Espionage | Breaking Cybersecurity News | The Hacker News

The United States has filed criminal charges against Chinese military officials for hacking and cyber espionage against several American companies. This case is first of its own kind in which the prosecutors have formally accused members of a foreign government with economic espionage charges. Attorney General Eric Holder and FBI are expected to reveal the new indictment later this afternoon, in which five officials of China's People's Liberation Army will be named, who are believed to be the current members of Beijing's military establishment. Accused chinese officials allegedly worked for the People's Liberation Army and have spied on U.S companies and stolen trade secrets. The alleged hackers are said to work for the PLA's Unit 61398 in Shanghai. Among the trade secrets, they are also accused for stealing information about a nuclear power plant design and a solar panel company's cost and pricing data, " They used military and intelligence faci...

The Iranian hacking group, which calls itself the " Ajax Security Team ", was quite famous from last few years for websites defacement attacks , and then suddenly they went into dark since past few months. But that doesn't mean that the group was inactive, rather defacing the websites, the group was planning something bigger. The Group of hackers at Ajax Security Team last defaced a website in December 2013 and after that it transitioned to sophisticated malware-based espionage campaigns in order to target U.S. defense organizations and Iranian dissidents, according to the report released by FireEye researchers. " The transition from patriotic hacking to cyber espionage is not an uncommon phenomenon. It typically follows an increasing politicization within the hacking community, particularly around geopolitical events ," researchers Nart Villeneuve, Ned Moran, Thoufique Haq and Mike Scott wrote in the report. " This is followed by increasing links between the hacking ...

The United States charged two men for their involvement in a conspiracy to hack into the computer systems of dozens of government and commercial organizations, including the U.S. Navy and National Geospatial-Intelligence Agency (NGA), according to the U.S. Attorney's Office in Tulsa. On Monday, the U.S. Department of Justice announced that the 27 year old Virginia man, Nicholas Knight , who served as systems administrator in the nuclear reactor department of an aircraft carrier, was one of two individuals charged with one count of conspiring to hack the computer systems of about 30 public and private organizations, while he was active in his duty as a Navy member. Along with Knight, a 20 year old Illinois man, Daniel Krueger, who was a student at an Illinois community college where he studied network administration, was also charged with the conspiracy count for his participation to hack into the computer servers as part of a plan to steal identities, obstruct justice,...

Sooner or later it had to Happen! After whistle-blower Edward Snowden unfolded various spying operations that were controlled by the US Intelligence agency, it gave a reason to all other countries to start their own Counter-Surveillance programs. Last year in October, it was revealed that the National Security Agency ( NSA ) was eavesdropping the mobile communications of German Chancellor  Angela Merkel's  and  Gerhard Schroder's   from many years. Snowden documents detailed about a so-called  National Sigint Requirement List , a list of people and Institutions named as primary targets for the U.S. Intelligence Agency; whose telephone communications should be monitored. After Suffering from spying on them, Germany has finally decided to give a ' Roland for their Oliver ' and planning to resume active Counter Espionage Operations against both the US and several Western associate countries. " This step would be an about-face from the dec...

NSS Labs issued the report titled " The Known Unknowns " to explain the dynamics behind the market of zero-day exploits. Last week I discussed about the necessity to define a model for " cyber conflict " to qualify the principal issues related to the use of cyber tools and cyber weapons in an Information Warfare context, today I decided to give more info to the readers on cyber arsenals of governments. Governments consider the use of cyber weapons as a coadiuvant to conventional weapons, these malicious application could be used for sabotage or for cyber espionage, they could be used to hit a specifically designed software (e.g. SCADA within a critical infrastructure ) or they could be used for large scale operations infecting thousand of machines exploiting zero-day in common application ( e.g. Java platform, Adobe software ). The zero-day flaw are the most important component for the design of an efficient cyber weapon, governments have recently created dedic...

A notorious Chinese hacker collective known as APT1 or Comment Crew, possibly linked to the Chinese Army, have been caught red handed breaking into a fake United States water control system i.e. known as a Honeypot . Kyle Wilhoit, a researcher with security company Trend Micro has just revealed the details at BlackHat Conference on Wednesday.  Hackers hacked a water control system for a US municipality back in December last year, but it was merely a decoy set up by Kyle Wilhoit using a Word document hiding malicious software to gain full access.  The honeypots directly mimicked the ICS/Scada devices used in many critical infrastructure power and water plants. Cloud software was used to create realistic Web-based login and configuration screens for local water plants seemingly based in Ireland, Russia, Singapore, China, Japan, Australia, Brazil, and the U.S. Researchers have been tracked back to the APT1 Group, which security company Mandiant has claime...

Edward Snowden , the former U.S. The intelligence contractor wanted for revealing the National Security Agency 's secret program to collect American phone and internet records, left at Moscow airport after Russian authorities granted him temporary asylum for one year. Mr Snowden's lawyer Anatoly Kucherena said, " Snowden has left the Sheremetyevo airport. He has just been given a certificate that he has been awarded temporary asylum in Russia for one year ," " Edward Snowden was granted temporary asylum in Russia for a year and has now left Moscow airport under the care of Wikileaks' Sarah Harrison ," Wikileaks tweeted. He had gone to a secure location which would remain secret. " His location is not being made public for security reasons since he is the most pursued man on the planet. He himself will decide where he will go ," In a statement released by WikiLeaks , Snowden thanked Russia for giving him asylum and critici...

The US isn't the only western country with an Digital eye i.e PRISM like  surveillance program , designed to monitor internet and phone communications . French is leading member at European Parliament and they voted to launch an in-depth inquiry against the US's based PRISM surveillance project. The fact that the French DGSE is itself engaged in similar program should make for some awkward proceedings as that inquiry gets underway. France's General Directorate for External Security has a PRISM like system that intercept and processes the metadata for billions and billions of communications, including internet messaging, phone calls , SMS and even faxes. The one difference being that PRISM was used to spy on international targets whereas the DGSE were only keeping a watch on the French. According to French newspaper, Le Monde - program goal is ostensibly to track the behavior of terrorist cells, but the Directorate allegedly shares the anonymized i...

Ask an expert on cyber espionage and he for sure he will speak of China, the most active and advanced country in this sector, this time a clamorous campaign apparently originated from Korea has been discovered. Security company FireEye collected evidences of a cyber espionage campaign, named " Sanny ", attributable to Korea. FireEye hasn't revealed the real origin of the offensive, it's a mystery which Korea is responsible between North or South Korea, but it confirmed that 80% of victims are Russian organizations and companies belonging to space research industry, information, education and telecommunication. According Ali Islam, security researcher at FireEye declared " Though we don't have full concrete evidence, we have identified many indicators leading to Korea as a possible origin of attack."   The following are the indicators we have so far: 1. The SMTP mail server and CnC are in Korea 2. The fonts "Batang" and "KP CheongPong" used in the ...

The news is sensational, according the French magazine L'Express the offices of France's former president Sarkozy were victim of a cyber attack, but what is even more remarkable is that for the offensive was used the famous malware Flame. On the origin of the malware still persist a mystery, many security experts attribute it to joint work of Israel and US development team. Let's remind that according the analysis on Flame source code conducted by Kaspersky the malware is linked to Stuxnet, a version of the famous virus shared a module with the spy toolkit. Frame is considered one of the most complex spy tool produced by a state sponsored project and its use in the attacks against French government suggests the existence of a cyber espionage campaign to collect sensible information. An official declaration coming from spokesmen of the Elysee Palace and reported by the magazine states: "Hackers have not only managed to get to the heart of French political power,...

In march 2011 CERT-Georgia has Discovered Cyber Espionage Attack Incident on country of Georgia.  Advanced Malicious Software was Collecting Sensitive, Confidential Information about Georgian and American Security Documents and then uploading it to some of Command and Control Servers. After a challenging investigating by CERT-Georgia researchers they found that this attack was linked Russian Official Security Agencies, Moreover investigators was able to turn on the webcam of mastermind behind the malware and they caught him on camera. Hacker hack some Georgian news sites and inject " Georbot Botnet " behind that, after visiting that page most of the readers get infected and malware take control of their systems. Malware was able to send any file from the local hard drive to the remote server, Steal certificates, Record audio using the microphone and web cams,  Scan the local network to identify other hosts on the same network. Malware was...

According to a White House-ordered review , a giant Chinese technology company " Huawei " is not a state-sponsored espionage tool. Huawei Technologies, the world's second-largest supplier of telecommunications equipment. The largely classified investigation, which delved into the security risks posed by suppliers to US telecommunications network operators, found Huawei was risky for other reasons, such as having products that are vulnerable to hackers. The committee, which conducted an 11-month investigation into privately held Huawei and ZTE, found the two companies uncooperative in providing information about their respective ties with Beijing. Some questions remain unanswered. For example, it is unclear if security vulnerabilities found in Huawei equipment were placed there deliberately. It is also not clear whether any critical new intelligence emerged after the inquiry ended. " The White House has not conducted any classified inquiry that res...

Who is Julian Paul Assange? Julian Paul Assange is the lean, tall, and pale 39-year-old Australian hacker at the heart of WikiLeaks. This whistle-blowing website gained attention after revealing thousands of secret Afghan battlefield reports, making Assange a target for U.S. authorities. The Enigma of Assange and WikiLeaks Assange has become a prominent figure due to WikiLeaks, which is dedicated to obtaining and posting secret government documents from anonymous sources. Despite his heightened profile, he remains one of the most elusive figures of our time. Julian Paul Assange is an Australian journalist, publisher, and Internet activist. Best known as the spokesperson and editor-in-chief for WikiLeaks, he was a computer programmer before his involvement with the site. He has lived in several countries and occasionally speaks publicly about freedom of the press, censorship, and investigative journalism. Assange founded WikiLeaks in 2006 and serves on its advisory board. He has pu...

The recent hacking of the Central Bureau of Investigation's (CBI) website by a group called the 'Pakistani Cyber Army' has raised concerns about the security measures of servers maintained by the National Informatics Centre (NIC). The NIC is responsible for government server maintenance. While the NIC remains silent on the issue, sources in the security establishment suggest that the NIC's safety mechanisms were inadequate. Several reminders had been sent to NIC, urging them to upgrade their hardware. The CBI's official website was hacked on the night of December 3rd to 4th. The CBI has registered a case against unknown individuals in connection with the hacking. A report titled "Shadows in the Cloud" by a Canadian think-tank, comprising the "Information Warfare Monitor" and "Shadows Server," earlier this year indicated evidence of a cyber-espionage network. This network compromised government, business, and academic computer systems ...