Connect with us

Internet

SolarWinds Hackers Said to Have Stolen Sensitive US Data on Russia Sanctions, Intelligence Probes

Published

on

By Reuters | Updated: 8 October 2021

The suspected Russian hackers who used SolarWinds and Microsoft software to burrow into US federal agencies emerged with information about counter-intelligence investigations, policy on sanctioning Russian individuals and the country’s response to COVID-19, people involved in the investigation told Reuters.

The hacks were widely publicised after their discovery late last year, and American officials have blamed Russia’s SVR foreign intelligence service, which denies the activity. But little has been disclosed about the spies’ aims and successes.

The reluctance of some publicly traded companies to explain their exposure has prompted a broad Securities and Exchange Commission inquiry.

The campaign alarmed officials with its stealth and careful staging. The hackers burrowed into the code production process at SolarWinds, which makes widely used software for managing networks.

The group also took advantage of weaknesses in Microsoft’s methods for identifying users in Office 365, breaching some targets that used Microsoft software but not SolarWinds.

It has been previously reported that the hackers breached unclassified Justice Department networks and read emails at the departments of treasury, commerce and homeland security. Nine federal agencies were breached. The hackers also stole digital certificates used to convince computers that software is authorised to run on them and source code from Microsoft and other tech companies.

One of the people involved said that the exposure of counter-intelligence matters being pursued against Russia was the worst of the losses.

A spokesperson for the Justice Department did not respond to a request for comment.

A White House official said that President Joe Biden has issued orders improving federal agency security, among other things requiring more multifactor-authentication and more monitoring of workplace devices.

In an annual threat-review paper released on Thursday, Microsoft said the Russian spies were ultimately looking for government material on sanctions and other Russia-related policies, along with US methods for catching Russian hackers.

Cristin Goodwin, general manager of Microsoft’s Digital Security Unit, said the company drew its conclusions from the types of customers and accounts it saw being targeted. In such cases, she told Reuters, “You can infer the operational aims from that.”

Others who worked on the government’s investigation went further, saying they could see the terms that the Russians used in their searches of US digital files, including “sanctions.”

Chris Krebs, the former head of US cyber-defense agency CISA and now an adviser to SolarWinds and other companies, said the combined descriptions of the attackers’ goals were logical.

“If I’m a threat actor in an environment, I’ve got a clear set of objectives. First, I want to get valuable intelligence on government decision-making. Sanctions policy makes a ton of sense,” Krebs said.

The second thing is to learn how the target responds to attacks, or “counter-incident response,” he said: “I want to know what they know about me so I can improve my tradecraft and avoid detection.”

© Thomson Reuters 2021

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet

Big Tech: New Step to Curb Firms’ Power Advanced by US Senate Panel

Published

on

By Associated Press | Updated: 22 January 2022

The US Congress has taken a new step toward reining in the market dominance of Big Tech companies. Bipartisan legislation advanced by a Senate panel would bar the dominant online platforms from favouring their own goods and services over those of rivals. It could, for example, prevent Amazon from steering consumers to its own brands and away from competitors’ products on its giant e-commerce platform.

The bill also could bring restrictions for Google’s search engine, which accounts for about 90 percent of web searches worldwide and routinely places its services at the top of search results.

The legislation won a 16-6 vote in the US Senate Judiciary Committee on Thursday and was sent on to the full Senate. The action marked a new turn in Congress’ effort to curb the dominance of the tech giants and anticompetitive practices that critics say have hurt consumers, small businesses and innovation.

Lobbying by Meta (formerly Facebook), Google, Amazon, Apple and other tech giants was intense ahead of the US Senate panel’s action.

Continue Reading

Internet

Google Asks Judge to Dismiss Most of Texas Antitrust Lawsuit

Published

on

By Reuters | Updated: 22 January 2022

Google asked a US federal judge on Friday to dismiss the majority of an antitrust lawsuit filed by Texas and other US states that accused the search giant of abusing its dominance of the online advertising market.

Google said in its court filing that the states failed to show that it illegally worked with Facebook, now Meta, to counter “header bidding,” a technology that publishers developed to make more money from advertising placed on their websites. Facebook is not a defendant in the lawsuit.

The states had also alleged that Google used at least three programs to manipulate ad auctions to coerce advertisers and publishers into using Google’s tools.

Google responded that the states had a “collection of grievances” but no proof of wrongdoing. On some allegations, Google argued the states waited too long to file its lawsuit.

“They criticize Google for not designing its products to better suit its rivals’ needs and for making improvements to those products that leave its competitors too far behind. They see the ‘solution’ to Google’s success as holding Google back,” the company said in its filing.

Google asked for four of the six counts to be dismissed with prejudice, which means that it could not be brought back to the same court.

Texas Attorney General Ken Paxton said they would press on with the fight. “The company whose motto was once ‘Don’t Be Evil’ now asks the world to examine their egregious monopoly abuses and see no evil, hear no evil, and speak no evil,” he said in a statement.

The Texas lawsuit had two other claims based on state law and made against Google which were stayed in September. The search giant did not ask for them to be dismissed on Friday but may in the future.

The lawsuit is one part of a long list of antitrust investigations and federal and state litigation against the Big Tech platforms.


© Thomson Reuters 2021

Continue Reading

Internet

Yemen Goes Offline, Loses Internet Connection After Saudi-Led Airstrikes

Published

on

By Associated Press | Updated: 21 January 2022

Yemen lost its connection to the Internet nationwide early Friday after Saudi-led airstrikes targeted the contested city of Hodeida, an advocacy group said, plunging the war-torn nation offline.

NetBlocks said the disruption began around 1am (3:30am IST) local and affected TeleYemen, the state-owned monopoly that controls Internet access in the country. TeleYemen is now run by the Houthi rebels who have held Yemen’s capital, Sanaa, since late 2014.

Yemen faces “a nation-scale collapse of Internet connectivity” after an airstrike on a telecommunications building, NetBlocks said.

The San Diego-based Center for Applied Internet Data Analysis and San Francisco-based Internet firm CloudFlare also noted a nationwide outage affecting Yemen beginning around the same time.

Over 12 hours later, the Internet remained down.

The Houthi’s Al-Masirah satellite news channel said the strike on the telecommunications building had killed and wounded people. It released chaotic footage of people digging through rubble for a body as gunshots could be heard. Aid workers assisted bloodied survivors.

Meanwhile, Al-Masirah said another early Friday airstrike on a prison in Yemen’s northern Saada province also killed and wounded people. There was no immediate independent confirmation of how many people were hurt in either attack.

The Saudi-led coalition battling the Houthi rebels acknowledged carrying out “accurate airstrikes to destroy the capabilities of the militia” around Hodeida’s port. It did not immediately acknowledge striking a telecommunication target as NetBlocks described, but instead called Hodeida a hub for piracy and Iranian arms smuggling to back the Houthis.

The undersea FALCON cable carries Internet into Yemen through the Hodeida port along the Red Sea for TeleYemen. The FALCON cable has another landing in Yemen’s far eastern port of Ghaydah as well, but the majority of Yemen’s population lives in its west along the Red Sea.

A cut to the FALCON cable in 2020 caused by a ship’s anchor also caused widespread Internet outages in Yemen. Land cables to Saudi Arabia have been cut since the start of Yemen’s civil war, while connections to two other undersea cables have yet to be made amid the conflict, TeleYemen previously said.

A Saudi-led coalition entered Yemen’s war in 2015 to back its ousted government. The war has turned into the world’s worst humanitarian crisis, with international criticism of Saudi airstrikes killing civilians and targeting the country’s infrastructure. The Houthis meanwhile have used child soldiers and indiscriminately laid landmines across the country.

The war reached into the United Arab Emirates, a Saudi ally, on Monday when the Houthis claimed a drone and missile attack on Abu Dhabi, killing three people and wounding six.

Continue Reading

Internet

Pegasus Spyware: Israel’s Attorney General Orders Probe of NSO Claims

Published

on

By Associated Press | Updated: 21 January 2022

Israel’s attorney general said Thursday he was launching an investigation into Israeli police’s use of phone surveillance technology following reports that investigators improperly tracked targets without authorisation.

In a four-page letter, Attorney General Avichai Mandelblit said he had not yet found evidence substantiating the claims in the Israeli business daily Calcalist, which said police monitored the leaders of a protest movement against then-Prime Minister Benjamin Netanyahu, mayors, and other citizens without court approval. But Mandelblit said many questions remained unanswered, and that he was forming an investigative committee headed by a top deputy.

The specific cases mentioned by the newspaper “raise a very troubling picture,” he said, but don’t provide “sufficiently concrete information” to identify the cases of alleged misuse.

Mandelblit’s letter came a few hours after Israel’s police chief said he had ordered an extensive investigation into the newspaper’s claims. In a report this week, Calcalist said police had used the NSO Group’s Pegasus hacking software to surveil some of Netanyahu’s political opponents, as well as a raft of other alleged misuses of the technology.
Ads by

The police have dismissed the report as inaccurate and said they only operate according to the law. But the publication drew an outcry from lawmakers and prompted multiple investigations by various Israeli authorities into the allegations.

The NSO Group does not identify its clients and says it has no knowledge of who is targeted. The company says its products are intended to be used against criminals and terrorists, and that it does not control how its clients use the software. Israel, which regulates the company, has not said whether its own security forces use the spyware.

The Israeli spyware company has faced mounting scrutiny over its Pegasus software, which has been linked to snooping on human rights activists, journalists and politicians across the globe. In November, the US Commerce Department blacklisted NSO, barring the company from using certain US technologies, saying its tools had been used to “conduct transnational repression.”

In announcing his investigation, Police Commissioner Kobi Shabtai said that immediately following the report’s publication, police launched “a thorough internal investigation” that has yet to find any instances of unlawful surveillance. He called on the paper to provide “concrete details that will allow us to inspect the alleged incidents.”

Tuesday’s Calcalist article didn’t name any of the people whose phones were allegedly hacked, nor did it cite any current or former sources in the police, government or NSO. The report referred to eight alleged examples of the police’s secretive signal intelligence unit employing Pegasus to surveil Israeli citizens, including hacking phones of protesters, mayors, a murder suspect and opponents of the Jerusalem Pride Parade, all without a court order or a judge’s oversight.

Shabtai said that “if it turns out that there were specific instances in which regulations were violated, the police under my command will work to improve and correct,” pledging full transparency. At the same time, he defended the police’s lawful use of such technologies to combat crime.

Continue Reading

Internet

Google Appeals EUR 2.4-Billion Shopping Fine at Top EU Court

Published

on

By Agence France-Presse | Updated: 21 January 2022

Google on Thursday appealed an EU court decision to uphold the bloc’s EUR 2.4 billion (roughly Rs. 20,255 crore) fine for abusing its search engine dominance.

The tech giant said it would go to the European Court of Justice, the EU’s highest court, after the General Court confirmed in November a decision by the European Commission in 2017.

At the time, the fine was the European Union’s biggest ever. But it was later exceeded by a EUR 4.3 billion (roughly Rs. 36,290 crore) fine against Google over its Android smartphone operating system.

“After careful consideration, we have decided to appeal the General Court’s decision because we feel there are areas that require legal clarification from the European Court of Justice,” a short statement by the company said.

The case centres on Google’s shopping service and is one of three against the search engine giant currently moving through the EU’s drawn-out appeals system.

The new appeal could take up to two years to reach an outcome, stretching the case out to well more than a decade after the commission launched its investigation in 2010.

The court confirmation on Google Shopping was a win for the EU’s anti-trust supremo Margrethe Vestager, who burst onto the scene in Brussels by scrapping her predecessor’s more conciliatory approach to the US Internet giant.

Vestager had lost in the same court in a different major case, , Apple and Ireland, in which her teams had ordered the iPhone maker to repay EUR 13 billion (roughly Rs. 1,09,710 crore) plus interest to the Irish taxpayer. The EU has appealed that ruling.

The fine for Google came after seven years of investigation launched by complaints from other price-comparison services that saw traffic plummet against Google Shopping.

Continue Reading

Internet

Big Tech: Bills Targeting Google, Facebook, More Firms to Go Before US Senate Panel

Published

on

By Reuters | Updated: 20 January 2022 

The US Senate Judiciary Committee is set to decide Thursday whether the full Senate should vote on two bills aimed at reining in tech giants like Alphabet’s Google and Meta’s Facebook.

Lawmakers are expected to consider an amended version of a bill introduced by Senators Amy Klobuchar, a Democrat, and Chuck Grassley, a Republican, that would bar tech platforms like Amazon from giving preference to their own businesses on their websites.

The amended version would expand the definition of the companies covered by the bill to include firms like the popular video app TikTok, according to sources familiar with the matter.

China’s Tencent, which owns messaging app WeChat, would also be covered by the bill, according to one source.

Two sources familiar with the matter said it was unclear that the Klobuchar-Grassley measure had the votes needed to send the measure to the Senate floor for final passage. The sources asked not to be named because they were not authorised to speak about the matter on the record.

A second bill, led by US Senators Richard Blumenthal and Marsha Blackburn, is also on the schedule. The Open App Markets Act would bar big app stores, like Apple, from requiring app providers to use their payment system and prohibit them from punishing apps that offer different prices through another app store or payment system.

This bill is on the schedule for the first time Thursday, which means that it is likely to be put off at least a week.

Both measures, and other bills aimed at Big Tech, have set off a firestorm of opposition from powerful business groups. The US Chamber of Commerce’s Chief Policy Officer Neil Bradley opposed the bill backed by Klobuchar and Grassley. “The companies that are being targeted are the very ones that had the scale and innovation to help us through the pandemic, whether that was enabling millions to work remotely, (or getting) essentials delivered to our front door,” he said.

The advocacy group Consumer Reports, said it would support the Klobuchar/Grassley bill to “reset the power asymmetry between Big Tech, consumers and small businesses.”

Both bills have a version introduced in the US House of Representatives.

© Thomson Reuters 2022

Continue Reading

Trending