Group items tagged

“the United States and its allies are actually saying ‘no’ to key elements of these texts,” referring to two draft treaties on security issues that Russia had proposed to NATO and the United States.

“Ukrainians! All your personal data was uploaded to the internet,” the message read. “All data on the computer is being destroyed. All information about you became public. Be afraid and expect the worst.”

The attack came within hours of the conclusion of talks between Russia and the United States and NATO that were intended to find a diplomatic resolution after Russia massed tens of thousands of troops near the border with Ukraine.

On Friday, the Biden administration also accused Moscow of sending saboteurs into eastern Ukraine to stage an incident that could provide Russia with a pretext for invasion.

Moscow has demanded sweeping security concessions, including a promise not to accept Ukraine into the NATO alliance. But the cyberattack Friday led to immediate pledges of support and closer cooperation with Ukraine from NATO and the European Union, exactly the opposite of what Russian diplomats had said they were seeking.

On Thursday, Russian officials said the talks had not yielded results, and one senior diplomat said they were approaching “a dead end.”

A Russian military spyware strain called X-Agent, or Sofacy, that Ukrainian cyber experts say was used to hack Ukraine’s Central Election Commission during a 2014 presidential election, for example, was later found in the server of the Democratic National Committee in the United States after the electoral hacking attacks in 2016.

Ukrainian government websites began crashing a few hours later, according to the Ukrainian Foreign Ministry, which said the cyberattack occurred overnight from Thursday to Friday.

“We have not seen such a significant attack on government organizations in some time,” it said. “We suggest the current attack is tied to the recent failure of Russian negotiations on Ukraine’s future in NATO,” it added, referring to Moscow’s talks with the West.

The websites of the president and the defense ministry remained online. Ukrainian officials said the attack targeted 70 government websites.

the hacking activity targeting state bodies could be a part of this psychological attack on Ukrainians.”

“I strongly condemn the cyberattacks on the Ukrainian Government,” Mr. Stoltenberg said in a statement, adding, “NATO & Ukraine will step up cyber cooperation & we will continue our strong political & practical support.”

Sophisticated cybertools have turned up in standoffs between Israel and Iran, and the United States blamed Russia for using hacking to influence the 2016 election in the United States to benefit Donald J. Trump.

The U.S. government has traced some of the most drastic cyberattacks of the past decade to Russian actions in Ukraine.

By morning, the hack had crippled much of the government’s public-facing digital infrastructure, including the most widely used site for handling government services online, Diia. The smartphone app version of the program was still operating, the Ukrainska Pravda newspaper reported. Diia also has a role in Ukraine’s coronavirus response and in encouraging vaccination.

The malware, known as NotPetya, had targeted a type of Ukrainian tax preparation software but apparently spun out of control, according to experts.

It coincided with the assassination of a Ukrainian military intelligence officer in a car bombing in Kyiv and the start of an E.U. policy granting Ukrainians visa-free travel, an example of the type of integration with the West that Russia has opposed.

But NotPetya spread around the world, with devastating results, illustrating the risks of collateral damage from military cyberattacks for people and businesses whose lives are increasingly conducted online, even if they live far from conflict zones

The total global cost is thought to be far higher

The Russian news agencies quoted Patrushev saying in an interview that is to appear in state newspaper Rossiiskaya Gazeta: "Recently, we have established a significant growth in attempts to inflict damage on the Russian information system from the side of outside powers."

Hawks in the Bush administration like Vice President Dick Cheney urged Mr. Bush to consider a military strike against the Iranian nuclear facilities before they could produce fuel suitable for a weapon. Several times, the administration reviewed military options and concluded that they would only further inflame a region already at war, and would have uncertain results.

The first stage in the effort was to develop a bit of computer code called a beacon that could be inserted into the computers, which were made by the German company Siemens and an Iranian manufacturer, to map their operations. The idea was to draw the equivalent of an electrical blueprint of the Natanz plant, to understand how the computers control the giant silvery centrifuges that spin at tremendous speeds. The connections were complex, and unless every circuit was understood, efforts to seize control of the centrifuges could fail.

The first attacks were small, and when the centrifuges began spinning out of control in 2008, the Iranians were mystified about the cause, according to intercepts that the United States later picked up.

The unusually tight collaboration with Israel was driven by two imperatives. Israel’s Unit 8200, a part of its military, had technical expertise that rivaled the N.S.A.’s, and the Israelis had deep intelligence about operations at Natanz that would be vital to making the cyberattack a success.

Soon the two countries had developed a complex worm that the Americans called “the bug.” But the bug needed to be tested. So, under enormous secrecy, the United States began building replicas of Iran’s P-1 centrifuges, an aging, unreliable design that Iran purchased from Abdul Qadeer Khan, the Pakistani nuclear chief who had begun selling fuel-making technology on the black market.

“This is the first attack of a major nature in which a cyberattack was used to effect physical destruction,” rather than just slow another computer, or hack into it to steal data.

It took months for the beacons to do their work and report home, complete with maps of the electronic directories of the controllers and what amounted to blueprints of how they were connected to the centrifuges deep underground. Then the N.S.A. and a secret Israeli unit respected by American intelligence officials for its cyberskills set to work developing the enormously complex computer worm that would become the attacker from within.

the code would lurk inside the plant for weeks, recording normal operations; when it attacked, it sent signals to the Natanz control room indicating that everything downstairs was operating normally. “This may have been the most brilliant part of the code,” one American official said.

the Iranians had grown so distrustful of their own instruments that they had assigned people to sit in the plant and radio back what they saw.

Mr. Bush urged him to preserve two classified programs, Olympic Games and the drone program in Pakistan. Mr. Obama took Mr. Bush’s advice.

Mr. Obama authorized the attacks to continue, and every few weeks — certainly after a major attack — he would get updates and authorize the next step. Sometimes it was a strike riskier and bolder than what had been tried previously. “From his first days in office, he was deep into every step in slowing the Iranian program — the diplomacy, the sanctions, every major decision,” a senior administration official said. “And it’s safe to say that whatever other activity might have been under way was no exception to that rule.”

In the summer of 2010, shortly after a new variant of the worm had been sent into Natanz, it became clear that the worm, which was never supposed to leave the Natanz machines, had broken free, like a zoo animal that found the keys to the cage.

An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

American cyberattacks are not limited to Iran, but the focus of attention, as one administration official put it, “has been overwhelmingly on one country.” There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world. “We’ve considered a lot more attacks than we have gone ahead with,” one former intelligence official said.

In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.

It believes the hackers are part of the same Russian group behind last year's devastating attack on SolarWinds -- a software vendor -- that targeted at least nine US federal agencies and 100 companies.

The White House's National Security Council and the US Cybersecurity and Infrastructure Security Agency (CISA) are both aware of the incident, according to spokespeople. CISA is "working with the FBI and USAID to better understand the extent of the compromise and assist potential victims," a spokesperson said.

When asked about the United States' ability to get ahead of any further cyberattacks, Austin told Starr on Friday it is his responsibility to present President Joe Biden with offensive options.

Cybersecurity has been a major focus for the US government following the revelations that hackers had put malicious code into a tool published by SolarWinds. A ransomware attack that shut down one of America's most important pieces of energy infrastructure — the Colonial Pipeline — earlier this month has only heightened the sense of alarm. That attack was carried out by a criminal group originating in Russia, according to the FBI.

"I'm confident that we can continue to do what's necessary to not only compete, but stay ahead in this in this, in this domain."

But the administration is not "taking any options off the table" in response to the incident, press secretary Jen Psaki said at a press briefing earlier Wednesday, adding that there's an internal policy review process to consider any actions.

In April, the Biden administration announced a series of actions, including sanctions, against Russia for its interference in the 2020 US election, its ongoing actions in Crimea and the SolarWinds cyber attack. The attack on the software developer was one of the worst data breaches to ever hit the US government.

The JBS attack comes after a string of cyber breaches and ransomware attacks tied to nation state actors.

"I'm not going to give any further analysis on that. Other than to tell you that our view is that when there are criminal entities within a country, they certainly have a responsibility and it is a role that the government can play," she responded.

Microsoft also recently said that hackers who are part of the same Russian group behind the SolarWinds hack have struck again in the US and other countries, launching a new cyberattack on more than 150 government agencies, think tanks and other organizations.

Steve Meyer, an economist with commodity firm Kerns and Associates, agreed that a one or two day disruption could cause wholesale meat prices to jump. But if the problem is resolved within a few days, he said, restaurants and grocery stores are unlikely to pass those costs onto consumers.

"Then you're probably going to have some buyers, whoever depends on JBS for their supplies, that probably could be short product," he said. In that case, for consumers, it would depend on where their local grocery store sources its meat. "If they buy it from JBS then you might see some shortages. If they don't buy it from JBS, you might not see anything at all."

Outside experts said they doubted it was China, which has been accused of trying to steal vaccine information from universities, hospitals and medical researchers, because it would be unlike Chinese hackers to impersonate executives at a major Chinese firm.

If they are correct, the lead suspects would be hackers in Russia and North Korea, both of which have also been accused by the United States of conducting attacks to steal information about the process of manufacturing and distributing vaccines. Sometimes it is hard to tell the difference between official hacking operations for the Russian or North Korean governments and those run for private gain.

The attackers’ emails were addressed to companies that provide key components of the cold chain process. Those include ice-lined boxes for vaccines and the solar panels that can power refrigerated vaccine containers — an important feature in poor countries where electricity can be scarce.

There is no indication so far that the attackers were aiming at Pfizer or Moderna, whose vaccines are expected to be the first ones approved for emergency use in the United States.

Until now, the Internet has mainly created new avenues for old behaviors. Roughly nine of 10 computer breaches involve theft or business espionage,

You cannot do a cost-benefit analysis of something that imperils society’s economic and political foundations. The plausible cost is infinite

It does jeopardize our way of life. It undermines the integrity of our political institutions and popular faith in them.

More than this, it warns us that our physical safety and security are at risk. Hostile hackers can hijack power grids, communication networks, transportation systems and much more.

What Putin and Russian hackers allegedly did shatters this pattern. Their hacking — as interpreted by both the CIA and the FBI — qualifies as state-sponsored aggression

The rise of cyberattacks, says a recent report from the American Enterprise Institute, ranks with three great strategic shifts in military history — first, the rise of sea power; next, the advent of air power; and most recently, the opening of space.

The emergence of cyberspace “poses the most daunting challenge yet . . . [because] its implications are more sweeping,” AEI asserts. It touches almost every aspect of society and alters the nature of global conflict.

We could move some vital data networks offline — that is, we could build systems independent of the Internet.

Another possibility is to impose security standards on the “Internet of things

It’s also possible to streamline agencies overseeing cyberspace.

Americans are of two minds about the Internet. They love social media and gadgets, such as smartphones. Meanwhile, they hate its threat to privacy and the dangers of hacking. Putin’s gift to America is that he is forcing us to face the contradictions.

The problem is not just Russia’s bad behavior. It’s the nature of the Internet. If we don’t acknowledge that, we will increasingly become its victim.

On Tuesday, Australia's Minister for Agriculture, Drought and Emergency Management David Littleproud tweeted about the JBS cyberattack, saying the company is working closely with law enforcement agencies and in Australia and overseas to get operations back up and running and "to bring those responsible to account."

Later in May, Microsoft said it believed the hackers responsible for last year's SolarWinds attack targeted 3,000 email accounts at various organizations — most of which were in the United States.

"Ransomware right now, this is a business model," Lior Div, CEO of the security firm Cybereason told CNN's Richard Quest. "They are in it for the money and they are trying to generate as much revenue as possible for themselves. So as long as people are going to pay, they're going to keep operating in order to generate this massive amount of revenue that they are generating every year."

Cyber hygiene is necessary. Every US company and organization needs to protect itself, said Eric Goldstein, the current assistant director at CISA, in a statement.

The hack of the world's largest meat producer, JBS, a Brazilian company whose subsidiaries control a quarter of US beef processing and a large portion of pork processing, was disclosed Tuesday by the White House, which promised to re-focus on the issue and to raise it with Russia, the government thought to be harboring hackers.

You figure if nine meat plants hadn't gone dark in Arizona, Texas, Nebraska, Colorado, Wisconsin, Utah, Michigan and Pennsylvania, it seems very plausible we likely would never have heard. The US JBS headquarters is based in Greeley, Colorado, and it employs more than 66,000 people. Read about the fallout for them, from CNN's Brian Fung.

It's not clear, of course, if the company is paying the ransom. If they're getting back online this quickly, you've certainly got to assume they could have.

"We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice. We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable," the FBI said in a statement. "A cyber attack on one is an attack on us all."

Ireland's national health service has completely shut its IT system and refuses to pay the ransom, which it said in May has disrupted everything from its Covid vaccine rollout to community health services.

Hundreds of American hospitals are being targeted in cyberattacks by the same Russian hackers who American officials and researchers fear could sow mayhem around next week’s election.

Employees at that hospital, in Klamath Falls, Ore., were told, “If it’s a P.C., shut it down,” said Thomas Hottman, the public information officer at Sky Lakes.

The hackers are also the same group behind TrickBot, a vast conduit for ransomware attacks that government hackers and technology executives have targeted in two takedowns over the past month.

The hackers also made higher ransom demands of hospitals than they have in previous attacks. In one attack on an unnamed private clinic, Mr. Holden said, the hackers held systems hostage for the Bitcoin equivalent of more than $5 million, more than double the typical ransom the group asked for months earlier.

U.S. officials draw a distinction between cyber espionage and cyberattacks, which have a destructive or manipulative purpose and could be considered an act of war.

U.S. officials believe this could be the biggest breach ever of the government's computer networks

U.S. investigators believe they can trace the breach to the Chinese government. Hackers working for the Chinese military are believed to be compiling a massive database of Americans, intelligence officials told CNN on Thursday night.

There are 2.7 million federal executive branch employees. It's unclear whether this affected all of them, along with former employees, or only a portion of them.

"It is disturbing to learn that hackers could have sensitive personal information on a huge number of current and former federal employees -- and, if media reports are correct, that information could be in the hands of China," Johnson said in a statement. "(The office) says it 'has undertaken an aggressive effort to update its cybersecurity posture.' Plainly, it must do a better job, especially given the sensitive nature of the information it holds."

Mr. Obama’s decision to accuse North Korea of ordering the largest destructive attack against an American target — and to promise retaliation, which has begun in the form of new economic sanctions — was highly unusual: The United States had never explicitly charged another government with mounting a cyberattack on American targets.

Russian and American officials have discussed how to stabilize the situation.

Fact-checking measures adopted by major tech and social-media companies are unlikely to stop Russia from seeking out new vulnerabilities in Western democracies.

While such an attack would mark a major escalation for Russia, it would not be unprecedented. Attacks on at least a dozen electric facilities in America—including one nuclear plant—have been traced back to a Russian-linked group. Russia is also thought to be behind an increasing number of cyberattacks against private corporations and government agencies in Ukraine. Similarly, Moscow waged a massive disinformation and propaganda campaign alongside its annexation of Crimea in 2014.

In recent years, Kremlin-linked cyber and disinformation campaigns of varying ambition have hit several European countries. In Germany, Russian state news spread a fake story about the rape of an underage girl by migrants during the height of Europe’s refugee crisis in 2016 that led to dozens of protests across the country. Similarly, Russian-backed broadcasters targeted Germany’s Russian emigrant community allegedly to bolster support for the country’s right-wing Alternative for Germany party in its bid to enter parliament for the first time. In France, Russian-linked hackers were believed to have stolen and leaked emails from French President Emmanuel Macron’s campaign. Moscow also recently launched a French version of RT, the public broadcaster formerly known as Russia Today. Spanish investigators found that both private and state-led Russian-based groups disseminated information on social media to try to sway public opinion ahead of Catalonia’s independence referendum in October.

“On the security side, there are some improvements that can happen without the [Trump] administration,” Sulmeyer, the former cyber official, said. “But without a greater counterweight or cost for Russia, none of this is going to stop.”

"Presumably, The Temple was singled out by a racist and anti-Semitic group or individual bent on silencing our joint Temple-Ebenezer Baptist Church MLK Jr. Shabbat," Alexander wrote

"Authorities are conducting an investigation," the letter said. CNN has reached out to The Temple and local authorities for additional information.

Rothschild later befriended King, per The Temple and city of Atlanta's websites, and delivered a eulogy for King at a memorial service organized by Atlanta clergy members.

"I remember the first time (Kasparov) was in jail, he didn't eat a thing because he was afraid that they'd poison him. And we all laughed at him! We thought he was paranoid. He is the only person I know who took any security measures."

Navalny's brilliant sting operation won't lead to an arrest and may only increase the chances he'll be targeted again with a less subtle method

Putin, who worked as a KGB officer before his political ascendance, once said himself that "there's no such thing as former KGB man." While he has always prioritized the security services during his two decades in power, the decay within Russia's intelligence agency is obvious as the country stagnates under dictatorship

But you don't have to be a master assassin when you can keep trying with impunity, even after being caught red-handed.

I don't fly with the state-owned airline Aeroflot, and I don't travel to countries where Putin might be able to put pressure on local authorities to do him a favor. But no one is untouchable in a world where criminals go unpunished.

The Kremlin has doubled down on its lies and denials, spreading a flood of contradictory stories by officials and in the state-run media. Putin himself was dismissive as usual, refusing to even mention Navalny by name when asked about the case. He denied the poisoning, saying, "If (FSB agents) wanted to, they would've probably finished it."

Even in the face of one of the worst cyberattacks in US history, Trump has refused to call out Russia as the culprit, even when his own secretary of state said, "We can say pretty clearly that it was the Russians that engaged in this activity."

Putin's henchmen are sloppy because they can afford to be. Just like their boss, they don't fear any repercussions

Meanwhile, the Trump administration is sending a clear message to all despots as it considers granting legal immunity for Saudi crown prince Mohammed bin Salman, who ordered the gruesome killing of journalist Jamal Khashoggi, according to the CIA

Yet, there is always talk about the need for more international engagement with these despots and thugs, not less. The dubious theory that globalization and closer economic ties will inevitably liberalize dictatorships has been refuted many times over. We see this with China's Xi Jinping, who has become more authoritarian and aggressive since the US welcomed China into the World Trade Organization. Instead, engagement -- or appeasement by another name -- reinforces their sense of impunity

Russia and some of Putin's oligarchs have already been under piecemeal sanctions since the 2014 invasion of Ukraine and annexation of Crimea. But these sanctions are merely a slap on the wrist, and it's clear they do not go far or high enough.

Russia is currently believed to be responsible for the attack.

the Russian foreign ministry described the allegations as another unfounded attempt by the U.S. media to blame Russia for cyberattacks against U.S. agencies.

its customers include most of America’s Fortune 500 companies, the top 10 U.S. telecommunications providers, all five branches of the U.S. military, the State Department, the National Security Agency, and the Office of President of the United States.

“This is a huge cyber espionage campaign targeting the U.S. government and its interests.”

The hackers are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls

“This is a nation state,” said a different person briefed on the matter.