Monday, December 6, 2021

Microsoft Disrupts Chinese Hacking Efforts

Microsoft announcing that it had Disrupted a Chinese Hacking group that had targeted Organizations in almost 30 Countries, including the U.S., with a Focus on Human Rights Groups and Think Tanks, among others.

Meanwhile, a New Analysis found that the Russian Hackers behind last year’s SolarWinds Hack, haven’t Slowed down their efforts.

Microsoft, on Monday, announced that a Federal Court had Granted a Request to allow it to seize Websites being used by a Chinese-based Hacking Group that was Targeting Organizations in the U.S. and 28 other Nations.

The Hacking Group, which Microsoft has dubbed “Nickel,” was Observed to be targeting Think Tanks, Human Rights Organizations, Government Agencies, and Diplomatic Organizations, for Intelligence gGthering purposes.

The Court Order unsealed Monday in the Eastern District of Virginia, allowed the Microsoft Digital Crimes Unit to take Control of the Websites used by Nickel and Redirect the Traffic to Microsoft Servers. Customers impacted by the Hacking efforts have been Notified.

“Obtaining control of the malicious websites and redirecting traffic from those sites to Microsoft’s secure servers will help us protect existing and future victims while learning more about Nickel’s activities,” Tom Burt, the Corporate Vice President of Customer Security and Trust at Microsoft, wrote in a Blog Post published Monday.

“Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this latest wave of attacks,” Burt added.

Organizations targeted by the Hacking Group include those in Countries across North America, South America, the Caribbean, Central America, Europe and Africa, such as the U.S., Brazil, Colombia, France, Italy, the United Kingdom, and Dozens more. Burt noted that there was a “correlation” between Chinese Geopolitical Interests and the Organizations targeted.

The Russian Government-linked Hacking Group behind One of the Biggest Cyber Espionage incidents in U.S. History has only Intensified its Hacking efforts in the year since, Research released Monday found.

Cybersecurity Group Mandiant, on Monday, released Findings showing how the Group, known as “Nobelium” or “UNC2452,” has continued to Target Governments and Businesses, zeroing in on Technology Solutions and Services Groups, along with Technology Resellers, and using New Tactics to make it more Difficult to Trace the Threat Activity, and maintain Access to Networks.

The New Activity was Announced by Mandiant almost exactly a year after the Company, formerly known as FireEye, announced its Systems had been Breached by “a nation with top-tier offensive capabilities.”

One year later, the Announcement by the former FireEye was the First Public Clue to a Massive Espionage Campaign that had been Ongoing for most of 2020, that became known as the SolarWinds Hack due to the Hackers using a Vulnerability in Software from IT Company SolarWinds to Breach Customer Networks, among other Avenues of Attack.

At least Nine Federal Agencies and 100 Private Sector Groups were Breached as a result, and President Biden levied Sanctions on Russia, in April, in Retaliation.

“This time around they are hacking into a lot of different companies and using those companies as entry points into the ultimate target they are trying to get into,” Charles Carmakal, Mandiant Senior Vice President and Chief Technology Officer, said in an Interview ahead of the Release of the Findings.

Hackers Stole at least $150 million from Cryptocurrency Exchange, BitMart, as part of what the Company described Monday as a “large-scale security breach.” The BitMart Team, wrote in a Statement posted on its website, that the Hackers involved had withdrawn approximately $150 million from Two of BitMart’s Wallets used by Customers, and that the Company was temporarily Suspending Withdrawals as it Investigated the Breach. The Company emphasized that All other Wallets were “secure and unharmed.” NBC News cited Information from Blockchain and Security Analytics Company PeckShield in Reporting that the Financial Loss was likely closer to $200 million Stolen.

Maryland Authorities are Investigating a Cyberattack that took the State Department of Health Offline this past weekend, as they determine if any Information has been Stolen.

"The Maryland Security Operations Center is investigating a network security incident involving the Maryland Department of Health. The Maryland Department of Information Technology, the Maryland Department of Health, and the Maryland Department of Emergency Management are working closely with federal and state law enforcement partners to address the incident and to gather additional information," Department Spokesperson, Andy Owen, said in a Statement.

"Certain systems have been taken offline out of an abundance of caution and other precautions have and will be taken," said Owen. As of Monday morning, the Department's Website Redirects to the Main Maryland State Government Website.

NYC Wins When Everyone Can Vote! Michael H. Drucker

No comments: