Among the measures, it directs the government to implement "strong identity authentication and encryption" across communications, according to an undated draft
Taiwan's Government Service Network, or GSN, received a daily average of 2.4 million attacks last year, double the daily average of 1.2 million in 2023
The Chinese embassy in Washington opposes US "smear attacks against China without any factual basis," it said in an emailed statement
An independent and highly respected cyber security firm has confirmed the containment, Verizon said
A ninth US telecom firm has been confirmed to have been hacked as part of a sprawling Chinese espionage campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans, a top White House official has said. Biden administration officials said this month that at least eight telecommunications companies, as well as dozens of nations, had been affected by the Chinese hacking blitz known as Salt Typhoon. But deputy national security adviser Anne Neuberger told reporters Friday that a ninth victim had been identified after the administration released guidance to companies about how to hunt for Chinese culprits in their networks. The update from Neuberger is the latest development in a massive hacking operation that has alarmed national security officials, exposed cybersecurity vulnerabilities in the private sector and laid bare China's hacking sophistication. The hackers compromised the networks of telecommunications companies to
US authorities said the operation aimed to give Chinese actors persistent access to American telecom networks by exploiting vulnerabilities in devices such as routers and switches
White House last week said at least eight telecommunications and telecom infrastructure firms in the United States had been impacted and a large number of Americans' metadata has been stolen
The update comes after officials from the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency said Tuesday
Federal authorities on Tuesday urged telecommunication companies to boost network security following a sprawling Chinese hacking campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans. The guidance issued by the FBI and the Cybersecurity and Infrastructure Security Agency is intended to help root out the hackers and prevent similar cyberespionage in the future. Officials who briefed reporters on the recommendations said the US still doesn't know the true scope of China's attack or the extent to which Chinese hackers still have access to US networks. In one sign of the global reach of China's hacking efforts, the government's warning was issued jointly with security agencies in New Zealand, Australia and Canada, members of the Five Eyes intelligence alliance, which also includes the US and Britain. Dubbed Salt Typhoon by analysts, the wide-ranging cyberespionage campaign emerged earlier this year after hackers sought
The hearing will include CrowdStrike Senior Vice President Adam Meyers and Telecommunications Industry Association CEO David Stehlin, Strategy Risks CEO Isaac Stone Fish and Sam Bresnick, research
According to one of the sources, the Chinese hackers also targeted senior Biden administration officials
In a scathing indictment of Microsoft corporate security and transparency, a Biden administration-appointed review board issued a report Tuesday saying a cascade of errors by the tech giant let state-backed Chinese cyber operators break into email accounts of senior US officials including Commerce Secretary Gina Raimondo. The Cyber Safety Review Board, created in 2021 by executive order, describes shoddy cybersecurity practices, a lax corporate culture and a lack of sincerity about the company's knowledge of the targeted breach, which affected multiple US agencies that deal with China. It concluded that Microsoft's security culture was inadequate and requires an overhaul" given the company's ubiquity and critical role in the global technology ecosystem. Microsoft products underpin essential services that support national security, the foundations of our economy, and public health and safety. The panel said the intrusion, discovered in June by the State Department and dating to May w
Hackers linked to the Chinese government launched a sweeping, state-backed operation that targeted US officials, journalists, corporations, pro-democracy activists and the UK's election watchdog, American and British authorities said on Monday in announcing a set of criminal charges and sanctions. The intention of the campaign, which officials say began in 2010, was to harass critics of the Chinese government, steal trade secrets of American corporations and to spy on and track high-level political figures. Western officials disclosed the operation, carried out by a hacking group known as APT31, while sounding a fresh, election-year alarm about a country long seen as having advanced espionage capabilities. The US Justice Department charged seven hackers, all believed to be living in China. The British government, in a related announcement, imposed sanctions on two of the defendants in connection with a breach that may have given the Chinese access to information on tens of millions o
The offerings, detailed in leaked documents, were a portion of the hacking tools and data caches sold by a Chinese security firm called I-Soon
Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told House lawmakers Wednesday in a fresh warning from Washington about Beijing's global ambitions. Underscoring the threat, the Justice Department and FBI announced just before the hearing that they had disrupted a botnet of hundreds of US-based small office and home routers owned by private citizens and companies and hijacked by the Chinese state hackers to cover their tracks and hide their origin as they sowed the malware. Speaking before the House Select Committee on the Chinese Communist Party, Wray said there's been far too little public focus on a cyber threat that affects every American". China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has co
Japan's slow response to improve its cyber network could impede greater intelligence sharing between the Pentagon and Japan's Defence Ministry, the Washington Post said
A China-based hacking group has breached email accounts linked to government agencies in Western Europe, Microsoft Corp. says. In a blog post published Tuesday, Microsoft said the group, which it identified as Storm-0558, focuses on acts such as espionage and data theft. The group gained access to email accounts affecting about 25 organisations including government agencies and to accounts of individuals linked to these organisations, and had gone undetected for about a month until customers complained to Microsoft about abnormal mail activity. We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection, Charlie Bell, Microsoft's executive vice president of security, said in a separate Microsoft post. The hackers carried out the breach by forging authentication tokens a piece of information used to verify the identity of a user required to access the email accounts. Microsoft has since dealt with the attack and informed ..
A China-based hacking group has breached email accounts linked to government agencies in Western Europe, Microsoft Corp. says. In a blog post published Tuesday, Microsoft said the group, which it identified as Storm-0558, focuses on acts such as espionage and data theft. The group gained access to email accounts affecting about 25 organisations including government agencies and to accounts of individuals linked to these organisations, and had gone undetected for about a month until customers complained to Microsoft about abnormal mail activity. We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection, Charlie Bell, Microsoft's executive vice president of security, said in a separate Microsoft post. The hackers carried out the breach by forging authentication tokens a piece of information used to verify the identity of a user required to access the email accounts. Microsoft has since dealt with the attack and informed ..
The researchers attributed the hacks to UNC4841, an unclassified threat group that shares infrastructure and malware code with other China-backed hacking groups
The disclosure came as the US and other countries are facing immense cyber threats, particularly from China