose of intellectual property theft and espionage," but it did not say the attackers were state-sponsored. "We continue to urge the Chinese authorities to adhere to these norms and not allow its territory to be used for malicious cyber activities, and take all appropriate measures and reasonably available and feasible steps to detect, investigate and address the situation," the EU said. The United Kingdom's statement today said, "The UK is joining like-minded partners to confirm that Chinese state-backed actors were responsible for gaining access to computer networks around the world via Microsoft Exchange servers." Later in the release, the UK said its National Cyber Security Centre "is almost certain that the Microsoft Exchange compromise was initiated and exploited by a Chinese state-backed threat actor," namely Hafnium, and that the "attack was highly likely to enable large-scale espionage, including acquiring personally identifiable information and intellectual property." The Justice Department said the 2011-2018 hacking campaign "targeted victims in the United States, Austria, Cambodia, Canada, Germany, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, and the United Kingdom" and stole trade secrets, medical research, and other sensitive information: Targeted industries included, among others, aviation, defense, education, government, health care, biopharmaceutical and maritime. Stolen trade secrets and confidential business information included, among other things, sensitive technologies used for submersibles and autonomous vehicles, specialty chemical formulas, commercial aircraft servicing, proprietary genetic-sequencing technology and data, and foreign information to support China's efforts to secure contracts for state-owned enterprises within the targeted country (e.g., large-scale high-speed railway development projects). At research institutes and universities, the conspiracy targeted infectious-disease research related to Ebola, MERS, HIV/AIDS, Marburg, and tularemia. The four Chinese nationals were indicted by a federal grand jury in San Diego in May. The indictment was unsealed Friday and "alleges that much of the conspiracy's theft was focused on information that was of significant economic benefit to China's companies and commercial sectors, including information that would allow the circumvention of lengthy and resource-intensive research and development processes," the Justice Department said. "These criminal charges once again highlight that China continues to use cyber-enabled attacks to steal what other countries make, in flagrant disregard of its bilateral and multilateral commitments," Deputy Attorney General Lisa Monaco said. Three of the four indicted people—Ding Xiaoyang, Cheng Qingmin, and Zhu Yunmin—were officers in the Hainan State Security Department (HSSD), an arm of China's MSS, the Justice Department said. They "sought to obfuscate the Chinese government's role" in the hacks "by establishing a front company, Hainan Xiandun Technology Development Co., Ltd.," the department said. The fourth indicted person was Wu Shurong, "a computer hacker who, as part of his job duties at Hainan Xiandun, created malware, hacked into computer systems operated by foreign governments, companies and universities, and supervised other Hainan Xiandun hackers," the Justice Department said. The US government today also issued an advisory on the tactics, techniques, and procedures used by Chinese state-sponsored attackers. "The FBI and our partners are determined to disrupt the increasingly sophisticated Chinese state-sponsored cyber activity that targets US political, economic, military, education, and counterintelligence personnel and organizations," FBI Cyber Division Assistant Director Bryan Vorndran said.