The same Russian military intelligence outfit that hacked the Democrats in 2016 has renewed vigorous U.S. election-related targeting, trying to breach computers at more than 200 organizations including political campaigns and their consultants, Microsoft said Thursday.

The intrusion attempts reflect a stepped-up effort to infiltrate the U.S. political establishment, the company said. “What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues,” Tom Burt, a Microsoft vice president, said in a blog post. The U.K. and European political groups were also probed, he added.

Most of the hacking attempts by Russian, Chinese and Iranian agents were halted by Microsoft security software and the targets notified, he said. The company would not comment on who may have been successfully hacked or the impact.

Although U.S. intelligence officials said last month that the Russians favor President Donald Trump and the Chinese prefer his Democratic challenger, former Vice President Joe Biden, Microsoft noted Thursday that Chinese state-backed hackers have targeted “high profile individuals associated with the election,” including people associated with the Biden campaign.

China’s hackers largely gather intelligence for economic and political advantage, while Russia tends to weaponize stolen data to destabilize other governments.

Microsoft did not assess which foreign adversary poses a greater threat to the integrity of the November presidential election. The consensus among cybersecurity experts is that Russian interference is the gravest. Senior Trump administration officials have disputed that, although without offering any evidence.

“This is the actor from 2016, potentially conducting business as usual,” said John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye. “We believe that Russian military intelligence continues to pose the greatest threat to the democratic process.”

Graham Brookie, director of digital forensic research at The Atlantic Council, disputes Barr and O’Brien’s claim that China poses a greater threat to this year’s election. His lab is at the forefront of unearthing and publicizing Russian disinformation campaigns.

Brookie confirmed that his employer was among the targets of Hurricane Panda but said there was no evidence the hacking attempts, which he said were unsuccessful, had anything to do with the 2020 election.

“We have every indication that this was an instance of cyber-espionage, information gathering, as opposed to electoral interference,” he said.

By contrast, Brookie said, “it’s pretty evident that the Russian attempts (Microsoft disclosed) were focused on electoral processes and groups working on that.”

Microsoft noted a shift toward greater automation in Fancy Bear methods for trying to steal people’s log-in credentials, which previously largely relied on phishing. In recent months, the group has employed so-called brute-force attacks that barrage an account log in with short rapid bursts of potential passwords. It has also used a different method that makes only intermittent login attempts to avoid detection.

Fancy Bear has also stepped up its use of the Tor anonymizing service to hide its hacking, Microsoft said.

Source: AP

Also Read:

TOP 10 PHONES UNDER 30,000 IN NEPAL | 2020

REDMI 9C - THE TRIPLE CAMERA CHAMPION WITH A MASSIVE DISPLAY    

REDMI SONICBASS WIRELESS EARPHONES LAUNCH

XIAOMI MI SMART BAND 5 LAUNCHED IN NEPAL- SPECS AND PRICE | REVIEWS NEPAL

XIAOMI REDMI GO PRICE IN NEPAL | PRICE DROP (UPDATED) 

HUAWEI TO INTRODUCE A NOTEBOOK WITH FLOATING DISPLAY

Foreign hackers are taking advantage of the coronavirus pandemic to undermine institutions and threaten critical infrastructure, a top U.S. military cyber official said Thursday.

The comments from Coast Guard Rear Adm. John Mauger of U.S. Cyber Command came a day after Defense Department officials briefed reporters on virtual war games that digital combatants from U.S. and allied militaries have been holding to sharpen their abilities to counter online threats with real-world impact.

“We’ve seen increased adversary activity” since the pandemic began, Mauger said on a conference call, declining to discuss the threat in more specific detail. “We’re one part of the whole of government effort to defend our democracy in this complex cyber environment.”

On Wednesday, Cybercom offered reporters a window into what it described as its largest virtual training exercise to date — in this case, a simulated attack on an airfield’s control systems and fuel depots. Attackers tried to plant malware and gain access through phishing while defenders hunted for the intruders and their tools.

The Defense Department has hosted similar training exercises in previous years for its own fighters, as well as those from allies and other U.S. agencies. Partner agencies include the Coast Guard, Energy Department and Army Corps of Engineers, which oversees the nation’s dams.

The June 15-26 exercise is unique because the pandemic forced it entirely online, in nine different time zones, bringing together 17 different “blue teams” to defend against one “red team” of attackers — more than 500 participants in all.

“We realized that the opportunity to bring that many people together in a single facility was not possible,” Mauger said. “It was not possible because of travel and it was not possible because of the need to stay physically distant from each other.” It’s the 10th year such exercises have been held.

Britain, Canada and New Zealand participated. Australia, the other partner in the so-called Five Eyes alliance, was not able to participate but plans to join exercises set for later this year, officials said.

Cybercom accelerated development of the virtual training environment to better analyze ways to protect threats to critical infrastructure, including in energy and transportation systems. Officials said the virtual environment can also be used to test cyber soldiers’ abilities to identify new strains of malware. After being discovered in the real world, they could be introduced into a war-game scenario.

Nepal has always been an easy target for hackers around the world. Previously, the servers of mercantile and banks have been hacked by international hackers. The government servers and Data Centers are also at high risk. Thus, it has become essential to protect the information systems and communication technology infrastructure from various types of cyber attacks and risks by adopting various internationally prevailing standards of cyber security. The Government of Nepal is also conscious of the need for cyber security standards.

So, exercising the authority given by Section 62 of the Telecommunications Act, 2053 (1997), the Nepal Telecommunication Authority (NTA) has framed a Byelaw- “Cyber ​​Security Byelaw, 2077 (2020)” and has implemented it right away. The Byelaw is implemented to ensure the cyber security standards in order to protect ICT Infrastructure and Information Systems of Telecommunication Service Providers of Nepal from various malicious attacks and threats, and build trust and confidence of users towards using ICT technology and services.

Thereupon, all the telecommunication service providers including basic telecommunication (telephone), mobile operators, networks and internet service providers that are licensed by Nepal Telecommunication Authority (NTA) are informed to operate their services conforming with the Byelaw.

Also Read:

OVER 500,000 ZOOM ACCOUNTS SOLD ON HACKER FORUMS, THE DARK WEB

COVID-19 CTI LEAGUE: CYBER-SECURITY EXPERTS COME TOGETHER TO FIGHT CORONAVIRUS RELATED HACKING

TDO NEPAL LAUNCH COVID-19 SELF-SCREENING APP & WEBSITE

HOW TO FIX SLOW INTERNET CONNECTION?

NEPAL GOVERNMENT WILL PROVIDE A CAPITAL GRANT UPTO RS 5 MILLION TO STARTUPS

2020-21 BUDGET IMPACT: ELECTRIC VEHICLES TO BE MORE COSTLY IN NEPAL

NATIONAL STRATEGY FOR E-COMMERCE APPROVED BY THE GOVERNMENT  

TRIBHUVAN UNIVERSITY EXERCISES SUBSIDIZED LEARNING DATA PACKS