New Delhi: Data storage leader Western Digital said on Monday that cyber-criminals exfiltrated data from its systems during a “network security incident”.
On March 26, Western Digital had identified a network security incident involving its systems.
In connection with the ongoing incident, an unauthorised third party gained access to a number of the company’s systems. Upon discovery of the incident, the company implemented response efforts and initiated an investigation with the assistance of leading outside security and forensic experts.
“This investigation is in its early stages and Western Digital is coordinating with the law enforcement authorities,” it said in a statement.
The company said it is implementing proactive measures to secure its business operations, including taking systems and services offline, and will continue taking additional steps as appropriate.
As part of its remediation efforts, Western Digital is actively working to restore impacted infrastructure and services.
“While Western Digital is focused on remediating this security incident, it has caused and may continue to cause disruption to parts of the company’s business operations,” it said.
San Francisco: Malicious hackers can remotely turn off the lights, honk the horn, open the trunk, and activate the windshield wipers by hacking into the Tesla’s infotainment system, the media reported.
The researchers, who work for France-based security firm Synacktiv, discovered the three vulnerabilities that can be used to hack into Tesla.
The worst-case scenario enabled by these vulnerabilities, at least as far as the researchers are aware, is to annoy and potentially disrupt a driver, reports TechCrunch.
However, Tesla told the researchers that they couldn’t have turned on and off the car, or steered the wheel.
But, one of the researchers, Eloi Benoist-Vanderbeken, believes it might have been possible, said the report.
“Tesla mentioned we wouldn’t be able to turn the steering wheel, accelerate or brake. But from our understanding of the car architecture we are not sure that this is correct, but we don’t have proof of it,” Vanderbeken was quoted as saying.
The researchers didn’t have full access to a Tesla at that time, but they look forward to fact-checking the company’s statements once they do.
Moreover, the report mentioned that the first vulnerability was exploitable via Bluetooth, the second one allowed the researchers to elevate their privileges and become root (cybersecurity lingo for the highest level of system access — giving them free rein to execute code in the infotainment system), and the last one gave them control of the security gateway, a component that sends some commands to the car.
“It’s not at the point of a modern browser running on an iPhone or an Android, but it’s not that far from it. Tesla cars are really well connected to the internet, so they need to take care of security because they are likely to be targeted more than other cars,” Vincent Dehors, Cyber Security Engineer, Synacktiv, was quoted as saying.
Further, the researchers mentioned that Tesla is working on patches for these vulnerabilities, which should be pushed to cars soon, according to the report.
Last month, Tesla paused the rollout of its Full Self-Driving (FSD) beta software in the US and Canada until a firmware update can be issued to address a safety recall.
“Tesla has issued a voluntary recall on certain Model S, Model 3, Model X and Model Y vehicles that have installed or are pending installation of software that contains the Full Self-Driving (FSD) Beta feature,” Tesla wrote on the support page.
New Delhi: Cyber-security researchers on Monday said they have discovered several freemium software-as-a-service (SaaS) platforms that scammers abuse to conduct phishing campaigns against popular companies.
Most of these campaigns targeted Indian banking, financial services, and insurance (BFSI) customers.
Threat actors have resorted to using legitimate SaaS platforms to host phishing pages at a minimal/no cost. These short-lived and easy-to-host phishing pages are also difficult to trace back to the actors responsible, according to cyber-security firm CloudSEK.
SaaS products and services usually offer free or low-cost trials.
While this has allowed users across the world to try out services before subscribing or buying the products, it also provides an opportunity for threat actors to pose as legitimate users and misuse the products to defraud consumers.
The CloudSEK team identified several such incidents, especially targeting banking customers, and released advisories to inform the affected SaaS companies and the public.
Scammers were able to evade detection by cleverly exploiting the following user-friendly services provided by each of these platforms.
“Cybercriminals always try to use free services for phishing campaigns to maximize their profits. Developer-focused platforms like Cloudflare Pages and Firebase Hosting provide certain features such as GitHub integration, which are easily abused to create phishing domains,” the researchers noted.
Geopolitical links: In addition, Trickbot was linked by IBM last year to cyberattacks in 2022 tied to the war aimed at both the Ukrainian government and private sector groups and, according to the Treasury Department, have also allegedly targeted the U.S. government and U.S. companies.
“The United States and the U.K. are leaders in the global fight against cybercrime and are committed to using all available tools to defend against cyber threats,” Secretary of State Antony Blinken said in a statement Thursday. “As Russia’s illegal war against Ukraine continues, cooperation with our allies and partners is more critical than ever to protect our national security.”
British attacks: The U.K.’s National Crime Agency identified almost 150 British victims of ransomware linked to Russian cybercriminal groups. And the action taken Thursday is part of an effort to shut down ransomware attacks aimed at the U.K., which are classified there as a “tier 1 national security threat.”
British Foreign Secretary James Cleverly said in a statement Thursday that “by sanctioning these cyber criminals, we are sending a clear signal to them and others involved in ransomware that they will be held to account.”
Past disruption efforts: The hackers associated with Trickbot have continued their activities despite Microsoft taking action in 2020 ahead of the U.S. presidential election to disrupt the group through actions including suspending IP addresses. Whether the new sanctions will be able to permanently damage the group remains unclear.
“These sanctions will likely cause disruption to the adversary’s operations while they look for ways to circumvent the sanctions,” Adam Meyers, head of threat intelligence at cybersecurity group CrowdStrike, said in a statement Thursday. “Often, when cybercriminal groups are disrupted, they will go dark for a time only to rebrand under a new name.”
[ad_2]
#U.S #U.K #sanction #Russian #hackers #ransomware #attacks
( With inputs from : www.politico.com )
MUNICH, Germany — As the world’s security elite gathers in Munich this week, they’ll be connecting their mobile phones to Chinese telecoms equipment surrounding the venue.
Heads of state, security chiefs, spooks and intelligence officials head to Germany on Friday for their blue-riband annual gathering, the Munich Security Conference. On the event’s VIP list are U.S. Vice President Kamala Harris, German Chancellor Olaf Scholz, French President Emmanuel Macron and hundreds more heads of state and government, ministers and foreign dignitaries.
The gathering takes place at the five-star Hotel Bayerischer Hof. From its ice-themed Polar Bar on the hotel’s rooftop, you can overlook the city’s skyline, spotting multiple telecommunications antennas poking between church steeples. Some of these antennas, within 300 meters of the hotel, are equipped with hardware supplied by controversial Chinese telecoms giant Huawei, POLITICO has learnt through visual confirmation, talks with several equipment experts and information from industry insiders with knowledge of the area’s networks.
One mast, on top of the Hotel Bayerischer Hof building itself, is also potentially equipped with Huawei gear, talks with two industry insiders suggested.
The question of whether to allow Chinese 5G suppliers into Western countries in past years became a bone of contention between Berlin on the one hand and Washington and like-minded partners on the other. This week’s gathering also comes as the U.S. continues to call out Germany’s economic reliance on Beijing, with a new report showing the German trade deficit with China exploded in 2022, and amid sky-high tensions between Washington and Beijing over surveillance balloons hovering over the U.S., Canada and elsewhere.
“The dependence on Huawei components in our 5G network continues to pose an incalculable security risk,” said Maximilian Funke-Kaiser, liberal member of the German Bundestag and digital policy speaker for the government party Free Democratic Party (FDP).
“The use of Huawei technology in the mobile network here runs counter to Germany’s security policy goals,” Funke-Kaiser said, calling the vendor’s involvement in German 4G and 5G “a mistake in view of the Chinese company’s closeness to the state.”
Huawei has consistently denied posing a security risk to European countries.
Delving into data
Despite extensive reporting, POLITICO was unable to gather on-the-record confirmation of which vendor’s telecoms equipment was used for which masts. Operators and vendors refused to disclose the information, citing contractual obligations, and local authorities said they didn’t have the information available.
The security risks associated with Huawei equipment also vary, and differ even among close allies in the West. Some capitals argue the real risk of Chinese telecoms equipment is the overreliance on a Chinese firm in an unstable geopolitical situation — much like Europe relied on Russian gas for its energy needs.
But others argue that the risk runs deeper and that China could use Huawei’s access to equipment and data in European mobile networks — especially in areas of critical importance and high sensitivity — to put the West’s security at risk. Huawei has been implicated in a number of high-profile espionage cases, including at the African Union Headquarters.
The Munich Security Conference takes place at the five-star Bayerischer Hof hotel | Ronald Wittek/EPA-EFE
When asked about Huawei’s presence in Munich, Mike Gallagher, a Republican and Chairman of the U.S. House select committee on China, said POLITICO’s findings were “troubling” and “should concern every individual attending the conference.”
The chair of the U.S. Senate intelligence committee, Mark Warner, a Democrat who’s attending the conference, said it was “a timely reminder that we must continue to work with like-minded allies to promote secure and competitively priced alternatives to Huawei equipment.”
U.S. Senate intelligence committee Vice Chair Marco Rubio (Republican, Florida) said U.S. diplomats “should be aware of the risks and take necessary precautions.”
Munich networking
From a 2007 speech by Russia’s Vladimir Putin to U.S. President Joe Biden’s virtual address at the start of his mandate in February 2021, the conference strives to set the global diplomatic and international relations agenda. Its organizers see it as an open space for debating geopolitics and world affairs, with attendees ranging from across the world and an advisory board where Chinese state officials sit alongside Western diplomats and titans of industry.
The conference’s guest list reveals something else too: The gathering is seen as critical by U.S. government officials. This year, the U.S. is sending its largest delegation yet, with Harris flanked by dozens of government officials, security chiefs and congresspeople, including Democrat leader Chuck Schumer, Republican leader Mitch McConnell and others.
For these U.S. attendees — and the Western partners that see eye to eye with the U.S. position on China’s telecoms giant Huawei — the networks around the premises prove troublesome.
An online map on the website of Germany’s telecoms agency, the Bundesnetzagentur, shows 13 locations for masts and antennas surrounding the Hotel Bayerischer Hof. The agency also provides information about which of the country’s three main operators — Deutsche Telekom, Vodafone and Telefónica — use which locations.
POLITICO shared photos of seven masts near the hotel with fourexperts specialized in telecoms radio access network (RAN) equipment. These experts established that at least twowere equipped with gear of Chinese telecoms giant Huawei.
If a network operator has one mast equipped with Huawei in Munich, it likely equips all masts in the area with the same vendor, two industry insiders said. Operators usually use one provider for larger areas. This means at least one other location is also likely equipped with Huawei gear, the insiders said. Three other locations, including the mast on the roof of the conference venue, are used by an operator using Huawei equipment but those locations are part of infrastructure that is shared by several operators, meaning there’s a chance these are equipped with Huawei gear but it’s unconfirmed.
The findings are in line with recent reports on Germany’s telecoms infrastructure.
Europe’s largest economy is a stronghold for Huawei in the West. A report by boutique telecoms intelligence firm Strand Consult estimated that Germany relies on Chinese technology for 59 percent of its ongoing 5G network deployment. The country already had a massive reliance on Chinese equipment in its 4G network, where Strand estimated Huawei accounts for 57 percent.
In February 2021, U.S. President Joe Biden delivered remarks at the virtual event hosted by the Munich Security Conference — Biden stressed the United States’ commitment to NATO after four years of the Trump administration undermining the alliance | Pooled photo by Anna Moneymaker/Getty Images)
“If you look at the percentage of Chinese equipment in Germany, you could say it is the most unsafe country in Europe,” said John Strand, founder of Strand Consult. “Welcome to the Munich Security Conference: We can’t guarantee your security,” he quipped.
Black hole of telecoms intelligence
Establishing with certainty just how many of the 13 masts are equipped with Chinese telecoms gear is extremely difficult. Both German operators and their vendors have a policy to not communicate what equipment they’re using in which locations, citing contractual obligations on confidentiality.
Deutsche Telekom and Vodafone confirmed that they use Huawei in their German antenna networks. Telefónica said they use “a mix of European and international network suppliers” in Germany. Yet, all declined to comment on whether they use Huawei in Munich.
Ericsson, Nokia and Huawei all declined to comment on whether they were providing gear in the greater Munich area, referring questions to the local operators.
Government regulators, too, divulge no details of which suppliers provide gear for certain locations. The Federal Network Agency and the Federal Office for Information Security admitted they don’t know which equipment is fitted to which mast; both referred to the interior ministry for answers. The interior ministry said it “does not usually know which critical components are installed on which radio mast in detail.”
The Hotel Bayerischer Hof forwarded questions about mobile infrastructure on its roof to the security conference’s organizers.
The Munich Security Conference itself said in a statement: “As a matter of principle, we do not comment on the exact details of the infrastructure used for the main conference in Munich. We are in close contact with all relevant authorities in order to secure the conference venue, the participants and the digital space accordingly.”
The Federal Office for Information Security (BSI) does provide its own security networks for official events, but the Munich Security Conference is “outside the responsibility of the BSI,” the BSI said in an email.
Germany’s telecoms ambiguity
Through its 5G equipment it is feasible for Huawei to spy on users of a network or to disrupt communications as the very design of 5G makes it harder to monitor security, the head of the U.K.’s intelligence service MI6, Alex Younger, said to an audience in his second public speech.
But John Lee, director of the consultancy East-West Futures and an expert on Chinese digital policy, said it’s “not a clear cut technical case” as to whether Huawei equipment in current telecoms networks represents a material security risk.
“Some non-Western countries are proceeding to upgrade their telecoms infrastructure with Huawei as a key partner,” Lee said. “This is still mainly a political issue of how much suspicion is placed on the ambitions of the Chinese state and its relationship with Chinese companies.”
In an effort to coordinate a common approach to vendors, the EU developed “5G security toolbox” guidelines in 2019 and 2020 to mitigate security risks in networks. Some major European countries, including France, have imposed hard restrictions for their operators, including by limiting the use of “high-risk vendors” — a term widely understood across Europe to be Chinese vendors Huawei and ZTE — in certain strategic geographic areas.
In Germany, however, policymakers took years to agree on their framework for 5G security. In April 2021 — more than a year after the EU’s joint plan came out — it passed measures that allowed the government to intervene on operators’ contracts with Chinese vendors.
But those interventions haven’t barred the use of Huawei in certain geographical areas yet.
And the interior ministry — which has veto power to ban or recall certain components if they see them as an “impairment of public order or safety” — hasn’t intervened much either, a ministry spokesperson said via email.
Up till now, the spokesperson said, specific orders to cut Huawei from German networks “have not been issued.”
Alex Ward, Maggie Miller and Tristan Fiedler contributed reporting.
[ad_2]
#Chinese #mobile #masts #loom #Munich #Security #Conference
( With inputs from : www.politico.eu )
Italy’s National Cybersecurity Agency (ACN) warned on Sunday of a large-scale campaign to spread ransomware on thousands of computer servers across Europe and North America.
France, Finland and Italy are the most affected countries in Europe at the moment, while the U.S. and Canada also have a high number of targets, the ACN warned, according to Italian news agency ANSA.
The attack targets vulnerabilities in VMware ESXi technology that were previously discovered but that still leave many organizations vulnerable to intrusion by hackers.
“These types of servers had been targeted by hackers in the past due to their vulnerability,” according to ACN. “However, this vulnerability of the server was not completely fixed, leaving an open door to hackers for new attacks.”
France was the first country to detect the attack, according ANSA.
The French cybersecurity agency ANSSI on Friday released an alert to warn organizations to patch the vulnerability.
It is estimated that thousands of computer servers have been compromised around the world, and according to analysts the number is likely to increase. Experts are warning organizations to take action to avoid being locked out of their systems.
[ad_2]
#Ransomwarehacking #campaigntargetsEurope #North #America #Italy #warns
( With inputs from : www.politico.eu )
