Refusing to pay ransom demands may be more expensive for state and local governments.
Cybercriminals increasingly are targeting state and local governments with ransomware attacks, and asking for more money.
Read the complete article here.
Cyberattacks are here to stay
Original article from LesAffaires (french)
The massive cyber attack that hit businesses Tuesday around the world is similar to that caused in May by the ransomware WannaCry, but appears “more sophisticated,” Europol said Wednesday.
“There are clear resemblances to the WannaCry attack, but it also seems to be an attack with more sophisticated capabilities, to exploit a series of weaknesses,” the head of the WannaCry agency said in a statement. European police force, Rob Wainwright.
On May 12, “Wannacry” had affected hundreds of thousands of computers around the world, paralyzing in particular the British health services and factories of the French car manufacturer Renault.
According to Europol, Tuesday’s attack was caused by an improved version of Petya’s ransomware, which has been in circulation since 2016.
“This shows how cybercrime is evolving and, once again, reminds companies of the importance of taking responsible cybersecurity measures,” Wainwright added.
The new wave of ransomware attacks started on Tuesday in Ukraine and Russia has contaminated thousands of computers worldwide, disrupting critical and multinational infrastructures. The damage was relatively moderate and the threat seemed to be contained on Wednesday.
Loss of confidence in digital?
The multiplication of cyber attacks, similar to the one that affects the world since Tuesday, highlights to the general public the risk inherent in an increasingly connected economy.
“This is going to happen again and again because digital transformation is not taken seriously, which can have an impact on public confidence in digital,” said Dmitry Bagrov, CEO of the US DataArt for the UK.
The global cyber attack on ransomware, started Tuesday in Ukraine and Russia, however seemed contained on Wednesday but recalls the vulnerability of critical infrastructures.
As the economy gets more digitized, the opportunities for attack are increasing for cybercriminals who take advantage of a lack of adaptation of certain companies to the trouble of harmonizing systems from different eras.
At the same time, in the face of rising risk, insurers, such as Axa, are seeing “stronger demands for guarantees from companies and sectors that may have felt less concerned before the recent attacks”.
“If you look at the ransomware WannaCry (which has swept around the world in May, editor’s note), it has only concerned 400,000 computers on more than two billion machines, it is a very low percentage, bringing things to their proper perspective, “says Vincent Maret, partner and cyber security officer for KPMG.
In the opinion of the experts, no company questions its digital transition, since the subject becomes a decisive element of differentiation.
“SMEs have understood the model of digital transformation and the benefits of services available through the cloud. Overall, security is widely assured and the subjects that remain to be dealt with are not of this order “, explains Michaël Bittan, partner and responsible for cyber risk management activities at Deloitte.
Possible financial impact
The actual consequences of this cyberattack are for the time being difficult to estimate. Corporate communications on this subject are carried out with all the more precaution.
FedEX, said on Wednesday, that it did not record any customer data theft during the massive cyber attacks against multinationals, including its European subsidiary TNT Express, but does not exclude financial consequences.
“No breach in the data (of TNT customers) has taken place,” said the US logistics group, which also indicates that no other subsidiaries have been affected by this piracy.
Faced with the continued disruption Wednesday of TNT Express operations, FedEx says it has put in place measures to allow a return to normal as soon as possible.
While customers’ data seems to have been preserved, FedEx does not rule out the fact that this piracy is cutting its profits.
“We can not estimate at this time the financial impact of this disruption of services but there would be a material impact,” warns the company.
VPN Use and Data Privacy Stats for 2016
We presented a host of survey findings regarding vital internet trends in a previous article. We hope you found it useful!
Yet at our core, we want our readers up-to-date on the latest information regarding VPN use and data security. So, this article intergrates many of the most up-to-date survey findings involving these topics and more.
Data Privacy
2016 had proved to be a watershed year in terms of public focus on data privacy issues. These issues include:
Data Privacy vs National Security
In a troubling development for privacy advocates, the majority of Americans thought Apple should have unlocked the San Bernardino terrorist’s iPhone.
This reflects a general trend. Americans are currently worried their government isn’t doing enough on the cyber front to deal with terrorism.
Rising Concerns about Businesses and Data Use
More than 95% of Americans surveyed in a recent poll said they were either somewhat concerned or very concerned about how companies use their data.
Ad Blocking Continues to Grow
Internet giants like Apple and Google contend that they collect customer data to customize ads for their users. However, the data shows internet users are growing so frustrated with ads that they are employing ad blockers in record numbers.
Summary of these Data Privacy Statistics
Taken together, these charts demonstrate the increasing need of both consumers and businesses to focus on cybersecurity even more than they already do.
This focus will be complicated, however, by an increasingly polarized political environment both in the U.S. and around the world.
After all, it’s up to governments to make and enforce data protection laws. At the same time, many of these governments are actively seeking legal means to violate data protection measures.
VPN Use
Of course, VPN use and data privacy have strong correlations. By accessing a separate server for internet use, VPNs make it much more difficult for hackers and/or 3rd parties to track online activities. The following charts examine the current state of VPN use around the globe.
Top Markets for VPN Use
Asia and the Middle East continue to dominate the VPN market.
VPN Use Frequency
The majority of people who employ a VPN do so at least once a week.
Anonymous Browsing
Anonymous browsing is a major reason for VPN use, especially in Saudi Arabia, India, and Vietnam.
Accessing Netflix
Another main driver for VPN use is access to streaming content. For example, almost 30% of all VPN users accessed Netflix in a given month.
Summary of VPN Use Stats
The market for internet privacy continues to grow, led by the same global regions as recent years. In addition, access to streaming content continues to be a major motivator for VPN users, despite the claims of Netflix that they represent a small section of its overall user base.
Cyber Crime
Cyber crimes continue to evolve. As shown in the following charts, the amount of breaches remains high and the challenges for both consumers and businesses to protect against evolving threats are manifold.
Data Breaches
The most recent numbers show a continuing trend of increased data breaches around the world.
Online Privacy Threats
According to the U.S. government, identity theft is the largest cyber crime concern in the U.S.
Cyber Crime and Number of Household Devices
The threat of cyber crimes against individual consumers increases dramatically as the number of household devices rises.
Cyber Crime Fears Create Major Online Behavior Changes
The threat of identity theft and other cyber crimes has caused almost 30% of all U.S. Internet users to avoid conducting financial transactions online at one time or another during 2015.
Cyber Crime Against Businesses and Organizations
For businesses and professional organizations, the threat of cyber crimes far out-distances their preparedness to deal with an attack. In fact, 63% of businesses do not have a fully operable incidence response plan.
The Challenges of Protecting Online Privacy
There is a myriad of reasons why data privacy protection often fails.
The Zero-Day Vulnerability
The threat of zero-day vulnerabilities has grown 125% since 2013. In this type of attack, hackers discover, launch, and exploit an attack on the same day, well ahead of any security measure even detecting a problem.
Ransomware Continues to Evolve
Recent years have seen a major shift in the way hackers launch ransomware attacks. In 2008, it was done almost exclusively by misleading apps. In 2015, however, the primary method is crypto-ransomware.
Crypto-ransomware compromises the endpoint through:
– Spam
– Direct download
– Malvertising
– Malware and botnets
Summary of Cyber Crime Stats
With threats such as zero-day vulnerabilities and ransomware attacks growing more powerful and sophisticated, consumers’ online behaviors will continue to be adversely affected. Additionally, as more households acquire more devices, the risk for successful attacks will increase.
Sources:
https://www.vpnmentor.com/blog/vpn-use-data-privacy-stats
http://www.kpcb.com/internet-trends
https://www.globalwebindex.net/blog
https://www.globalwebindex.net/blog/1-in-5-are-weekly-vpn-users/29-of-vpn-users-accessing-netflix
https://www.globalwebindex.net/blog/1-in-5-are-weekly-vpn-users
https://www.globalwebindex.net/blog/topic/vpn
https://www.globalwebindex.net/blog/15-for-15-generation-v
https://pagefair.com/blog/2015/ad-blocking-report/
http://www.druva.com/blog/the-state-of-data-privacy-in-2015-infographic/
http://www.pwc.com/gx/en/services/advisory/consulting/forensics/economic-crime-survey/cybercrime.html
http://www.pewresearch.org/fact-tank/2016/02/19/americans-feel-the-tensions-between-privacy-and-security-concerns/
http://www.people-press.org/2016/02/22/more-support-for-justice-department-than-for-apple-in-dispute-over-unlocking-iphone/
https://www.ntia.doc.gov/blog/2016/lack-trust-internet-privacy-and-security-may-deter-economic-and-other-online-activities
https://www.symantec.com/security-center/threat-report
US and Canada issue ransomware alert
A ransomware alert has been issued by the US and Canada to ensure that individuals and organizations are aware of the threat posed by this type of malicious software.
The alert, from the Department of Homeland Security (DHS) and the Canadian Cyber Incident Response Centre (CCIRC), comes on the back of what seems to be a proliferation of ransomware attacks.
They said that it is now apparent to cybercriminals that this particular approach is remarkably “profitable”, resulting in not only a general increase in the number of attacks, but also in the number of ransomware variants.
“In 2013, more destructive and lucrative ransomware variants were introduced, including Xorist, CryptorBit, and CryptoLocker,” the official statement highlighted.
“Some variants encrypt not just the files on the infected device, but also the contents of shared or networked drives.
“These variants are considered destructive because they encrypt users’ and organizations’ files, and render them useless until criminals receive a ransom.”
Both security organizations drew attention to Locky – recently analyzed by ESET’s Diego Perez – which has been especially prolific as of late.
This variant, described as “destructive”, is delivered through spam emails, which include corrupted Microsoft Office documents (as an attachment).
Once downloaded, the trojan gets to work, encrypting files without the victim at first being aware. It is only when they receive a demand for a ransom that they realise what has happened.
“Infections can be devastating to an individual or organization, and recovery can be a difficult process that may require the services of a reputable data recovery specialist,” stated the DHS and CCIRC in their alert.
In spite of this, their advice is to never pay, something that WeLiveSecurity’s editor in chief, Raphael Labaca Castro, has previously noted.
Speaking last year, the information security expert explained that in doing so, you are, in effect, “supporting cybercrime activities”. Additionally, there is no guarantee that files or devices will be decrypted.
“Remember, this is not a service, they are cybercriminals,” he went on to say. “[And] even if you pay, you are not going to be ‘whitelisted’ so you could get infected again so it’s not a real solution for the future either.
“Prevention is the most important tool against Ransomware, since the infection can be usually cleaned afterwards but not always the information restored.”
Android N: All the little things in Google’s latest version
N is what’s next
The second developer preview of Android N is here. At first blush, it looks a lot like Android 6.0, Android Marshmallow. But beneath that layer of familiarity, you’ll find lots of little tweaks and improvements to Google’s mobile operating system. It’s early going for Android N, and a lot may change between now and the final release, but let’s dig in and take a look at some of what this new OS has to offer.

Android N: Name TBD
So far, Google isn’t dropping any hints of what tasty moniker it’ll ultimately attach to Android N, or what version number it’ll receive. The final Easter Egg is also still in the works, but if you really want, you can view the placeholder N Easter Egg: Go to Settings > About phone, then tap the Android version repeatedly until a stylized “N” logo appears. Press the N icon repeatedly, and a game of Flappy Android will eventually appear, but it’s the same one that’s in Android Marshmallow.

New homescreen folder icons
It’s a little thing, but the homescreen folder icons got a minor visual refresh in Android N Preview 2, with app icons appearing in a grid instead of the stack-of-icons look in Marshmallow. The change is purely cosmetic, though—folders act the same as they did before.

Notifications get an overhaul
The first big change you’ll likely notice about Android N is its redesigned notifications. They look more streamlined, but they actually provide more details, such as the name of the app a notification belongs to. Tap the downward pointing arrow to view a preview or more details (where supported), or tap and hold a notification to adjust how notifications for that app will appear.

Set a different photo for the lock screen
Change it up a little! With Android N Preview 2, you can now set two different background photos for your home screen and lock screen. For example, you can now have a photo of your cat on your home screen and one of your dog on your lock screen. Go to Settings > Display > Wallpaper, pick your new wallpaper, then tap Set wallpaper as you normally would, then select where you’d like to use that image.

Even quicker Quick Settings
On Android Marshmallow, you had to swipe down from the top twice to get to the Quick Settings drawer (once to open the Notifications drawer, the second time to get Quick Settings to slide down). The Quick Settings drawer is still there in Android N, but you can now get to a handful of important settings from the Notifications drawer itself. One swipe gets you access to battery information, Do Not Disturb, the flashlight feature, and Wi-Fi settings, to name a few. You can choose which five settings go here by re-ordering the Quick Settings—the first five appear here.

New Wi-Fi network picker
A new, more straightforward Wi-Fi network picker lets you switch Wi-Fi on and off or connect to a network quickly and easily without jumping into the Settings app. Open the Quick Settings drawer then tap the Wi-Fi button to pull it up.

battery saver switch
You can now turn on Battery Saver mode at any time from the Notifications/Quick Settings drawer: Slide down the Notifications drawer, tap the battery icon, then toggle Battery Saver to the On position. You’ll even get a handy chart that shows how quickly you’re draining your battery.

Editable Quick Settings
Android Marshmallow has a hidden feature that lets you edit or rearrange the Quick Settings drawer, but Android N turns this on by default. Simply slide open the Quick Settings drawer, then tap Edit. You can rearrange, add, and remove tiles as you please, simply by dragging them around.

Multiple pages in the quick settings drawer
At first glance, the full quick settings drawer appears mostly unchanged in Android N, but you can now add multiple pages of quick settings icons—useful in case you just want quick access to as many settings as possible.

Quick access to the calculator
You can now figure out how much to tip your waiter more quickly and easily than before. An optional Quick Settings tile now lets you pop open the Calculator app from just about anywhere on your phone.
Open the camera app from anywhere
Here’s a handy tip spotted by Android Police : You can open the camera app simply by tapping and holding the Flashlight button in the Quick Settings drawer. Hold it for a second or two, and release your finger once the Camera app opens. A dedicated Camera button would be ideal, but this tap-and-hold trick is the next best thing.

The app drawer lives on
Some time back, the Internet worked itself into a tizzy over buzz that the app drawer may disappear in Android N. We’re pleased to report that the app drawer is alive and well in the Android N preview. (It looks ever so slightly different in Preview 2, but it works the same as it does in Marshmallow.) Whether it appears in the final release of Android N is anyone’s guess, but for now, it’s still there.

Close all recent apps
Is your app switcher getting a little overcrowded? In Android N Preview 2, you can now close all recently used apps with just a tap. Tap the Recent apps button (the square button at the bottom of the screen), scroll all the way to the top, then tap Clear all.

No recent apps
If you have no recent apps to display, Android N Preview 2 will now tell you as much with an icon and message.

Rejiggered Settings app
The main screen in the Settings app gets an update in Android N. The top of this screen will now provide useful status information about your device (for example, it’ll tell you if you have Do Not Disturb or Battery Saver turned on), and it’ll suggest settings for you to tweak.

Jump around the Settings app
A new “hamburger” menu lets you switch to any section in the Settings app without returning to the main screen first. It won’t necessarily save you a tap, but it might feel that way.

System UI Tuner brings a new batch of tricks
Like Marshmallow before it, Android N includes hidden System UI Tuner options in the Settings app, which lets you toggle a handful of experimental features that aren’t quite ready for public consumption. To turn it on, open the Quick Settings drawer, then tap and hold the gear icon until the icon spins and your phone vibrates. System UI Tuner tools live at Settings > System UI Tuner.

Night mode saves your eyes
Research suggests that exposure to blue light—like the light emitted from computer and phone screens—too close to bedtime can disrupt your sleep patterns, which in turn can lead to a whole host of health problems. But a hidden, experimental Night mode gives your screen a reddish hue, potentially mitigating the effects of this blue light on the body. You can set your phone to switch on night mode automatically, and you can even choose to use a dark theme instead of Android N’s standard black-text-on-white look. Go to Settings > System UI Tuner > Color and appearance > Night mode to give it a try.

Turn on Night Mode from anywhere
Though Android N’s night mode is very experimental in Preview 2, you can now add a Night Mode toggle to the quick settings drawer. Only time will tell if Night Mode makes it into the final build of Android N.

Calibrate your screen
A new, experimental feature lets you adjust your screen’s color balance and white point—useful if you want to manually tweak your screen’s settings so it always looks its best. Go to Settings > System UI Tuner > Color and appearance > Calibrate display, then adjust the red, green, and blue (RGB) sliders as you please. Unfortunately, your screen may not reflect your changes as you make them, so you’ll have to go through a process of trial and error to get things the way you want them.

Tweak the status bar
Another System UI Tuner goodie lets you choose which icons—like the battery or Wi-Fi indicators—appear in the status bar.You can also choose to view more (or less) battery status information, or include seconds on the clock. Try it at Settings > System UI Tuner > Status bar.

Split-screen view lets you use two apps at once
Many smartphones have massive screens, and what better way to take advantage of all that space than to view two apps at once? A new split-screen view in Android N lets you do just that without relying on a phone maker’s custom interface. Go to the app switcher, tap and hold an app’s “card” for a moment, then drag it to either the top or bottom of the screen. Next, tap the second app you want to view in this two-up view. You can drag the divider around to resize each app’s usable space, too. To revert to one-up view, simply drag the divider off the bottom of the screen.

Drag and drop text between split-screen apps
You can also drag and drop text between apps when using the split-screen view in lieu of copying and pasting. Simply select the text you want to copy to the other app, then drag it over to the other app with your finger. You need to use your phone in landscape view to get this to work; otherwise, the keyboard can get in the way. According to Android Police, drag-and-drop image support is baked in, but developers will have to update their apps to take advantage of it.

Press button, switch to split-screen view
Here’s another method to switch to split-screen mode: While you’re in an app other than the home screen, press and hold the Recent apps button for a couple seconds. Next, pick the second app you want to use in split-screen mode.

Chinese national from B.C. pleads guilty to hacking conspiracy
A former Metro Vancouver resident has pleaded guilty in California to hacking into the computer networks of major U.S. defence contractors and sending stolen military data to China.
Chinese citizen Su Bin, who is also known as Stephen Su and Stephen Subin, was arrested on the U.S. charges in Richmond two years ago and launched an unsuccessful B.C. Supreme Court battle against his extradition.
U.S. officials announced Wednesday that Bin, 50, appeared in a Los Angeles courtroom after a plea agreement had been reached.
When he is sentenced in July, he could face five years in prison and a $250,000 U.S. fine.
In the agreement, Bin admitted to conspiring with two people in China from October 2008 to March 2014 to gain unauthorized access to protected computer networks in the U.S., including computers belonging to the Boeing Company in Orange County, California.
Bin was able “to obtain sensitive military information and to export that information illegally from the United States to China,” the agreement states.
Some of the stolen information related to military technical data, including data relating to the C-17 strategic transport aircraft and certain fighter jets produced for the U.S. military.
“Protecting our national security is the highest priority of the U.S. Attorney’s Office, and cybercrime represents one of the most serious threats to our national security,” U.S. Attorney Eileen Decker said after Bin’s plea. “The innovative and tireless work of the prosecutors and investigators in this case is a testament to our collective commitment to protecting our nation’s security from all threats.”
She said the guilty plea demonstrates “that these criminals can be held accountable no matter where they are located in the world and that we are deeply committed to protecting our sensitive data in order to keep our nation safe.”
Bin admitted that he would email his co-conspirators with targets he wanted them to hack. The China-based hackers then sent him detailed file listings they had accessed during the hacks so Bin could pick which files and folders he wanted stolen.
Once Bin had the stolen files, he translated some of them into Chinese.
U.S. authorities said that Bin and his accomplices also wrote reports about “the information and technology they had acquired by their hacking activities, including its value, to the final beneficiaries of their hacking activities.”
Bin’s plea agreement says that he and partners “intentionally stole included data listed on the United States Munitions List contained in the International Traffic in Arms Regulations.”
And Bin also admitted that he engaged in the crime for money and specifically sought to profit from selling the data the he and his conspirators illegally acquired.
Assistant Attorney General John Carlin said Bin “admitted to playing an important role in a conspiracy, originating in China, to illegally access sensitive military data, including data relating to military aircraft that are indispensable in keeping our military personnel safe.”
He said his division “remains sharply focused on disrupting cyber threats to the national security, and we will continue to be relentless in our pursuit of those who seek to undermine our security.”
Bin is the owner and manager of Lode-Tech, a Chinese-based company focused on aviation technology with an office in Canada.
At the time of his arrest in June 2014, Bin had permanent resident’s status in Canada. He told a B.C. judge that he owned a Vancouver home then worth $1.8 million and said both his children were born in Canada.
Throughout his court appearances in B.C., his wife and Chinese government officials sat in the public gallery.
Who Gets to Define the Terms of Hacking?
But about two-thirds of the way through the speech, Donilon broke new diplomatic ground. After listing a couple of “challenges” facing U.S.-China relations, he said, “Another such issue is cybersecurity,” adding that Chinese aggression in this realm had “moved to the forefront of our agenda.”
American corporations, he went on, were increasingly concerned “about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber-intrusions emanating from China on an unprecedented scale.”
Then Donilon raised the stakes higher. “From the president on down,” he said, “this has become a key point of concern and discussion with China at all levels of our governments. And it will continue to be. The United States will do all it must to protect our national networks, critical infrastructure, and our valuable public and private-sector property.”
The first demand was a borderline threat: Change your ways or risk a rupture of our relations. The second was an attempt to give Chinese leaders a face-saving way out, an opportunity for them to blame the hacking on hooligans and “take serious steps” to halt it.
In fact, Donilon and every other official with a high-level security clearance knew that the culprit in these intrusions was no gang of freelance hackers, but rather the Chinese government itself—specifically, the Second Bureau of the Third Department of the People’s Liberation Army’s General Staff, also known as PLA Unit 61398, which was headquartered in a white, 12-story office building on the outskirts of Shanghai.
Since the start of his presidency, Obama had raised the issue repeatedly but quietly—in part to protect intelligence sources and methods, in part because he wanted to improve relations with China and figured a confrontation over cyber theft would impede those efforts. His diplomats brought it up, as a side issue, at every one of their annual Asian-American “strategic and economic dialogue” sessions. On none of those occasions did the Chinese delegates bite. To the extent they replied at all, they agreed that the international community must put a stop to this banditry; if an American diplomat brought up China’s own involvement in hacking, they waved off the accusation.
On February 18, a few weeks before Donilon’s speech, Mandiant, a leading computer-security firm with headquarters in Alexandria, Virginia, published a 60-page report identifying PLA Unit 61398 as one of the world’s most prodigious cyber hackers. Over the previous seven years, the report stated, the Shanghai hackers had been responsible for at least 141 successful cyber intrusions in 20 major industrial sectors, including defense contractors, waterworks, oil and gas pipelines, and other critical infrastructures. On average, these hackers lingered inside a targeted network for a full year—in one case, for four years and 10 months— before they were detected. During one particularly unimpeded operation, they filched 6.5 terabytes of data from a single company in a 10-month period. The company also shared an advance copy of the report with The New York Times, which ran a long front-page story summarizing its contents.
In fact, however, the Chinese had been hacking, with growing profligacy, for more than a decade. A senior U.S. intelligence official had once muttered at an NSC meeting that at least the Russians tried to keep their cyber activity secret; the Chinese just did it everywhere, out in the open, as if they didn’t care whether anyone noticed.
As early as 2001, in an operation that American intelligence agencies dubbed Titan Rain, China’s cyber-warriors hacked into the networks of several Western military commands, government agencies, defense corporations, and research labs, using techniques reminiscent of the Russians’ Moonlight Maze operation.
Around the same time, the Third Department of the PLA’s General Staff, which later created Unit 61398, adopted a new doctrine that it called “information confrontation.” Departments of “information-security research” were set up in more than 50 Chinese universities. By the end of the decade, the Chinese army had begun extensively training its soldiers in hacking techniques; one training scenario had the PLA hacking into U.S. Navy and Air Force command-control networks in an attempt to impede their response to an occupation of Taiwan. The United States military had been conducting similar exercises for years, under the rubric ‘Information Warfare.’ The Chinese were now following suit.
By 2006, various cyber bureaus of the Chinese military were hacking into a vast range of enterprises worldwide. The campaign began with a series of raids on defense contractors, notably a massive hack of Lockheed Martin, where China stole tens of millions of documents on the company’s F-35 Joint Strike Fighter aircraft. None of the files were classified, but they contained data and blueprints on cockpit design, maintenance procedures, stealth technology, and other matters that could help the Chinese counter the plane in battle or build their own F-35 knockoff (which they eventually did).
In April 2007, Rattray summoned several executives from the largest U.S. defense contractors and informed them that they were living in a new world. The intelligence estimates that pinned the cyber attacks on China were highly classified, so for one of his briefing slides, Rattray coined a term to describe the hacker’s actions: “APT,” for advanced persistent threat. (The term caught on; six years later, Kevin Mandia, the CEO of Mandiant, titled his report APT1.)
The typical Chinese hack started off with a spear-phishing email to the target company’s employees. If just one employee clicked the email’s attachment, the computer would download a webpage crammed with malware, including a “Remote Access Trojan,” known in the trade as a RAT. The RAT opened a door, allowing the intruder to roam the network, acquire the privileges of a systems administrator, and extract all the data he wanted.
They did this with economic enterprises of all kinds: banks, oil and gas pipelines, waterworks, health-care data managers—sometimes to steal secrets, sometimes to steal money, sometimes for motives that couldn’t be ascertained.
McAfee, the anti-virus firm that discovered and tracked the Chinese hacking operation, called it Operation Shady RAT. Over a five-year period ending in 2011, when McAfee briefed the White House and Congress on its findings, Shady RAT stole data from more than 70 entities—government agencies and private firms—in 14 countries. The affected nations included the United States, Canada, several nations in Europe, and more in Asia, including many targets in Taiwan—but, tellingly, none in the People’s Republic of China.
This was the setting that forced Obama’s hand. After another Asia security summit, where his diplomats once again raised the issue and the Chinese once again denied involvement, he told Donilon to deliver a speech that brought the issue out in the open. The Mandiant report—which had been published three weeks earlier—upped the pressure and accelerated the timetable, but the dynamics were already in motion.
One passage in Donilon’s speech worried some mid-level officials, especially in the Pentagon. Characterizing cyber offensive raids as a violation of universal principles, even as something close to a cause for war, Donilon declared, “The international community cannot afford to tolerate any such activity from any country.”
The Pentagon officials scratched their heads: “any such activity from any country?” The United States engaged in this activity, too, and everyone knew it.
The targets were different, though: American intelligence agencies weren’t stealing foreign companies’ trade secrets or blueprints, much less their cash. In NSC meetings on the topic, White House aides argued that this distinction was important: Espionage for national security was an ancient, acceptable practice, but if the Chinese wanted to join the international economy, they had to respect the rights of property, including intellectual property.
Even if the White House aides had a point (and the Pentagon officials granted that they did), wasn’t the administration flirting with danger by going public with this criticism? Wouldn’t it be too easy for the Chinese to release their own records, revealing that the U.S. was hacking them, too, and thus accuse the Americans of hypocrisy? Part of what the U.S. was doing was defensive: penetrating Chinese networks in order to follow the Chinese hacking into U.S. systems. On a few occasions, the manufacturing secrets that the Chinese stole weren’t real secrets at all; they were phony blueprints that the NSA had planted on certain sites.
But, to some extent, these cyber operations were offensive in nature: The United States was penetrating Chinese networks to prepare for battle, to exploit weaknesses and exert leverage, just as the Chinese were doing—just as every major power had always done in various realms of warfare.
In May, Donilon flew to Beijing to make arrangements for a summit between President Obama and his Chinese counterpart, Xi Jinping. Donilon made it clear that cyber would be on the agenda and that, if necessary, Obama would let Xi in on just how much U.S. intelligence knew about Chinese practices. The summit was scheduled to take place in Rancho Mirage, California, at the estate of the late media tycoon Walter Annenberg, on Friday and Saturday, June 7 and 8, 2013.
On June 6, The Washington Post and The Guardian reported, in huge front-page stories, that in a highly classified program known as PRISM, the NSA and Britain’s GCHQ had long been mining data from nine Internet companies, usually under secret court orders—and that, through this and other programs, the NSA was collecting telephone records of millions of American citizens. These were the first of many stories, published over the next several months by the Guardian, thePost, Der Spiegel, and eventually others, based on a massive trove of beyond-top-secret documents that the NSA systems administrator Edward Snowden had swiped off his computer.
The timing of the leak, coming on the eve of the Obama-Xi summit, was almost certainly happenstance—Snowden had been in touch with the reporters for months—but the effect was devastating. Obama brought up Chinese cyber theft; Xi took out a copy of the Guardian. From that point on, the Chinese retort to all American accusations on the subject shifted from “We don’t do hacking” to “You do it a lot more than we do.”
Exclusive: Chinese hackers behind U.S. ransomware attacks – security firms
Hackers using tactics and tools previously associated with Chinese government-supported computer network intrusions have joined the booming cyber crime industry of ransomware, four security firms that investigated attacks on U.S. companies said.
Ransomware, which involves encrypting a target’s computer files and then demanding payment to unlock them, has generally been considered the domain of run-of-the-mill cyber criminals.
But executives of the security firms have seen a level of sophistication in at least a half dozen cases over the last three months akin to those used in state-sponsored attacks, including techniques to gain entry and move around the networks, as well as the software used to manage intrusions.
“It is obviously a group of skilled of operators that have some amount of experience conducting intrusions,” said Phil Burdette, who heads an incident response team at Dell SecureWorks.
Burdette said his team was called in on three cases in as many months where hackers spread ransomware after exploiting known vulnerabilities in application servers. From there, the hackers tricked more than 100 computers in each of the companies into installing the malicious programs.
The victims included a transportation company and a technology firm that had 30 percent of its machines captured.
Security firms Attack Research, InGuardians and G-C Partners, said they had separately investigated three other similar ransomware attacks since December.
Although they cannot be positive, the companies concluded that all were the work of a known advanced threat group from China, Attack Research Chief Executive Val Smith told Reuters.
The ransomware attacks have not previously been reported. None of the companies that were victims of the hackers agreed to be identified publicly.
Asked about the allegations, China’s Foreign Ministry said on Tuesday that if they were made with a “serious attitude” and reliable proof, China would treat the matter seriously.
But ministry spokesman Lu Kang said China did not have time to respond to what he called “rumors and speculation” about the country’s online activities.
The security companies investigating the advanced ransomware intrusions have various theories about what is behind them, but they do not have proof and they have not come to any firm conclusions.
Most of the theories flow from the possibility that the Chinese government has reduced its support for economic espionage, which it pledged to oppose in an agreement with the United States late last year. Some U.S. companies have reported a decline in Chinese hacking since the agreement.
Smith said some government hackers or contractors could be out of work or with reduced work and looking to supplement their income via ransomware.
It is also possible, Burdette said, that companies which had been penetrated for trade secrets or other reasons in the past were now being abandoned as China backs away, and that spies or their associates were taking as much as they could on the way out. In one of Dell’s cases, the means of access by the team spreading ransomware was established in 2013.
The cyber security experts could not completely rule out more prosaic explanations, such as the possibility that ordinary criminals had improved their skills and bought tools previously used only by governments.
Dell said that some of the malicious software had been associated by other security firms with a group dubbed Codoso, which has a record of years of attacks of interest to the Chinese government, including those on U.S. defense companies and sites that draw Chinese minorities.
PAYMENT IN BITCOIN
Ransomware has been around for years, spread by some of the same people that previously installed fake antivirus programs on home computers and badgered the victims into paying to remove imaginary threats.
In the past two years, better encryption techniques have often made it impossible for victims to regain access to their files without cooperation from the hackers. Many ransomware payments are made in the virtual currency Bitcoin and remain secret, but institutions including a Los Angeles hospital have gone public about ransomware attacks.
Ransomware operators generally set modest prices that many victims are willing to pay, and they usually do decrypt the files, which ensures that victims will post positively online about the transaction, making the next victims who research their predicament more willing to pay.
Security software companies have warned that because the aggregate payoffs for ransomware gangs are increasing, more criminals will shift to it from credit card theft and other complicated scams.
The involvement of more sophisticated hackers also promises to intensify the threat.
InGuardians CEO Jimmy Alderson said one of the cases his company investigated appeared to have been launched with online credentials stolen six months earlier in a suspected espionage hack of the sort typically called an Advanced Persistent Threat, or APT.
“The tactics of getting access to these networks are APT tactics, but instead of going further in to sit and listen stealthily, they are used for smash-and-grab,” Alderson said.
(Reporting by Joseph Menn in San Francisco; Additional reporting by Megha Rajagopalan in BEIJING; Editing by Jonathan Weber and Clarence Fernandez)
Quantum computing: Game changer or security threat?
Superfast quantum computers could transform the world of finance, advocates say.
In a world where how fast you can assimilate and analyse data, then act on it, makes the difference between profit and loss, computing speed is key.
This is why banks, insurance firms and hedge funds invest millions on technology to give them an edge when trading and to offset human error.
Quantum computers, that owe more to quantum mechanics than electronics, promise to be exponentially more powerful than traditional computers, holding out the tantalising prospect of near-perfect trading strategies and highly accurate forecasting and risk assessments.
“Financial services is a data-rich environment,” says Kevin Hanley, director of design at the Royal Bank of Scotland (RBS). “Time is money and the ability to process data fast could have a huge potential benefit for our customers.”
Quantum computing in a nutshell

Classical computing relies on binary digits or bits – ones and zeros representing on/off, true/false states.
Quantum computing, on the other hand, features qubits, which can be both 0 or 1 at the same time – a state known as superposition. It all goes back to Schrodinger’s cat, but that’s another story….
Subatomic particles such as electrons, photons or ions can be made to behave in this mysterious way.
And because of this flexibility, qubits can do a lot more – a quantum computer could theoretically carry out trillions of calculations per second.
But these computers aren’t easy to build or operate. Quantum processors from one of the leading manufacturers in this field – D-Wave – need to be cooled to just above absolute zero (-273.15C). They also need to be free from any electromagnetic interference.
This makes them bulky and costly; D-Wave’s computers cost about $10m-15m.
Ironically they’re also a bit limited in the kinds of calculations they can currently do, and many observers are still sceptical about how fast they really are.
So it’s fair to say we’re still at the very early stages of quantum computing.
Goldman Sachs, RBS, Guggenheim Partners and Commonwealth Bank of Australia have all invested in quantum computing, with the aim of stealing a march on their competitors.
“This is interesting to the financial world because if you can find an algorithmic advantage to solve a problem, that can give you a great competitive advantage,” says Colin Williams, director of business development for D-Wave.

Other tech companies, such as Cambridge Quantum Computing, QxBranch andRigetti, are also rushing to develop the hardware and software needed to make quantum computing a reality.
Longer-term visibility
Quantum computers could solve problems in a day that would take classical computers thousands of years to solve.
So in the world of investment, they could consider millions of different global investment scenarios and calculate which ones have the best chance of success over the long-term.
“We can build an optimal portfolio today, but tomorrow it won’t be optimal and needs to be rebalanced, which is expensive,” says Marcos Lopez de Prado, a senior managing director at Guggenheim Partners.

Quantum computers could, in theory, give investment firms much better visibility over the longer-term to make more accurate predictions and reduce this need to tinker with their portfolios, saving costs and possibly boosting profits.
“If you can predict the US dollar/Swiss franc exchange rate a tenth of a cent more reliably, then the value isn’t in the computer, it’s in the cost saving,” says Mr Williams.
Better forecasting could also reduce the prevalence of high-frequency trading, which has been accused of creating market volatility.
High-frequency traders have also been blamed for raising the costs of trading for ordinary investors by swooping into purchases nanoseconds before an interested party and reselling the stocks at a higher price.
Not so fast
So how soon will quantum computers be readily available?
D-Wave’s Mr Williams reckons businesses will have access to quantum computing functionality by 2018, whereas RBS’s Mr Hanley thinks it will be “five to 10 years before quantum computing comes of age”.
But this isn’t stopping financial institutions getting excited.
Blu Putnam, chief economist for the CME group – a US-based derivatives market – says quantum computing has led to a “mind-set change” where financial services “now seek out the nearly impossible to solve problems” in asset and risk management.

Before then, there is a lot of preparation to do.
Quantum computers can’t be interrogated in the same way as traditional computers. The algorithms – sets of complex mathematical rules – used for classical computing need to be reworked to fit into the quantum system.
And finding and training computer scientists to understand and use these systems effectively is another big challenge for the financial services industry.
But Mr Hanley says: “Rather than observe these changes from a distance or be last in the queue, I’d rather be at the front and have a seat at the board.”
Cracking the code
Quantum computing may offer potential benefits to the financial services industry, but it also poses risks.
Banks rely on encryption to keep their transactions and customer data secure. This involves scrambling and unscrambling data using keys made of very large numbers – tens, if not hundreds, of digits long.
A hacker would have to find the right key by trial and error and test it in order to unlock the data – a process that could take hundreds of years even with the most powerful of today’s supercomputers.

But quantum computers could crack the code with relative ease, potentially undermining the security of the entire global financial services industry.
Such a possibility leads Mr Lopez de Prado to fear that governments might outlaw quantum computers entirely.
“Governments could say they should be banned because otherwise there would be no secrets, but they can’t be un-invented.
“We need a new mathematical breakthrough that creates an unbreakable encryption,” he says.
Cryptographers are busy working on new algorithms to block attacks from future quantum computers and many believe this will be possible.
But the industry needs this breakthrough fast. The processing power of quantum computing is growing with each generation.
Latest report on Wi-Fi device market: global industry size, demand, trends and 2021 forecast published by leading research firm
The Global Wi-Fi Device Industry Research Report includes companies engaged in manufacturing, capacity, production, price, cost, revenue and contact information.
The report provides key statistics on the market status of the Wi-Fi Device manufacturers and is a valuable source of guidance and direction for companies and individuals interested in the industry.
Complete report on Wi-Fi Device market spreads across 158 pages profiling 10 companies and supported with 272 tables and figures @http://www.deepresearchreports.com/contacts/inquiry.php?name=175783 .
The Global Wi-Fi Device Industry provides a basic overview of the industry including definitions, classifications, applications and industry chain structure. The Wi-Fi Device market analysis is provided for the international markets including development trends, competitive landscape analysis, and key regions development status.
Development policies and plans are discussed as well as manufacturing processes and cost structures are also analyzed. This report also states import/export consumption, supply and demand Figures, cost, price, revenue and gross margins.
Key Companies Analysis: – ERICSSON, APTILO NETWORKS, AEROHIVE, NETGEAR, CISCO SYSTEMS, ALCATEL-LUCENT, UBIQUITI NETWORKS, JUNIPER NETWOKRS, RUCKUS WIRELESS and ARUBA NETWORKS profiles overview.
The Global Wi-Fi Device Industry focuses on global major leading industry players providing information such as company profiles, product picture and specification, capacity, production, price, cost, revenue and contact information.
Upstream raw materials and equipment and downstream demand analysis is also carried out.
The Wi-Fi Device industry development trends and marketing channels are analyzed. Finally the feasibility of new investment projects are assessed and overall research conclusions offered.
With the tables and figures the report provides key statistics on the state of the industry and is a valuable source of guidance and direction for companies and individuals interested in the market.
Download this Report @http://www.deepresearchreports.com/contacts/purchase.php?name=175783 .
Major Points Covered in Table of Contents:
1 Industry Overview
2 Manufacturing Cost Structure Analysis of Wi-Fi Device
3 Technical Data and Manufacturing Plants Analysis
4 Production Analysis of Wi-Fi Device by Regions, Technology, and Applications
5 Sales and Revenue Analysis of Wi-Fi Device by Regions
6 Analyses of Wi-Fi Device Production, Supply, Sales and Market Status 2010-2016
7 Analysis of Wi-Fi Device industry Key Manufacturers
8 Price and Gross Margin Analysis
9 Marketing Traders or Distributor Analysis of Wi-Fi Device
10 Development Trend of Wi-Fi Device industry2016-2021
11 Industry Chain Suppliers of Wi-Fi Device with Contact Information
12 New Project Investment Feasibility Analysis of Wi-Fi Device
13 Conclusion of the Global Wi-Fi Device industry 2016 Market Research Report
- 1
- 2
- 3
- 4
- Next Page »