Windows TCO Leftovers
-
The Strategist ☛ In case we forgot, Typhoon attacks remind us of China’s cyber capability—and intent
These incidents remind us that China has the intent, and increasingly the capability, to seriously challenge US and Western technology advantage. Australia will be an obvious target if regional tensions continue to rise. It must be well-prepared.
As ASPI’s Critical Technology Tracker highlights, China’s advances in critical technologies have been foreseeable for some time. US and Western confidence is manifesting as complacency.
-
The Register UK ☛ China's Silk Typhoon blamed for ongoing IT, govt break-ins
The timing of this campaign coincides with that break-in at the US Treasury Department, during which Beijing's cyberspies stole data from workstations belonging to the Office of Foreign Assets Control (OFAC), which administers economic and trade sanctions, as well as the Office of the Treasury Secretary.
These intrusions were attributed to Silk Typhoon, according to a Bloomberg report citing unnamed sources, and the Chinese snoops are believed to have gained access after stealing a BeyondTrust digital key used for remote technical support.
-
The Verge ☛ 12 Chinese hackers charged with US Treasury breach — and much, much more
The last two are members of a group called APT27, or Silk Typhoon, which has been behind hacks of organizations like healthcare systems and universities, according to the DOJ. The group has more recently focused on IT systems that include management software, recent Microsoft research [sic] concluded. Such software was the target of the Treasury hack reported in late December.
-
Wired ☛ US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem
Only rarely does the West get a glimpse inside the vast hacker-for-hire contractor ecosystem that enables China's digital intrusion campaigns worldwide. Now a new set of criminal charges against a dozen Chinese nationals, including two government officials, accuses them of a vast espionage campaign that included breaching the US Treasury, and goes as far as revealing the internal communications of some of those alleged hackers, their tools, and their business relationships.
-
Tripwire ☛ Cactus Ransomware: What You Need To Know
Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim's data and demands a ransom for a decryption key.
Hundreds of organisations have found themselves the victim of Cactus since it was first discovered in March 2023, with their stolen data published on the dark web as an "incentive" to give in to the extortionists' demands.
-
The Register UK ☛ Qilin claims attacks on cancer, women's clinics
Qilin is the same group responsible for multiple attacks on healthcare orgs across the globe including one that locked up pathology labs across NHS facilities in the UK for weeks, and its spokesperson once famously told The Reg in an interview that it had no regrets, even after seeing the extensive disruption it caused to people's healthcare.
-
Security Week ☛ Ransomware Group Claims Attack on Tata Technologies
The data appears to have been stolen in an incident that the subsidiary of Tata Motors disclosed in a regulatory filing with the Indian National Stock Exchange at the end of January.