U.S. to byte back at Russia over election hacking

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

President Obama ordered the expulsion of 35 Russian suspected spies and imposed sanctions on two Russian intelligence agencies over their involvement in hacking U.S. political groups in the 2016 presidential election. The measures mark a new post-Cold War low in U.S.-Russian ties which have deteriorated over Ukraine and Syria. Allegations by U.S. intelligence agencies that Russian President Putin personally directed efforts to intervene in the U.S. election process by hacking mostly Democrats have made relations even worse. “These actions follow repeated private and public warnings that we have issued to the Russian government, and are a necessary and appropriate response to efforts to harm U.S. interests in violation of established international norms of behavior,” Obama said. The Kremlin, which denounced the sanctions as unlawful and promised “adequate” retaliation. Moscow denies the hacking allegations. Source: Reuters

Russian hack code found in U.S. electrical grid

A code associated with the Russian hacking operation dubbed Grizzly Steppe by the Obama administration has been detected within the system of a Vermont utility. While the Russians did not actively use the code to disrupt operations, the discovery underscores the vulnerabilities of the nation’s electrical grid and raises fears that Russian government hackers are actively trying to penetrate the grid to carry out potential attacks. Source: Washington Post

New Hampshire health department data breached

sh_medical-records_280The New Hampshire Department of Health and Human Services has suffered a breach that exposed personal information such as birth dates, addresses, Social Security numbers, Medicaid identification numbers and medical services records. The breach affects individuals involved with the DHHS prior to November 2015. There is no evidence that credit card or banking information was exposed. Health care-record hacking rose 11,000 percent last year, affecting roughly one in three Americans. Source: CNBC

Hacker hits Russian Visa Center just because he can

The Russian Visa Center in the United States reportedly was targeted over the holiday weekend by a massive hack claimed by an individual who said he did it to show how weak the system’s security was. The individual, who goes by Kapustkiy on Twitter, said he was willing to leak data to the company to prove his point. The breach reportedly could affect thousands of U.S. citizens who applied for Russian visas and whose personal information was stored in the database. Source: Yahoo

Government alphabet soup: FBI probes FDIC breach

sh_alphabet-soup_280The FBI is looking into a hack of the Federal Deposit Insurance Corp. that started in 2010. China’s military is said to be behind the attacks in which hackers got access to dozens of computers, including that of Sheila Bair, the past FDIC chairwoman. A congressional committee also is probing the hack. Source: Pymnts.com

Three Chinese citizens charged in insider trading by hack

Three Chinese citizens have been criminally charged in the United States with trading on confidential corporate information obtained by hacking into networks and servers of law firms working on mergers. Iat Hong of Macau, Bo Zheng of Changsha, China, and Chin Hung of Macau were charged with conspiracy, insider trading, wire fraud and computer intrusion. Prosecutors said the men made more than $4 million by placing trades in at least five company stocks based on inside information from unnamed law firms, including about deals involving Intel and Pitney Bowes. Source: Reuters

New York confirms delay in cybersecurity regulations

sh_new-york_280New York state’s financial regulator revised a proposal for the nation’s first cybersecurity rules for banks and insurers, loosening some security requirements and delaying implementation by two months to March 1. The rules from the New York State Department of Financial Services are being closely watched because they lay out unprecedented requirements on steps that financial firms must take to protect their networks and customer data from hackers and disclose cyber events to state regulators. Source: Reuters

Ukraine watchers say computer network compromised

The organization charged with monitoring the Russia-fomented conflict in eastern Ukraine confirmed that it suffered a data breach “compromising the confidentiality” of its computer network. The Organization for Security Cooperation in Europe said that the breach was discovered in early November. French newspaper Le Monde cites a “western intelligence service” in reporting that Russia-linked hacking group Fancy Bear as the possible perpetrators. Source: ABC News

China sets up security strategy against hacks, for internal controls

sh_china-hack_280China’s Internet regulator issued the country’s first cyber strategy, emphasizing the necessity of securing critical infrastructure and the government’s right to control cyberspace in Chinese territory. The strategic framework released by the Cyberspace Administration of China summarizes goals enumerated in a cybersecurity law and other regulations adopted over the past year. A guiding concept is “internet sovereignty”—which the document defines as China’s right to police the internet within its borders and participate in managing international cyberspace. Source: Wall Street Journal

Holiday Inn, Kimpton Hotel chain reports hack of credit card data

InterContinental Hotel Group, which operates more than 5,000 hotels worldwide, is investigating claims of a possible security breach—including credit card theft—at several U.S. hotels. The British hotel chain hired a computer security firm to investigate patterns of possible credit and debit card fraud. InterContinental brands include Holiday Inn, Holiday Inn Express, Kimpton Hotels and Crowne Plaza. Other chains affected by card breaches within the past year include Trump Hotels, Hilton Mandarin Oriental and White Lodge. Source: New York Daily News

Airline boarding passes vulnerable to hackers

sh_boarding-pass_280Major travel booking systems lack a proper way to authenticate air travelers, making it easy to hack the code used on boarding passes, security researchers warned. Passenger name records are used to store reservations with links to a traveler’s name, travel dates, itinerary, ticket details, phone and email contacts, travel agent, credit card numbers, seat number and baggage information. The six-digit codes act as PIN codes for locating travel records, albeit with differences that make them highly insecure, Security Research Labs said. Source: Reuters

Cisco to invest more in cybersecurity services

Industry analysts expect Cisco to release lots of new software for security and the internet of things. “Those two are going to drive a lot of what you see Cisco do from a product introduction in 2017,” said John Fruehe, an analyst at Moor Insights & Strategy. Cisco is in a good position to increase revenue in security and IoT, analysts said, because the company can leverage its networking expertise to provide features competitors might not match. Source: Search Networking