Data and computer security

Subterms

    Latest story

    163 Shares187 Views

    Chinese believed to have targeted Trump’s and Vance’s phones in US telecommunications breach

    by

    Chinese government-linked hackers are believed to have targeted phones used by Donald Trump and his running mate, JD Vance, as part of a larger breach of US telecommunications networks, according to a New York Times report.The Trump campaign was informed this week that the phone numbers of the Republican presidential and vice-presidential nominee were among those targeted during a breach of the Verizon network, the paper said, citing sources.Investigators are working to determine what data, if any, was accessed by the “sophisticated” hack, the sources said. Other current and former government officials were also targeted, according to the report.The FBI and the Cybersecurity and Infrastructure Security Agency confirmed an investigation was under way into the “unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China”. It did not name the Trump campaign in the statement.“After the FBI identified specific malicious activity targeting the sector, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) immediately notified affected companies, rendered technical assistance, and rapidly shared information to assist other potential victims,” the agency said.The Trump campaign did not directly address whether the phones used by Trump and Vance had been targeted.In a statement, a Trump campaign spokesperson, Steven Cheung, criticized the White House and Trump’s opponent, Kamala Harris, and sought to blame them for allowing a foreign adversary to target the campaign, the Times reported.A Wall Street Journal report last month said a cyber-attack linked to the Chinese government had infiltrated multiple US telecommunications firms and may have gained access to systems used by the federal government in court-approved wiretapping efforts.The hackers accessed at least three telecommunication companies – AT&T, Verizon and Lumen Technologies – in what may have been an attempt to find sensitive information related to national security, according to the report.The Trump campaign earlier this year revealed it had been hacked and said Iranian actors had stolen and distributed sensitive internal documents.skip past newsletter promotionafter newsletter promotionThe US justice department unsealed criminal charges in September against three members of Iran’s Revolutionary Guards Corps suspected of hacking the Trump campaign.Justice department officials said hackers were trying to undermine Trump’s campaign and intended to sow discord, exploit divisions within American society and potentially influence the outcome of the 5 November election.With the election under two weeks away, Trump and Kamala Harris are locked in a tight race. In both national head-to-head polls and surveys in the crucial swing states where the election will be decided, the pair seem almost deadlocked. More

    More stories

    • 163 Shares169 Views

      in US Politics

      As the west tries to limit TikTok’s reach, what about China’s other apps?

      by

      As TikTok, the world’s most popular app, comes under increasing scrutiny in response to data privacy and security concerns, lawmakers in the west may soon set their sights on other Chinese platforms that have gone global.TikTok was built by ByteDance as a foreign version of its popular domestic video-sharing platform, Douyin. But it is far from being ByteDance’s only overseas moneymaker. The Chinese company owns dozens of apps that are available overseas, many of them English-language versions of Chinese offerings.CapCut is a video-editing app that is used by TikTok creators, while Lark is a workplace collaboration platform. Other apps, particularly e-commerce platforms such as Shein, have become hugely popular in the US and the UK.The US Congress is now considering the introduction of the Restrict Act, which would give the commerce department the power to ban TikTok and other apps that pose national security risks. Because the main concern about Chinese apps is that they are subject to interference from the Chinese Communist party, many household names could soon be in the line of fire.CapCutCapCut is the Chinese version of ByteDance’s JianYing. It was the fourth-most downloaded app globally in 2022, behind TikTok, Instagram and WhatsApp, according to Statista, which analyses market and consumer data.Despite the security concerns over TikTok, governments have said little about CapCut. India’s government is an outlier, banning the app in 2020 along with a host of others made by Chinese companies.First released in April 2020, CapCut has been downloaded more than 500m times on the Google Play store globally. On Apple devices, it was downloaded 25m times just last month, according to data analysts Sensor Tower. At times in 2021, CapCut was the most downloaded free app in the US.LarkLark, a workplace collaboration platform, launched in 2019. Its Chinese version is called Feishu, but the two platforms operate and store data separately, with Lark being managed from Singapore.It has already launched in the US, south-east Asia and Japan, and has plans to expand into Europe. Its target audience is multinational companies that work with China, or Chinese companies working overseas.Lark combines elements of Slack, Dropbox, Google Docs and Skype. It is a minnow compared with ByteDance’s other products, but is part of a strategy to diversify the company’s offering.Now, however, Lark’s future looks uncertain. It explicitly deals with the kind of proprietary data that western lawmakers and companies would want to keep secure. Ivy Yang, a China tech analyst who previously worked for tech firm Alibaba, said that, for years, Chinese apps pursued a strategy of developing “under the radar” before being discovered more widely. But, Yang said, “that trajectory has to shift because the American government doesn’t allow them to do that any more”.WeChatTencent’s WeChat – which has more than 1.1 billion users – is overwhelmingly used in China, where the all-encompassing app is essential for communications, bookings, finances, and even health monitoring during the pandemic.But it is popular in other countries, too, particularly for diaspora communities wanting to keep in touch with friends and family back in China. Disinformation is particularly rife on WeChat, in part because news spreads in private chat groups rather than on public feeds, so is harder to monitor.In 2022, it was downloaded more than 66m times in China, about 2.1m times in both the US and Indonesia, and more than 1m times in Malaysia, Vietnam and Taiwan.In September 2020, the then US president, Donald Trump, sought to ban WeChat and TikTok outright. This led to lawsuits and court-ordered stays on the ban, and in 2021 his successor, Joe Biden, withdrew Trump’s executive orders. Biden’s administration also launched national security reviews of apps created by companies with links to adversarial foreign governments such as China.WeChat is a Chinese-made app also used in the west, unlike TikTok, CapCut and others, which are western versions of Chinese apps. In 2021, WeChat said it had separated processes for its domestic Chinese users and those who log in with a foreign phone number.But in September last year, overseas users received pop-up messages warning them that “personal data [including] likes, comments, browsing and search history, content uploads, etc” would be stored on Chinese servers.SheinShein, pronounced “shee-in”, is the world’s largest fashion retailer. Founded in 2008 in Nanjing, last year it was the most-downloaded fashion and beauty app in the US, with more than 27m downloads, according to Statista.skip past newsletter promotionafter newsletter promotionConsumers are turning to Shein because it is cheap. But, said Yang, it is also “a lot more fun”. Chinese e-commerce apps are “a lot more engaging”, with pop-ups offering discounts and deals to gamify the shopping experience.Despite the cheap prices, its revenues are huge. In 2022, it raked in $22.7bn (£18.2bn), putting it in the same league as established behemoths such as H&M and Zara. Rui Ma, a China tech analyst and investor, said that Shein’s core advantage was its supply chain. Unlike other fashion companies, Shein works directly with the material suppliers and factories, so it has a detailed understanding of its own pipeline. Ma said Shein’s inventory waste “is one-10th that of the industry average”, which allowed it to keep prices down.TemuTemu only launched in the US in September 2022, but by January this year it was the most popular app in the country. The e-commerce platform sells everything from wireless earphones for $5.09 to a cat’s toothbrush for $0.44.Its inventory is a core part of its business model: it prioritises lightweight products to reduce cargo costs, and ships to consumers directly from factories in China. This allows it to offer rock-bottom prices. It also requires vendors to offer products that are not available on other platforms.It is a subsidiary of PDD Holdings Inc, a Chinese company that also owns the Chinese internet retailer Pinduoduo. Pinduoduo is the dark horse of the Chinese e-commerce market. Despite being much younger than Alibaba and JD.com, which dominate the industry, Pinduoduo has about 15% of the market share. Ma said PDD had “a team that is really good at execution, and they’re taking a lot of the Chinese advantages, and their knowhow, into expanding abroad”.Yang also notes that with US consumers being increasingly cash-strapped, they are willing to wait longer – Temu’s delivery times can be one to two weeks – for cheaper products. That is a challenge for US giants such as Amazon, which have prioritised speed of delivery above all else.AliExpressLast year AliExpress, the online marketplace of the tech giant Alibaba, was the third-most popular marketplace app in the UK, with 1m downloads, behind Amazon and eBay. Rather than working directly with factories, it connects small businesses in China with consumers around the world to sell cheap products, often in bulk.However, despite being backed by China’s leading e-commerce platform, AliExpress has failed to catch on in the west as successfully as newer rivals such as Temu and Shein. Yang said part of the reason for this was that it didn’t have the “laser focus” of its competitors. Yang said that AliExpress “was never really under pressure to thrive” in the west because Alibaba already had so many arms to its business, including Taobao, for shopping, and Alipay, a mobile payments system that is ubiquitous in China.What’s next for Chinese apps?In theory, many of the accusations that have been levelled against TikTok – such as that it is bad for children’s mental health or engages in censorship of political topics – should be less applicable to other Chinese apps that are popular in the west. Fast fashion and cheap cosmetics are less controversial than algorithmically delivered content that is seen as shaping young minds. And shopping apps like Temu and Shein are dependent on physical supply chains, so they are less able to change or mask their Chinese links.But US lawmakers have warned that any Chinese-owned apps could be vulnerable to data privacy breaches or interference from the Chinese Communist party.Some analysts have pointed out that the US does not have comprehensive data privacy laws, meaning that users of any apps have little control over how their data is used.Ma said: “It doesn’t make much sense to me that a shopping app is going to be put on the same level [of scrutiny] as a media app. But my view is that it’s not going to stop anyone from trying.” More

    • 163 Shares159 Views

      in US Politics

      ‘Lives are at stake’: hacking of US hospitals highlights deadly risk of ransomware

      by

      ‘Lives are at stake’: hacking of US hospitals highlights deadly risk of ransomwareThe number of ransomware attacks on US healthcare organizations increased 94% from 2021 to 2022, according to one report Last week, the US government warned that hospitals across the US have been targeted by an aggressive ransomware campaign originating from North Korea since 2021. Ransomware hacks, in which attackers encrypt computer networks and demand payment to make them functional again, have been a growing concern for both the private and public sector since the 90s. But they can be particularly devastating in the healthcare industry, where even minutes of down time can have deadly consequences, and have become ominously frequent.The number of ransomware attacks on healthcare organizations increased 94% from 2021 to 2022, according to a report from the cybersecurity firm Sophos. More than two-thirds of healthcare organizations in the US said they had experienced a ransomware attack in 2021, the study said, up from 34% in 2020.Ransomware attacks on healthcare are particularly common in the US, with 41% of such attacks globally having been carried out against US-based firms in 2021.“The current outlook is terrible,” said Israel Barak, CISO of Cybereason. “We are seeing the industry experience an extremely sharp increase in both the quantity and level of sophistication of these attacks.”Ransomware hacks have caused major healthcare disruptions, including delayed chemotherapy treatments and ambulances being diverted from a San Diego emergency room after computer systems were frozen. In 2021, a lawsuit filed by the mother of a baby who died in Alabama alleged the first “death by ransomware”, blaming a 2019 hack of a hospital for fatal brain damage of the newborn after heart rate monitors failed.‘We are not ready’: a cyber expert on US vulnerability to a Russian attackRead moreThe possibly devastating consequences for medical facilities may be one of the reasons hackers have identified them as a high-profile target. “The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health,” said the advisory from the Cybersecurity and Infrastructure Security Agency (CISA).CISA and others advise hospitals against paying ransoms, but providers often feel they have no choice, said Barak. In 2021, 61% of healthcare organizations that suffered a ransomware attack paid the ransom – the highest percentage of any industry sector.“When lives are at stake, it makes the decision very easy,” Barak said. “These attackers have identified medical organizations as very, very good targets because they are more likely to pay.”Attacks are typically carried out by private groups of criminals, experts say: in the third quarter of 2021, 30% of ransomware attacks on healthcare entities were carried out by Conti, a crime syndicate thought to be based in Russia, according to an industry report from cybersecurity firm BreachQuest.But the North Korea incident revealed last week is just the latest state actor to orchestrate ransomware attacks on health care organizations after the FBI revealed in June it had thwarted an attack from Iran on a Boston Children’s hospital.Underfunded hospitals hit by Covid squeezeThe healthcare industry has been hit by a perfect storm of factors that have escalated the ransomware problem, experts say: patient information is increasingly being digitized as hospitals struggle with small internet security budgets.In 2009, the Obama administration passed a bill requiring all public and private healthcare providers to adopt electronic medical records by 2014, resulting in a massive migration of paper patient records to online systems. But today, just 4-7% of the average healthcare provider’s annual IT budget is focused on cybersecurity, the BreachQuest study said.“Healthcare providers have gone through massive digital transformation in a very short amount of time,” said Hank Schless, senior security expert at the cybersecurity firm Lookout.The move was accelerated by the pandemic, he added, as more providers shifted to telehealth to connect with patients during lockdown and hospital staff were stretched thin by the influx of sick and dying patients.CISA has advised a “3-2-1 backup approach” for healthcare entities, including saving three copies of each type of data in two different formats, including one offline. But the agency’s advisory to hospitals is “somewhat unhelpful”, said Vincent Berk, chief security officer at the cybersecurity firm Quantum Xchange, offering generic recommendations about securing data with little clear path to doing so.“The issue with this attack, and any other ransomware attack, is that the cure doesn’t really exist,” he said. “In other words, if it happens, it is already too late.”Legislators are attempting to fill in those gaps. In May, Senator Patty Murray of Washington led a hearing on strengthening cybersecurity in the healthcare and education sectors, saying that the US “needs to address cybersecurity attacks and ensure they are treated like the national security threat they are”.“These kinds of challenges don’t just cause major headaches, lawsuits, and expenses for hospitals,” she said. “They put patients in danger. They undermine our national security. And in some cases they even cost lives.”In March 2022 the Senate introduced a bipartisan bill called the Healthcare Cybersecurity Act, which would direct CISA and the Department of Health and Human Services (HHS) to collaborate on a plan to bolster cybersecurity measures among healthcare and public health organizations.Those measures would include cybersecurity training to employees of health organizations and authorize studies from CISA to identify risks in the industry. It is unclear when the bill is set for a vote, but experts say such legislation is more urgent than ever.“There’s zero deterrence right now,” Barak said. “Until we find a more effective way to tackle this issue, I am afraid the outlook is not looking good.”TopicsHackingHealthcare industryData and computer securityCybercrimeUS politicsUS healthcarenewsReuse this content More