Connect with us

Cyberespionage

Hong Kong Targeted by ‘Politically-Motivated” Chinese Hackers

Published

on

During the lead-up to the recent legislative elections in Hong Kong, two government agencies in the country had been targeted by cyberespionage agents from China in a politically-motivated attack during August, a cybersecurity firm stated.

// -- Discuss and ask questions in our community on Workplace.

A Chinese hacking group has been accused of targeting multiple Hong Kong government agencies with cyberespionage operations in politically motivated attacks, according to U.S. cybersecurity firm iSIGHT, a unit of FireEye Inc,.

China keyboard

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Dubbed APT 3 (Advanced Persistent Threat), the hacking group has, according to iSIGHT president John Watters speaking to Bloomberg, targeted the Hong Kong agencies with spear-phishing attacks. The malware-laden emails were sent in what was “certainly” a politically motivated attack, Watters said, due to the targets involved.

While Watters refused to confirm if APT 3 was a state-sponsored or linked hacking group, he revealed that the firm had informed Hong Kong authorities of incidents during at least three separate occasions.

One of the emails used during the attacks included a report on election results with a hyperlink to a compromised sub-domain that contained the malware. This malware would then have the means to infiltrate the computer from which the malicious sub-domain was accessed, before compromising other networks that the computer is connected to.

Hong Kong’s Past and Future Intertwined with China

Hong Kong’s 2016 elections saw a record 2.2 million people turn up as calls for further political autonomy or even outright independence from China resonate throughout the country. Beijing’s continued influence over Hong Kong after the latter was handed back to China from Great Britain in 1997, has been among the key campaign issues this year, where voters will select lawmakers for the 70-seat Legislative council.

Watters believes that the cyberespionage operation was triggered out of a need to gain information on Hong Kong’s political affairs.

What it appears to be is an opportunity to gain information without having the transparency of having to make a request. If you want to know what someone’s thinking, would you rather read their diary or hear their prepared remarks?

In a statement, the office for information of the Hong Kong government confirmed that it had been informed of the attacks, with “relevant security measures” enforced to block the suspicious e-mails. The office added:

So far, there is no security incident report from the two concerned departments.

The targeted departments or the stolen information, if any, haven’t been revealed or verified.

 Images from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

Cryptocurrencies

Spectre And Meltdown Madness: What It Means For Ethereum

Published

on

To anyone who talks in terms of a cryptocurrency bubble, consider the following fun facts. In the short period of a few days following the bombshell announcement of Meltdown and Spectre, crypto prices responded in the following manner:

// -- Discuss and ask questions in our community on Workplace.

Bitcoin +18%

ETH +41%

Litecoin +30%

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

In my view, this is clear evidence of a market that is responding rationally to information coming from responsible sources. To appreciate what all the noise is about you must appreciate what Meltdown and Spectre are and why they present a danger to the big companies providing cloud storage for the corporate world.

Once this is clear, then you will better appreciate why Ether’s 41%+ short-term price spike left the others in the dust. But first lets dig into the Meltdown and Spectre situation.

The Secret Got Out

 On January 3 the secret about a new class of security vulnerabilities leaked out to the public. Not only was this seriously bad news but the leak also gave hackers advanced notice before anyone could begin to fix the twin problems.

The degree of seriousness is in the fact that almost all major microprocessor chips are vulnerable. This opens the door to hackers stealing information from personal as well as cloud services.

Researchers claim that Meltdown can be fixed with a patch. Shortly thereafter about every major player announced their patch. But there are two issues here. Will the patches fully solve they problem?

Casting A Cloud Over The Cloud

When a corporation becomes a cloud customer, even the largest share machines with other customers. This is the basic flaw in the centralized structure of cloud storage. Contrast this with the decentralized structure of blockchain technology and you begin to appreciate the force behind the sudden price spike in cryptocurrencies that we highlighted above.

Even though security tools and protocols are designed to separate customers date, the recently discovered Meltdown and Spectre flaws still leave serious vulnerabilities.

Meltdown, hackers could rent space on a cloud service, just like any other business customer. Once they were on the service, the flaw would allow them to grab information like passwords from other customers.

Secondly, reports on cloud services like Amazon, Google and Microsoft claim that it creates as much as 30% slower computation speeds. That clearly won’t make for happy customers.

Jerky NetFlix

Virtually everyone reviewing the situation believes individual computer users are the least vulnerable. That may be true. Hackers are in the hunt for the biggest prize and that would be the big three cloud companies. But how do you think families are going to react if their Netflix stalls and buffers every few minutes?

In the final analysis, the Meltdown flaw affects virtually every computer chip fabricated by Intel in use today. You are talking about 90% of the Internet and business world. But Meltdown is just one flaw.

Spectre is the other flaw and this one is the more insidious of the two. There is no known fix. Intel, AMD and others have claimed how complex a project it would be for hackers to breech the Spectre vulnerability. That is pretty hollow comfort. After all, hasn’t the FBI security been breeched. Those guys were supposed to be airtight.

Boom Days For Blockchain

In so many ways, last year marked a tipping point in the spread and acceptance of blockchain technology. The uses for Bitcoin are probably best gauged by its record $20,000 price in December. For Ethereum, it may have been marked by the formation of the Enterprise Ethereum Alliance (EEA) in February and rise to over 300 members at year-end.

No sooner has 2018 begun that the Meltdown and Spectre flaws created unexpected excitement for investors in cryptocurrencies. If I were a software salesman out of work, I would be sending my resume to every crypto company offering to peddle their blockchain. It could be the easiest job since selling web design services in 1995.

The Ethereum platform with its smart contracts is not the only crypto capable of addressing this newly uncovered opportunity created by Meltdown and Spectre. You can safely bet this will attract many players and for good reason, today’s blockchain technology is a long way from fast enough for mass adoption. Blockchain security may be a step or two better in it present form than cloud storage, but it has its security issues as well.

Building the Ethereum Moat

 EEA founder Jeremy Millar is clearly a brand ambassador for Ethereum. He believes that CEOs hear the chatter about blockchain and are pre sold not having a clear picture what can be accomplished or the money saved using this technology. The important thing is for IT departments to have a respected brand to attach to their recommendations.

The EEA seeks to connect and inform and through this pioneering process spread the gospel of Ethereum. So far this is beginning to build a brand franchise for Ethereum.

The EEA is the largest blockchain body and is committed to using open-source Ethereum technology for enterprise blockchain solutions. EEA expects to see great advances in these areas in 2018 with Ethereum technologies.

It also helps when Wall Street banks uncover the potential for billions in savings on the trading desks through the applications of the Ethereum platform.

So, if you though the last year held plenty of excitement, the Meltdown and Spectre flaws promise to make this year every bit as much fun.

Featured image courtesy of Shutterstock.

 

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
14 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 514 votes, average: 4.14 out of 5 (14 votes, average: 4.14 out of 5)
You need to be a registered member to rate this.
Loading...

4.3 stars on average, based on 19 rated postsJames Waggoner is a veteran Wall Street analyst and hedge fund manager who has spent the past few years researching the fintech possibilities of cryptocurrencies. He has a special passion for writing about the future of crypto.




Feedback or Requests?

Continue Reading

Cyberespionage

Apple Watches Banned from UK Cabinet Meetings for Hacking Fears

Published

on

Cabinet ministers have voiced concerns that Apple Watches could be hacked by Russian spies, prompting the devices to be barred from meetings, according to a report from The Telegraph.

// -- Discuss and ask questions in our community on Workplace.

Under the new leadership of Theresa May, U.K cabinet ministers have been barred from wearing the watch during meetings after concerns were raised that the gadgets could be employed as listening devices.

The Apple Watches join the list of banned items alongside mobile phones after these were barred for similar reasons.

According to a survey conducted by research firm IDC, Apple Watches account for seven percent of the market compared to FitBit, which is reported to account for 25.4 percent.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

A Threat from Russian Hackers

This latest news comes amid concerns of a possible threat from Russian hackers who have recently been in the news.

Russian hackers are alleged to have been able to obtain confidential emails from the Democratic National Congress during the U.S. elections despite Russian president, Vladimir Putin, denying this was the case. Surprisingly, congressional leaders are reported to have known about the hacking a year before it was officially announced.

Not only that, but at the recent Rio Olympics, which saw many Russian athletes banned from competing after it was revealed that there was a state-run doping program in the country, Russian hackers have retaliated.

A Russian cyberespionage group known as Fancy Bear recently accessed and leaked data from several high-profile Olympic athletes, by targeting a World Anti-Doping Agency (WADA) database. This is the same agency that placed a recommendation to ban all Russian athletes from the 2016 Rio Olympics.

Unsurprisingly, with the threat of Russian hackers high, and with devices such as mobile phones and watches now being considered as vulnerable gadgets that can be hacked into, it seems as though banning them from important meetings is the only way that will remove any possible threat to state security.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...





Feedback or Requests?

Continue Reading

Cyberespionage

U.S. Officials Say Defenses Are up against Alleged Russian Hacking

Published

on

The U.S. has put measures into place that is reported to stop Russia from hacking into emails that could influence the upcoming presidential election, reports NBC News.

// -- Discuss and ask questions in our community on Workplace.

Back in July, it was reported that Hillary Clinton’s campaign manager Robby Mook said that Russian state-sponsored hackers may have hacked the Democratic Party’s network and email system in an attempt to help Republican presidential candidate Donald Trump.

He said:

…experts are now saying that the Russians are releasing these emails for the purpose of actually helping Donald Trump…that’s disturbing.

But could Russia really be looking into hacking the U.S. presidential elections?

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

It seems that rather than take the chance of finding it out too late, U.S. officials have put defensive measures in place designed to block hacking paths that the Russians are alleged to have utilized.

It has been reported that emails were stolen from high-profile Democrats which were made public through WikiLeaks, DCleaks, and Guccifer 2.0.

However, while these defensive measures are being put into place, how long will it take before ways are found that can infiltrate the new measures?

According to Juan Zarate, a top counterterrorism official from 2005 to 2009, who spoke to NBC News, he said it wouldn’t take long before the Russians – both the state actors and their proxies – were able to find vulnerabilities.

He said:

This isn’t going to be the end of the story by any stretch.

WikiLeaks

When it comes to WikiLeaks they have not been shy releasing information pertaining to government and state documents.

Earlier this month, Julian Assange, WikiLeaks founder, spoke via a video conference from the Ecuador embassy in London. He has been in asylum since August 2014.

He announced that the upcoming release of information WikiLeaks had access to could impact the U.S. presidential elections.

He said:

[They] are revealing, but also the government/state reactions to the releases are revealing also.

Even though leak sites and hackers are believed to have access to emails that have yet to be made public, U.S. officials are confident that its new defensive measures have stopped Russians from stealing further information, according to NBC News.

It remains to be seen whether or not this is in fact the case.

The U.S. Hits Back

Naturally, the U.S. doesn’t plan on taking these hacks lying down.

So-much-so, that it was reported earlier this month that the White House is planning a massive, unprecedented cyberattack on the Russian government. This is in retaliation for the alleged Russian hacking into the U.S. presidential elections.

This news doesn’t seem too surprising considering the fact that President Obama revealed that he had concerns over the government’s cybersecurity measures particularly after he admitted that the White House had been the target of hackers.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...





Feedback or Requests?

Continue Reading

Recent Comments

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending