Posts Tagged ‘hackers’

Clues in Marriott hack implicate China – sources

December 6, 2018

Hackers behind a massive breach at hotel group Marriott International Inc (MAR.O) left clues suggesting they were working for a Chinese government intelligence gathering operation, according to sources familiar with the matter.

Marriott said last week that a hack that began four years ago had exposed the records of up to 500 million customers in its Starwood hotels reservation system.

Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, said three sources who were not authorized to discuss the company’s private probe into the attack.

Image result for Marriott, signs, photos

That suggests that Chinese hackers may have been behind a campaign designed to collect information for use in Beijing’s espionage efforts and not for financial gain, two of the sources said.

While China has emerged as the lead suspect in the case, the sources cautioned it was possible somebody else was behind the hack because other parties had access to the same hacking tools, some of which have previously been posted online.

Identifying the culprit is further complicated by the fact that investigators suspect multiple hacking groups may have simultaneously been inside Starwood’s computer networks since 2014, said one of the sources.

If investigators confirm that China was behind the attack, that could complicate already tense relations between Washington and Beijing, amid an ongoing tariff dispute and U.S. accusations of Chinese espionage and the theft of trade secrets.

“China firmly opposes all forms of cyber attack and cracks down on them in accordance with law,” Chinese Ministry of Foreign Affairs spokesman Geng Shuang told Reuters.”If offered evidence, the relevant Chinese departments will carry out investigations according to law.”

Marriott spokeswoman Connie Kim declined to comment, saying “We’ve got nothing to share,” when asked about involvement of Chinese hackers.

Marriott disclosed the hack on Friday, prompting U.S. and UK regulators to quickly launch probes into the case.

Compromised customer data included names, passport numbers, addresses, phone numbers, birth dates and email addresses. A small percentage of accounts included scrambled payment card data, said Kim.

Marriott acquired Starwood in 2016 for $13.6 billion, including the Sheraton, Westin, W Hotels, St. Regis, Aloft, Le Meridien, Tribute, Four Points and Luxury Collection hotel brands, forming the world’s largest hotel operator.

The hack began in 2014, shortly after an attack on the U.S. government’s Office of Personnel Management (OPM) compromised sensitive data on tens of millions of employees, including application forms for security clearances.

White House National Security advisor John Bolton recently told reporters he believed Beijing was behind the OPM hack, a claim first made by the United States in 2015.

Beijing has strongly denied those charges and also refuted charges that it was behind other hacks.

Former senior FBI official Robert Anderson told Reuters that the Marriott case looked similar to hacks that the Chinese government was conducting in 2014 as part of its intelligence operations.

“Think of the depth of knowledge they could now have about travel habits or who happened to be in a certain city at the same time as another person,” said Anderson, who served as FBI executive assistant director until 2015.

“It fits with how the Chinese intelligence services think about things. It’s all very long range,” said Anderson, who was not involved in investigating the Marriott case and is now a principal with Chertoff Group.

Michael Sussmann, a former senior Department of Justice official for its computer crimes section, said that the long duration of the campaign was an indicator that the hackers were seeking data for intelligence and not information to use in cyber crime schemes.

“One clue pointing to a government attacker is the amount of time the intruders were working quietly inside the network,” he said. “Patience is a virtue for spies, but not for criminals trying to steal credit card numbers.”

FBI representatives could not immediately be reached for comment on the evidence linking the attack to China. A spokesperson said on Friday that the agency was looking into the attack, but declined to elaborate.

Reporting by Christopher Bing in Washington; Editing by Jim Finkle, Rosalba O’Brien and Susan Thomas

Reuters

Related:

Advertisements

Marriott Cyber Attack — Procedures previously used in attacks attributed to Chinese hackers

December 6, 2018

Hackers behind a massive breach at hotel group Marriott International Inc (MAR.O) left clues suggesting they were working for a Chinese government intelligence gathering operation, according to sources familiar with the matter.

Marriott said last week that a hack that began four years ago had exposed the records of up to 500 million customers in its Starwood hotels reservation system.

Private investigators looking into the breach have found hacking tools, techniques and procedures previously used in attacks attributed to Chinese hackers, said three sources who were not authorized to discuss the company’s private probe into the attack.

Image result for Marriott, signage, photos

That suggests that Chinese hackers may have been behind a campaign designed to collect information for use in Beijing’s espionage efforts and not for financial gain, two of the sources said.

While China has emerged as the lead suspect in the case, the sources cautioned it was possible somebody else was behind the hack because other parties had access to the same hacking tools, some of which have previously been posted online.

Identifying the culprit is further complicated by the fact that investigators suspect multiple hacking groups may have simultaneously been inside Starwood’s computer networks since 2014, said one of the sources.

The Chinese Embassy in Washington did not return requests for comment.

If investigators confirm that China was behind the attack, that could complicate already tense relations between Washington and Beijing, amid an ongoing tariff dispute and U.S. accusations of Chinese espionage and the theft of trade secrets.

Marriott spokeswoman Connie Kim declined to comment, saying “We’ve got nothing to share,” when asked about involvement of Chinese hackers.

Marriott disclosed the hack on Friday, prompting U.S. and UK regulators to quickly launch probes into the case.

Compromised customer data included names, passport numbers, addresses, phone numbers, birth dates and email addresses. A small percentage of accounts included scrambled payment card data, said Kim.

Marriott acquired Starwood in 2016 for $13.6 billion, including the Sheraton, Westin, W Hotels, St. Regis, Aloft, Le Meridien, Tribute, Four Points and Luxury Collection hotel brands, forming the world’s largest hotel operator.

The hack began in 2014, shortly after an attack on the U.S. government’s Office of Personnel Management (OPM) compromised sensitive data on tens of millions of employees, including application forms for security clearances.

White House National Security advisor John Bolton recently told reporters he believed Beijing was behind the OPM hack, a claim first made by the United States in 2015.

Beijing has strongly denied those charges and also refuted charges that it was behind other hacks.

Former senior FBI official Robert Anderson told Reuters that the Marriott case looked similar to hacks that the Chinese government was conducting in 2014 as part of its intelligence operations.

“Think of the depth of knowledge they could now have about travel habits or who happened to be in a certain city at the same time as another person,” said Anderson, who served as FBI executive assistant director until 2015.

“It fits with how the Chinese intelligence services think about things. It’s all very long range,” said Anderson, who was not involved in investigating the Marriott case and is now a principal with Chertoff Group.

Michael Sussmann, a former senior Department of Justice official for its computer crimes section, said that the long duration of the campaign was an indicator that the hackers were seeking data for intelligence and not information to use in cyber crime schemes.

“One clue pointing to a government attacker is the amount of time the intruders were working quietly inside the network,” he said. “Patience is a virtue for spies, but not for criminals trying to steal credit card numbers.”

FBI representatives could not immediately be reached for comment on the evidence linking the attack to China. A spokesperson said on Friday that the agency was looking into the attack, but declined to elaborate.

(This story corrects fifth paragraph to show that hackers were in the Starwood network since 2014. Marriott did not acquire Starwood until 2016)

Reporting by Christopher Bing in Washington; Editing by Jim Finkle and Rosalba O’Brien

Reuters

Ukraine conflict: How Trump and G-20 could stand up to Putin the bully

November 30, 2018

Much like any schoolyard bully, Russian President Vladimir Putin keeps pushing the limits as long as no one pushes back.

His most recent provocation came last weekend, when Russian military ships rammed, fired upon and seized three Ukrainian naval vessels near a shipping strait linking the Black Sea with the Sea of Azov. Six Ukrainian sailors were wounded and two dozen captured.

Editorial
USA Today

Published 6:30 a.m. ET Nov. 30, 2018

he Nikopol gunboat (L) and the Yany Kapu tugboat of the Ukrainian Navy tugged to the Kerch Seaport

For months, Moscow has effectively blockaded Ukrainian ports on the Sea of Azov to economically punish the former Soviet satellite. Putin dreams of restoring lost glory after the Soviet Union’s collapse; in 2014, he illegally seized Crimea from Ukraine and invaded the nation’s eastern frontier.

For a gambler with a relatively weak hand — Putin leads a nation with an economy smaller than that of California, Texas or New York  — he has engineered more than his share of international havoc by:

►Sending troops into Syria in 2015 to prop up a brutal dictator and help slaughter thousands of civilians in besieged Aleppo.

►Employing cyber and disinformation to influence elections and governing across Europe.

►Dispensing agents armed with a rare nerve agent to try to poison an ex-Russian spy in England.

►Perhaps most spectacularly, deploying trolls, hackers and spies to interfere in the U.S. presidential election in 2016 to the advantage of Donald Trump.

OPPOSING VIEW: Ukraine isn’t important for U.S. security

The United States has responded by sanctioning Russian individuals and companies, expelling diplomats and selling lethal weapons to Ukraine. But for reasons that special counsel Robert Mueller might some day (soon?) help Americans understand, President Donald Trump has remained oddly deferential toward Putin.

Even after the Black Sea violence, Trump equivocated, saying that “we do not like what’s happening either way.” On Thursday, he canceled a planned meeting with Putin at the Group of 20 summit this weekend in Argentina. It would have been better for Trump to use the meeting, as German Chancellor Angela Merkel intends, to press Putin to release the Ukrainian sailors and ships, and to allow freedom-of-the-seas passage for Ukrainian shipping.

More can be done without risking war.

For starters, NATO could increase the number of ships patrolling the Black Sea, and the United States could sell Ukraine anti-ship cruise missiles for its defense.

Putin covets influence over former Soviet allies Estonia, Latvia, Lithuania and Poland — all now part of NATO. The fault line lies near Russia’s Kaliningrad Province on the Baltic Sea between Lithuania and Poland. Polish President Andrzej Duda has long sought a permanent U.S. military presence, and a joint NATO base for that area that includes a U.S. armored division would send a strong message to Moscow.

Still more painful would be to ban Russian banks from the worldwide interbank transfer system known as SWIFT, one of the most severe sanctions possible.

Putin is again testing the West. Given his record of aggression, he won’t stop until and unless there’s pushback and pain.

USA TODAY’s editorial opinions are decided by its Editorial Board, separate from the news staff. Most editorials are coupled with an opposing view — a unique USA TODAY feature.

https://www.usatoday.com/story/opinion/2018/11/30/ukraine-conflict-trump-g-20-push-back-bully-putin-editorials-debates/2147851002/
To read more editorials, go to the Opinion front page or sign up for the daily Opinion email newsletter. To respond to this editorial, submit a comment to letters@usatoday.com.

Hackers breach US defense department travel records

October 13, 2018

Thousands of workers’ personal data were reportedly compromised. A US government report earlier in the week criticized the defense department for lackluster progress in securing major weapons systems from cyber attacks.

    
Washington Pentagon (Reuters/Y. Gripas)

Unidentified hackers breached travel records at the US Department of Defense, the US military said on Friday.

The department uncovered the breach on October 4, but a defense official told the Associated Press news agency that it may have occurred months earlier. The perpetrators were able to gain access to the personal and credit card data of up to 30,000 workers, he added.

Read more: UK and US accuse Russia of cyberattack that compromised global networks

The department is continuing to assess the risk of harm and will ensure notifications are made to affected personnel,” the department said in a statement. It added that it was investigating the scale of the breach and the identity of the hackers.

The announcement came days after a US government report criticized the defense department for slow progress in securing major US weapons systems from hackers.

Cyber security has become a high priority in the US military amid growing concerns about large scale hacks from China and Russia. The department has said hackers attempt to breach its systems thousands of times a day.

Read more: Germany struggles to step up cyberdefense

amp/aw (AP, Reuters)

https://www.dw.com/en/hackers-breach-us-defense-department-travel-records/a-45871523

Facebook now says data breach affected 29 million users, details impact

October 13, 2018

Cyber attackers stole data from 29 million Facebook accounts using an automated program that moved from one friend to the next, Facebook Inc. announced on Friday, as the social media company said its largest-ever data theft hit fewer than the 50 million profiles it initially reported.

.
The company said it would message affected users over the coming days to tell them what type of information had been accessed in the attack.

Facebook said it will message users over the coming days to tell them what type of information had been accessed in the attack. (AP)

.
The breach has left users more vulnerable to targeted phishing attacks and could deepen unease about posting to a service whose privacy, moderation and security practices have been called into question by a series of scandals, cybersecurity experts and financial analysts said.

.
The attackers took profile details such as birth dates, employers, education history, religious preference, types of devices used, pages followed and recent searches and location check-ins from 14 million users.

.
For the other 15 million users, the breach was restricted to name and contact details. In addition, attackers could see the posts and lists of friends and groups of about 400,000 users.

.
Lawmakers and investors have grown more concerned that Facebook is not doing enough to safeguard data.

.
The company’s shares rose 0.25 percent on Friday as Wall Street rebounded after a six-day losing streak. The Nasdaq composite index gained 2.29 percent.

.
Facebook cut the number of affected users from its original estimate after investigators reviewed activity on accounts that may have been affected. Still, cybersecurity experts warned that attackers could use stolen information in targeted phishing scams.

.
“The bottom line is that all this data is still out there,” said Corey Milligan, a senior researcher with cyber-security firm Armor Inc.

.
Facebook Vice President Guy Rosen told reporters that the US Federal Bureau of Investigation has asked the company to limit descriptions of the attackers due to an ongoing inquiry.

.
Rosen revealed that while the attackers’ intent has not been determined, they did not appear to be motivated by the upcoming US mid-term Congressional election on Nov. 6.

.
He said the attack affected a “broad” spectrum of users, but declined to break down the number affected by country.

.
Facebook said it was continuing to investigate whether the attackers took actions beyond stealing data, such as posting from accounts, but had not found additional misuse.

.
Hackers did not steal personal messages or financial data and did not use their access to accounts to access users’ accounts on other websites, Facebook said.

.

A focus on trust

.
Rosen said the company would “do everything we can to earn users’ trust.”

.
The company previously warned that profits would suffer because of breach-related expenses.

.
The vulnerability the hackers exploited existed from July 2017 through late last month, when Facebook noticed an unusual increase in the use of its “view as” feature.

.
That feature allows users to check privacy settings by glimpsing what their profile looks like to others. But three errors in Facebook’s software enabled someone accessing “view as” to post and browse from the Facebook account of the other user.

.
The attackers used the “view as” flaw with “a small handful” of accounts they controlled to capture data of their Facebook friends, then used a tool they developed to breach friends of friends and beyond, Rosen said.

.
Facebook patched the issue last month and asked 90 million users to log back into their accounts, many just as a precaution.

.
Security experts have said Facebook’s initial breach disclosure arrived earlier than it likely would have prior to the enactment in May of the European Union’s General Data Protection Regulation, which mandates notification within 72 hours of learning of a compromise.

.
Facebook’s lead EU data regulator, the Irish data protection commissioner, last week opened an investigation into the breach. Authorities in other jurisdictions including the US states of Connecticut and New York are also looking into the attack.

.
Regulators around the world have ongoing inquiries into another matter that came to light in March: How profile details from 87 million Facebook users were improperly accessed by political data firm Cambridge Analytica.

.
Japan’s Personal Information Protection Commission (JPPC) has launched an investigation into the social media company, the Nikkei newspaper reported on Friday.

.
“We are working with local regulators including JPPC about data breach,” the company said in an emailed statement. Facebook has about 28 million people active in a month in Japan.

Reuters

U.K. Accuses Russia of Waging Cyber Attacks Against the West

October 4, 2018

The announcement comes as the Dutch government said its intelligence services disrupted a GRU cyberhack of chemical weapons watchdog

Russian President Vladimir Putin inspects the headquarters of the GRU in  November 2006.
Russian President Vladimir Putin inspects the headquarters of the GRU in November 2006. PHOTO: DMITRY ASTAKHOV/POOL/EPA-EFE/REX
.

LONDON—The British government Thursday stepped up its accusations against Russia’s military intelligence service, saying the unit had directed a series of high-profile online hacks including the 2016 leak of Democratic National Committee emails and the release of U.S. and other athletes’ antidoping test results.

The British Foreign Office said Russia’s military intelligence unit, the GRU, was guilty of “indiscriminate and reckless” cyberattacks over the last three years that targeted a range of political and media institutions.

The statement comes following a serious deterioration in British relations with the Kremlin following an alleged chemical-weapons attack this year on Sergei Skripal, a former GRU officer living in Britain, for which the U.K. holds his former employer responsible.

In a separate announcement on Thursday, a Dutch government official said its intelligence services disrupted a GRU cyberhack of the Organization for the Prohibition of Chemical Weapons, which monitors the use of chemical weapons, in April this year.

The OPCW, based in The Hague, was the international agency that confirmed chemical weapons were used on British soil as part of the attempted murder of Mr. Skripal and his daughter in March. OPCW officials didn’t immediately respond to requests for comment.

Moscow was bitter in its condemnation of the U.K.’s claim, describing the allegations as delusional and a “diabolical blend of perfume.”

“They mixed everything up in one bottle, which could be a bottle of Nina Ricci perfume: GRU, cyber spies, Kremlin hackers, and the [World Anti-Doping Agency],” Russian Foreign Ministry spokeswoman Maria Zakharova’s told reporters at a press briefing Thursday, according to the Russian news agency Interfax.

British authorities believe the Novichok nerve agent was hidden in a Nina Ricci perfume bottle.

After the attempted poisoning earlier this year the U.K. Prime Minister Theresa May has vowed to expose the GRU’s activities.

Many of the cyberattacks cited by the U.K. have already been attributed to Russian hackers. However, it is the first time the U.K. government has linked them directly back to the Kremlin.

“The U.K. government has made the judgment that the Russian government—the Kremlin—was responsible,” for the hacks the Foreign Office said.

Britain’s National Cyber Security Centre, which is affiliated to the U.K. top intelligence agency, said with “high confidence” that the GRU were behind theft and leak of embarrassing Democratic National Committee emails ahead of the 2016 U.S. presidential elections.

It added that the GRU was responsible for a number of other attacks including the “Fancy Bear” or “Strontium” hacks, where phishing emails were used to direct targets to fake websites designed to resemble legitimate ones where they steal login credentials.

The U.K. also said that the GRU was behind hackers who accessed the World Anti-Doping Agency’s medical database and released the private information of top U.S. Olympians and other athletes.

A number of other cyberattacks were also traced to the intelligence agency, including ransomware that encrypted hard drives and paralyzed Russia’s central bank and caused disruption on the Kiev subway.

Diplomatic relations between the U.K. and Russia have hit lows following the attempted murder of ex-spy Sergei Skripal and his daughter in the English town of Salisbury earlier this year.

Two men, identified as Russian GRU operatives by the British, have been charged by U.K. prosecutors. Russian President Vladimir Putin previously dismissed the allegations of Russian involvement, saying the two men accused by the U.K. of the poisonings were civilians.

Mr. Putin this week lambasted Mr. Skripal, branding him ’scum’ and a ’traitor.’

“Some media outlets are trying to put forward the idea that Skripal was practically a human- rights defender,” Mr. Putin said Wednesday in an address at Russian Energy Week in Moscow, “He is simply a spy and a traitor to his country. He is just scum, and that is it.”

The fallout from the poisoning led to the expulsion by Western governments of Russian diplomats, including 23 from the U.K., its single biggest expulsion in more than three decades.

Mr. Skripal, a former colonel in Russian military intelligence who was a double agent for the U.K., and his daughter are now under the protection of British authorities at an undisclosed location.

Write to Max Colchester at max.colchester@wsj.com

https://www.wsj.com/articles/u-k-accuses-russia-of-waging-a-cyber-war-against-the-west-1538652668

Related:

UK, Australia blame Russian military for cyber attacks

October 4, 2018

Britain and Australia on Thursday blamed Russia’s military intelligence service for some of the biggest cyber attacks of recent years — including one on the Democratic National Committee during the 2016 US presidential campaign.

They said the GRU military intelligence service could have only been conducting operations of such scale on Kremlin orders.

Russian President Vladimir Putin has repeatedly and angrily rejected similar charges.

He told US President Donald Trump during a July summit in Helsinki that talk of Russia meddling in the 2016 election was “nonsense”.

U.S. President Donald Trump, left, and Russian President Vladimir Putin leave after a press conference after their meeting at the Presidential Palace in Helsinki, Finland, Monday, July 16, 2018. AP PHOTO/Alexander Zemlianichenko

But Britain’s National Cyber Security Centre (NCSC) and the Australian government pointed the blame directly at alleged GRU front operations such as Fancy Bear and APT 28.

The announcement could further strain relations between Russia and Britain that began to deteriorate with the 2006 assassination with polonium in London of former Russian spy Alexander Litvinenko.

“This is not the actions of a great power, this is the actions of a pariah state,” British Defence Secretary Gavin Williamson said during a visit to Brussels.

“We’ll continue working with allies to isolate, make them understand they cannot continue to conduct themselves in such a way.”

The Australian government added that Russia’s actions violated its international commitments to “responsible state behaviour” in cyberspace.

“Cyberspace is not the Wild West,” Prime Minister Scott Morrison and Foreign Minister Marise Payne said in a joint statement.

– Airports and tennis stars –

Russia is not the only nation accused of conducting aggressive cyber operations in recent years.

The United States blames North Korea for hacking Sony in 2014 and launching the WannaCry ransomware attack last year.

US security researchers said on Wednesday that an elite group of North Korean hackers was also the source of attacks on world banks that netted “hundreds of millions” of dollars.

But British government sources said the NCSC has assessed with “high confidence” that the GRU was “almost certainly” behind the DNC hack that some Hillary Clinton supporters helped tip the US election in Trump’s favour.

Batches of DNC emails were later published by WikiLeaks. Special Counsel Robert Mueller is investigating whether their release was coordinated with the Trump campaign.

Mueller in July indicted 12 Russian GRU officers in connection with the DNC attack.

The independent findings by Britain and Australia may help Mueller fend off some of the accusations of political bias in his probe.

British sources said the GRU was also behind BadRabbit ransomware that caused disruptions on the Kiev metro and at an international airport in the Ukrainian port of Odessa last October.

The same attack affected Russia’s Interfax news agency and the popular Fontanka.ru news site.

British sources said the third strike resulted in the release of the medical files of global sports stars in August 2017.

They included tennis’s Serena and Venus Williams and Britain’s Tour de France winning cyclists Chris Froome and Bradley Wiggins.

The World Anti-Doping Agency (WADA) thinks the files’ release resulted from a data hack of its Doping Administration and Management system.

Russia was arguing at the time that its athletes were being unfairly targeted by anti-doping inspectors.

The fourth attack identified by the NCSC accessed multiple accounts belonging to a small UK-based TV station.

Some opposition Russian-language channels operate out of London.

– Blurring war and peace –

British government sources identified 12 fronts the GRU allegedly uses to conduct its operations in cyberspace.

APT 28 and Fancy Bear have already been identified by the Mueller probe.

The other names on the list include Cyber Berkut — long suspected of targeting Ukraine — as well as less-known groups such as Sednit and BlackEnergy Actors.

Researchers at the Royal United Services Institute (RUSI) in London said Russia often conducts cyber attacks to simply show it is capable of disrupting the networks of a potential enemy.

“The GRU’s activities go well beyond this traditional peacetime espionage role,” said RUSI Professor Malcolm Chalmers.

“By launching disruptive operations that threaten life in target societies, they blur the line between war and peace.”

AFP

Facebook’s Worst Security Breach Hammers User Trust Once Again

September 29, 2018

Facebook Inc.’s worst security breach ever is a major blow to the company’s effort to rebuild trust with users of the social network after a privacy scandal in March.

Image may contain: 1 person, text

A hacker — or hackers, as Facebook doesn’t know the number — exploited several software bugs at once to obtain login access to as many as 50 million accounts. That access let the intruder act like users on their profiles, or on any applications where they signed in using Facebook.

Facebook has since solved the vulnerability, but it doesn’t yet have answers to crucial questions. It’s unclear what the hackers did with the access. Were they looking for private data, or were they trying to impersonate real users and post misleading information? Was this another instance of election interference, like the kind Russia and Iran have staged? Was there any sign of who the attackers were or whom they were trying to target?

Either way, it will now be harder for the public to believe the company has made progress since Chief Executive Officer Mark Zuckerberg pledged in April congressional hearings to protect user data above all else and invest more in security. If people lose confidence in Facebook’s handling of their personal information, they may spend less time or share less on the social network, limiting the company’s ability to make money from their activity.

Facebook Security Flaw Exposes a Crisis of Faith: Shira Ovide

In the incident disclosed Friday, the Menlo Park, California-based company said it started investigating suspicious activity on Sept. 16. A few days before that, Zuckerberg wrote that the company was better prepared for attacks by foreign actors spreading division and misinformation ahead of elections in the U.S., France and other countries. The prospect of hackers taking control of almost 50 million Facebook accounts may undermine those assertions.

See a timeline of the hack and investigation by Facebook.

The breach is very different than the crisis earlier this year that forced Zuckerberg to testify in Congress. In that case, the maker of a personality quiz app on Facebook transferred his database of profile information to a third party, Cambridge Analytica. That political consulting firm told Facebook it had deleted the information, but it hadn’t.

One Facebook defense at the time was that there was no technical security problem — it was a human error and a lie. The data transfer also happened several years earlier, and Facebook had scrapped ties with developers that allowed it to happen. This time, Facebook can give no such reassurances. Regulators were quick to criticize the company, demand more information and call for an investigation.

There are signs Facebook has learned from its past crises, however. After the Cambridge Analytica news broke, Zuckerberg didn’t address the public for days. And this time, he got on a call with the media right away to try to explain what happened. “This is a very serious issue,’’ he said.

https://www.bloomberg.com/news/articles/2018-09-29/facebook-s-worst-security-breach-hammers-user-trust-once-again

Related:

.
Image may contain: 1 person, text

Patrick Soon-Shiong. Credit Patrick T. Fallon | Bloomberg | Getty Images

.
.

.

Image result for trump, google, photos

“Maybe I did a better job because I’m good with the Twitter”

Image may contain: 1 person, beard and closeup

Jack Dorsey, CEO of Twitter

.
.
.

Young people

The study found widespread apprehension about the future. Seeking intimacy? Or isolation?

No automatic alt text available.

Social media is making children regress to mentality of three-year-olds, says top brain scientist

Facebook Network Breach Affects Up to 50 Million Users

September 28, 2018

Facebook on Friday said an attack on its computer network led to the exposure of information from nearly 50 million of its users.

The company discovered the breach earlier this week, finding that attackers had exploited a feature in Facebook’s code that allowed them to take over user accounts. Facebook fixed the vulnerability and notified law enforcement officials.

More than 90 million of Facebook’s users were forced to log out of their accounts Friday morning, a common safety measure for compromised accounts.

Facebook said it did not know the origin or identity of the attackers, nor had it fully assessed the scope of the attack. The company is in the beginning stages of its investigation.

By Mike Isaac and Sheera Frenkel

New York Times

September 28, 2018

One of the challenges for Facebook’s chief executive Mark Zuckerberg is convincing users that the company handles their data responsibly. Credit Josh Edelson/Agence France-Presse — Getty Images

The discovery of the hack comes at one of the most difficult times in Facebook’s history. The company has dealt with fallout over its role in a widespread Russian disinformation campaign around the 2016 presidential election.

The company is facing the threat of regulation from Washington over concerns of whether it has grown too powerful. And Facebook is still reeling from the fallout over its role in the Cambridge Analytica scandal. The British analytics firm may have improperly obtained the data of up to 87 million Facebook users.

One of Facebook’s most significant challenges has been convincing its users that it is responsible enough to handle the incredible wealth of data the company handles. More than 2 billion people use Facebook every month, and another two billion separately use WhatsApp, a messaging app owned by Facebook, and Instagram, the Facebook-owned popular photo-sharing app.

“We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you,” Mr. Zuckerberg said in a statement regardingCambridge Analytica earlier this year.

Even before Friday’s disclosure, Facebook was facing multiple Federal investigations into the company’s broader data sharing and privacy practices. The Securities and Exchange Commission has opened an investigation into Facebook’s statements on Cambridge Analytica.

To contain the fallout, Facebook said it has instituted strict data-sharing policies with third-parties, and has scaled back the amount of data it would share with developers in the future. The company suspended access to more than 400 third-party apps after an audit of the thousands of outside apps connected to Facebook.

Follow Mike Isaac and Sheera Frenkel on Twitter: @MikeIsaac and @sheeraf

Singapore: Cyber attack type carried out by foreign governments

August 6, 2018

The biggest ever cyber attack to hit Singapore was carried out by highly sophisticated hackers typically linked to foreign governments, a cabinet minister said Monday, but did not give names.

Hackers broke into a government database and stole the health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong who was specifically targeted in the “unprecedented” hack, the government has said.

Image result for singapore lion, photos

“We have done a detailed analysis of this attack and have determined that it is the work of an advanced persistent threat (APT) group,” Minister for Communications and Information S. Iswaran said Monday.

“This refers to a class of sophisticated cyber attackers typically state-linked who conduct extended, carefully planned cyber campaigns to steal information or disrupt operations,” he told parliament, which discussed the issue.

© AFP | Hackers broke into a government database and stole the health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong

Iswaran said the APT group “was persistent in its efforts to penetrate and anchor itself on the network, bypass the security measures and illegally access and exfiltrate data”.

While the attack fitted the profile of “certain known APT groups”, Iswaran said he would not publicly give any names for reasons of national security.

Hackers used a computer infected with malware to gain access to the database between June 27 and July 4 before administrators spotted “unusual activity”, authorities have said.

The compromised data includes personal information and medication dispensed to patients, but medical records and clinical notes have not been affected, according to the authorities.

Security experts had also earlier pointed to state-actors as the likely culprit, citing the scale and sophistication of the hack.

Healthcare data is of particular interest to hackers because it can be used to blackmail people in positions of power, Jeff Middleton, chief executive of cybersecurity consultancy Lantium, told AFP last month.

Medical information, like personal data, can also be easily monetised on criminal forums, said Sanjay Aurora, Asia Pacific managing director of Darktrace, a cyber security firm.

Iswaran, who is also the minister in charge of cyber security, has convened a committee of inquiry to look into the hack.

“We will do our utmost to strengthen our cyber security. But it is impossible to completely eliminate the risk of another cyber attack,” he said.

“This is an ongoing battle with potential cyber attackers who are constantly developing their capabilities and seeking out new vulnerabilities.”

Iswaran said the attack will not derail the affluent and highly-wired city-state’s ambitions to become a “smart nation” through the extensive use of technology in daily activities and transactions.

AFP