The U.S. Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?

The Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?

During the summer of last year, there was a growing controversy surrounding the FDA’s request to hackers to expose holes in medical devices security, such as insulin devices and other wireless and computer connected home and hospital devices. Understandably, many hackers and security experts were not particularly keen to attempt or test the security of these devices, for fear of incorrect perception, and potential outcry. In December last year, the FDA was itself the target of an hacking operation, in particular the system used by pharmaceutical companies to input data on drug tests, results, clinical trials, and so on. Whether this was an attack by cyber thieves, as the FDA claims, or hacktivists remains to be seen. 

Corporate Theft or Exposing the Truth?

The FDA of course, was quick to denounce the attack as a cyber theft. The information reported to have been accessed included medical trial data, marketing information and strategy, and information about drug manufacturing. While on the surface, we could very well accept that this could be a simple case of corporate espionage, it is worth remembering that any company that wants drug approval in the US has to go through the FDA first. Is running the risk of potentially alienating the very body that approves your products a strategy that a multi billion dollar pharmaceutical company would really undertake? While it can’t be rules out as a possibility, unless the hackers come forward, it does seem unlikely. It’s also important to remember that there is a large amount of controversy surrounding the pharmaceutical industry all over the world, but especially in the states. Could hacktivists have been responsible for the attack? If so, what could be the causes for such as attack? As we will see, there may be more than we might initially think.

Practice and Method - How Big Pharma Operates

In the US alone, it is estimated that around 70% of the population takes prescription drugs. Given the amount of people in the US is estimated to be over 300 million, that is a staggering number. With such a large amount of people taking these drugs, addiction rates are rising rapidly - so much so, that currently prescription addicts are more common than illegal drug addicts. It is a very real problem that continues to be skirted around by the US regulators and administration. In fact, where as knowing the signs of heroin or crack cocaine addiction were important pieces of information for people who suspected they may have an addict among friends or family, the same is now true for widely available prescription drugs, and many Americans are being encouraged to learn more about the potential causes and signs of prescription drug abuse, by drug charities and non profit institutions.

At the center of this problem lies the pharmaceutical industry. Adverts for medications are common, and standard practice for getting new drugs to market includes rigging clinical trials to get the desired results in clever ways that do not outright break the law, invasive marketing schemes on family doctors and consumers, where doctors will often be offered ‘sweeteners’ such as free lunches, travel to events, or even help building their reputation as speakers at industry funded conferences. The FDA is also, despite being an independent regulatory body, often effectively ‘bought out’ by companies looking to get drugs to market fast. There is the additional problem that all drug test data is not available for public consumption, meaning academics and doctors are unable to view results of tests or trials for themselves. This has led to a number of large law suits in the US, and around the world, as well as in extreme cases, deaths directly related to withheld side affects of new drugs.

Coincidence or Calculated?

We might then speculate on the nature of the accessed data once again. Bearing in mind the nature of how the industry operates, and the information that was accessed, we could quite easily draw a link between the two, and surmise that the hack may well have been the work of a hacktivist movement. Of course, there is no way to prove whether this was the case or not, but given the ambitious actions of a number of groups over the last few years, it certainly can’t be ruled out.

Disclaimer:- At perfection Team VOGH felicitate Eve Halton for sharing this luminous article with our readers. Eve is a very much passionate Fleet Street, she  has done her graduation in International Business and Journalism. Eve, this time also you have done eminent job, we love you :)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">The U.S. Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?"https://www.voiceofgreyhat.com/2014/02/fda-hack-the-untold-story.html</a>

Chinese Hackers Eavesdropping European Diplomats Before G20 Summit

Researchers At FireEye Found -Chinese Hackers Snitching  Europeans Before G20 Summit 

Story of cyber espionage by Chinese hackers used to remain one of most highest pick of breakneck. Yet again another breathtaking issue of  eavesdropping by Chinese hackers get spot light, when  California-based renounced computer security firm FireEye Inc have figured out that a group of Chinese hackers eavesdropped on the computers of five European foreign ministries before last September's G20 Summit, which was dominated by the Syrian crisis. From the detailed analysis we came to know that the hackers have infiltrated the ministries' computer networks by sending emails to staff containing tainted files with titles such as "US_military_options_in_Syria," which sells virus fighting technology to companies. Whenever the targeted recipients opened those documents, they loaded malicious code on to their personal computers. Researchers of FireEye said that they were able to monitor the "inner workings" of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems for about a week in the late August. But suddenly they lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia. 

Though the company has declined in open press to identify the nations whose ministries were hacked, although it said they were all members of the European Union. But FireEye informed the FBI about the whole issue in details. FireEye also confirmed that the hackers where from China, but they did not find evidence which may link those hackers to the Chinese government. Not surprisingly and obviously like earlier the Chinese government has distanced itself from any claim that it might have hacked foreign governments for data. FireEye also successfully monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain. The researchers had been following the hackers behind the Syria-related attack for several years, but this is the first time the group's activities have been publicly documented. The company calls the group "Ke3chang," after the name of one of the files it uses in one of its pieces of malicious software. "The theme of the attacks was U.S. military intervention in Syria," said FireEye researcher Nart Villeneuv. 

On reaction Chinese Foreign Ministry spokesman Hong Lei said- "U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible," 

While talking in this story of Chinese eavesdropping, I also want to dig some points from decent parts where we all became very habituated of seeing Europe & U.S. countries blaming China for engaging cyber attacks; and China also do the same for accusing U.S. like vice versa. I am reviving your memories of last few years where If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.  

Before I conclude, I request you to closely look at the above mentioned stories, you will find China majorly responsible for eavesdropping & security breach. On the same side China also been effected by the same way. So in conclusion, we cant put a full stop in this chain of cyber attacks, hacking & eavesdropping, as it comes from both end. So this exciting episode will be continued like it does. If you want to stay updated then don't forget to stay tuned with VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Chinese Hackers Eavesdropping European Diplomats Before G20 Summit "https://www.voiceofgreyhat.com/2013/12/china-eavesdropping-europeans-before-G20-summit.html</a>

White House Calls China to Stop Hacking & Cyber Espionage Against U.S.

White House Calls China to Stop Hacking & Cyber Espionage Against U.S.

The story of cyber espionage by Chinese hackers used to remain on the spot light due to its consistency, but now the situation get nasty and takes a new way as the national security adviser of U.S. President Obama directly pointed his finger to China. Many of our readers might take this issue lightly as earlier China has been blamed for engaging cyber attacks against different countries for many times. But this time there is a twist as the U.S. government vows to take the issue in a very serious manner. In his speech the national security advisory Tom Donilon said that "The international community cannot afford to tolerate such activity from any country," Like earlier China has denied any type of involvement and condemned the report for lack of hard evidence. But this time such reaction will not at all be entertained as the president said in the State of the Union, "we will take action to protect our economy against cyberthreats." The above two statements can be taken in both friendly warning or also in a serious threat. The White House already warned China to end the campaign of cyber espionage against U.S. companies, saying in its toughest language yet on the issue that the hacking activity threatens to derail efforts to build stronger ties between the two countries. 

Donilon did not directly accuse the Chinese government of launching the attacks on U.S. computer systems, only noting that the attacks are coming from inside the country. "Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale," he said. Another important message came from the Obama administration saying United States “will not accept North Korea as a nuclear state” and called on Chinese leaders to get serious about cracking down on cyber-related crimes. 

While covering this story we would like to remind you that couple of weeks ago Chinese officials issued a same complain against United States where they blamed U.S. for engaging massive cyber attacks against Chinese military and defense system. If you look at the story of major cyber attacks of last few days we will find that the name of China has been involved several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

-Source (The Hill, Cnet & WT)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">White House Calls China to Stop Hacking & Cyber Espionage Against U.S."https://www.voiceofgreyhat.com/2013/03/WhiteHouse-Calls-China-to-Stop-Hacking.html</a>

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers 

We all are very much familiar of hearing the story of cyber espionage and cyber attacks originated from China by Chinese hackers. Where many countries across the globe have fallen victim like U.S. India, Japan, South Korea, many European countries and many more. But today a complete reverse story came under light where the Chinese government are claiming that several top secrete government sites like defense, army, military were targeted and hit by hackers from United States. According to some classified sources it came that Chinese government websites are routinely hacked from IP addresses originating within the United States. In a news conference, spokesman of Defense Ministry of China; Mr. Geng Yansheng said that - more than 144,000 hacking attempts per month are targeted at the China Military Online and Defense Ministry websites. According to Chinese defense ministry a close to two-thirds of those attacks (62.9 percent) originated in the United States. Geng said he had noted reports that the United States planned to expand its cyber-warfare capability but that they were unhelpful to increasing international cooperation towards fighting hacking.

"We hope that the U.S. side can explain and clarify this." The U.S. security company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries. Yansheng did not mention a direct link between the cyber attacks and the U.S. government only that the attacks originated in the United States. He did note, however, that China is concerned with reports that the United States is planning to expand its cyber warfare capabilities. 

In the last month China was blamed for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

After keeping in mind all the above facts, we can not conclude the matter very easily, but what we can say that, whether China is responsible or not is neither been proved so far. In spite of looking at the situation we can only say, the entire matter is foggy; where the original truth has either been manipulated or been still untold. But it is sure that those untold or manipulated issues will some day came in front, till that time we have to keep patience and don't forget to stay tuned with VOGH for all kind of cyber related topics and expert reviews.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers"https://www.voiceofgreyhat.com/2013/03/Chinese-defnese-attacked-by-us-hackers.html</a>

Chinese Hackers Breached New York Times & Stolen Employee's Password

Chinese Hackers Breached New York Times & Stolen Employee's Password 

Yet again the story of cyber espionage by Chinese hackers spotted in the wild, when the famous and one of the most popular American news daily reported that their system has been compromised by a round of sophisticated cyber attack generated from China. After the hack of White House unclassified network, it is the second time in last six month; when Chinese hackers have targeted the American cyber space. The New York Times has reported that for the last four months Chinese hackers have been infiltrating its networks, broken into the email accounts of senior staff, stolen the corporate passwords for every Times employee and used those to gain access to the personal computers of  more than 50 employees. 

According to a blog post of NYT - The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing. 

“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, executive editor of The Times. The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.

Cyber Espionage of China (2011-2012) at a Glance:-

While talking about this cyber attack, we would like to refresh your memory last two years, where the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

All those above stories it has been clearly identified that China was the point of those said attacks, but it doesn't necessarily prove that it the operation is backed by the Chinese government or intelligence services. It could just as easily be a patriotic group of skilled, independent Chinese hackers upset with how the Western media is portraying their country's rulers. For all kind of cyber related topics and expert reviews on those matters just stay tuned  with only VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Chinese Hackers Breached New York Times & Stolen Employee's Password"https://www.voiceofgreyhat.com/2013/02/chinese-hackers-breached-new-york-times.html</a>

UK Announces Plans for ‘Cyber Reserve’ Online Crime Defence Force

UK Govt. Announces Plans for ‘Cyber Reserve’ Online Crime Defense Force

Earlier this week, the UK government announced that it was planning on setting up a ‘cyber reserve’ force aimed at dealing with security threats brought about by online crime. The proposed force will be run by the country’s ministry of defense and is going to allow the armed forces to draw on the nation’s computer-related talents in order to ward off online attacks and stem the tides of cyber crime. Minister for the Cabinet Office Francis Maude claims that ‘critical’ work is required in order to combat online lawbreaking. He says that nine tenths of large British corporations and three quarters of small British businesses have reported experiencing a cyber breach within the last year, meaning that this force has now become a necessity.

Cyber Crime in the UK

Research conducted by a team of academics recruited by the UK Ministry of Defense earlier this year concluded that the country spends a billion US dollars per year on protecting against and cleaning up after instances of cyber crime. This includes the cost of measures taken to safeguard bank account security and reduce computer-related fraud, the money forked out by businesses purchasing anti-virus software and the cost of removing viruses from computers. In addition to criminals, terrorists and rogue states have also targeted computers in the UK, meaning that it is not difficult to see why the country would consider setting up such a force.

More Students Trained in Tackling Cyber Crime Needed

Maude has promised to make the UK one of the safest places in the world to conduct online business. He added that further details of the ‘cyber reserve’ plans would be revealed in 2013 and said that British government agencies and departments are working with professional bodies in order to ensure that the consideration of internet security becomes an integral component of corporate governance and the risk management process. He stated that UK officials want more students in the country trained in the skills required for tackling cyber crime and pointed out that the nation’s ministry of defense is examining new methods for attracting talented cyber security specialists, as they are required for critical areas of work.

Cyber-Spying by Hostile Nations

The UK Ministry of Defence’s announcement came in the wake of revelations that hostile foreign states had carried out ‘mapping’ of the systems that control the country’s power and water supplies. Officials refused to name the nations that were believed to have carried out this mapping but there have been reports in the United States that China and Russia have conducted similar reconnaissance exercises there, which suggests that they could be the countries that are responsible for this cyber-spying activity. With this in mind, it is little wonder the UK is stepping up its security, as it wishes to safeguard vital information.

Cyber Confidence Tracker

Francis Maude stated that the increasing number of threats posed to the UK’s online security is partly down to the growth of the internet economy. He said that the country’s government cannot take sole responsibility for fighting cyber crime and emphasized the fact that individuals and businesses would also have to play their part. Next spring the UK will be taking steps to improve online security for consumers and small businesses. The nation plans on launching a ‘cyber confidence tracker’, which will keep tabs on online behaviors and perceptions about internet security in an effort to ensure that the advise that they are delivering to the public about this subject is being conveyed in the best possible way.

Implications

It appears that the UK is now taking the threat of cyber attack extremely seriously, which it is wise to do considering the increasing trend of nations targeting the infrastructures of those that they are hostile towards via the internet. This is a sign that the web is becoming the new battleground in the international struggle for power. The full extent of the country’s plans for its ‘cyber reserve’ are not yet known. It is also questionable whether it will be used solely for defense purposes. Espionage is no longer dominated by spies being physically placed in another country. It is now evidently moving online, meaning that countries are being forced to adapt and develop cyber spies of their own.

Special article by 

Evelyn Anderson of International Business and Journalism

Guest Editor VOGH

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">UK Announces Plans for ‘Cyber Reserve’ Online Crime Defence Force"https://www.voiceofgreyhat.com/2012/12/Cyber-Reserve-an-Online-Crime-Defense-Force.html</a>

US House of Intelligence Committee Warn American Companies Doing Business with Huawei & ZTE

US House of Intelligence Committee Warn American Companies Doing Business with Huawei & ZTE

Though US is very much advance and updated on cyber security but after facing so many large cyber attacks from China, now American government taking few steps to avoid any kind of cyber espionage. Recently the US House Intelligence Committee says that the American companies should avoid doing business with two of China's leading technology firms, ZTE and Huawei. Many of us will not agree with this decisions  but while keeping in mind latest cyber attacks and damages, the authorities have no other way left. 

The Chairman and Ranking Member of the House Intelligence Committee, Mike Rogers (R-MI) and C.A. Dutch Ruppersberger released a report recommending to U.S. companies considering doing business with Chinese telecommunications companies Huawei and ZTE to find another vendor.  The report encourages U.S. companies to take into account the long-term security risks associated with either company providing equipment or services to our telecommunications infrastructure.  Additionally, the report recommends that U.S. government systems, particularly sensitive systems, exclude Huawei or ZTE equipment or component parts. The report highlights the interconnectivity of U.S. critical infrastructure systems and warns of the heightened threat of cyber espionage and predatory disruption or destruction of U.S. networks if telecommunications networks are built by companies with known ties to the Chinese state, a country known to aggressively steal valuable trade secrets and other sensitive data from American companies.  Additionally, the report notes that modern critical infrastructure is incredibly connected, everything from electric power grids to banking and finance systems to natural gas, oil, and water systems to rail and shipping channels. All of these entities depend on computerized control systems. The risk is high that a failure or disruption in one system could have a devastating ripple effect throughout many aspects of modern American living.

The report, released in a Capitol Hill news conference, states that Huawei and ZTE provided incomplete, contradictory, and evasive responses to the Committee’s core concerns.  The report comes after a year-long investigation into the national security dangers posed by Huawei and ZTE, the two largest Chinese telecommunications companies doing business in the United States.

The Report Includes Five Recommendations:-

1. US government systems and US government contractors, particularly those working on sensitive systems, should exclude any Huawei or ZTE equipment or component parts.  Additionally, the Committee on Foreign Investments in the United States (CFIUS) must block acquisitions, takeovers, or mergers involving Huawei and ZTE given the threat to U.S. national security interests.

2. U.S. network providers and systems developers are strongly encouraged to seek other vendors for their projects.

3. Unfair trade practices of the Chinese telecommunications sector should be investigated by committees of jurisdiction in U.S. Congress and enforcement agencies in the Executive Branch.  Particular attention should be paid to China’s continued financial support of key companies.

4. Chinese companies should quickly become more open and transparent. Huawei, in particular, must become more transparent and responsive to U.S. legal obligations.

5. Committees of jurisdiction in Congress should consider potential legislation to better address the risk posed by telecommunications companies with nation-state ties or otherwise not clearly trusted to build critical infrastructure, including increasing information-sharing among private sector entities and expanding a role for the CFIUS process to include purchasing agreements.

To Download the Full 60 Page Report Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">US House of Intelligence Committee Warn American Companies Doing Business with Huawei & ZTE"https://www.voiceofgreyhat.com/2012/10/USHouse-of-Intelligence-Committee-Warn-American-Companies-Doing-Business-with-Huawei-ZTE.html</a>

White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing

White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing

Another cyber espionage generated from China targeted the White House. U.S. government computers reportedly including systems used by the military for nuclear commands were breached by Chinese hackers. The White House it self confirmed the breach, while saying that hackers indeed made an attempt to infiltrate its computer system, but says it thwarted the effort and that no classified networks were threatened. Also the security breach did not appear to have stolen any data. White House spokesman Jay Carney told reporters the White House is equipped with mitigation measures that identified the attack, isolated it and prevented its spread. He said there was no indication that any data was removed. “There are distinctions between those networks that contain classified information and those that don’t, and the attack was against an unclassified network,” Carney said. 

The hackers breached the network by using a technique known as spear phishing, in which they target victims who have access to sensitive computer networks by sending personalized emails that appear to come from trusted sources. Once the victims click on the bogus attachment or link, the hackers can install malicious software on the PCs to spy on users and steal data.  A law enforcement official who works with members of the White House Military Office confirmed the Chinese attack to press on Monday, but it remains unclear what information, if any, was taken or left behind. But still The White House officially did not say whether the recent attack was linked to China or not. 

"This [White House Communications Agency] guy opened an email he wasn't supposed to open," the source said. That email contained a spear phishing attack from a computer server in China, the law enforcement source told the press. The attack was first reported by the conservative blog Free Beacon. Spear phishing involves the use of messages disguised to appear as valid; in fact, they contain targeted, malicious attempts to access sensitive or confidential information. 

While talking about this breach, we would like to remind you that just few days ago Chinese hackers breached Telvent's corporate network & gained control of US Power Grid. Couple of months ago we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing"https://www.voiceofgreyhat.com/2012/10/White-House-Unclassified-Network-Hacked-By-Chinese-Hackers.html</a>

Indian Air Force (IAF) Issued Strict Rules & Discipline to Avoid Hacking

Indian Air Force (IAF) Issued Strict Rules & Discipline to Avoid Hacking

Last month in a report we said Indian Govt is working on a robust cyber security structure, and parallely now the Indian Govt is emphasizing its security structure to fight against cyber threats. As a result of this ongoing cyber awareness, a very strict order have been issued by Indian air force to tackle and avoid cyber attacks. From now and onward every officer of the Indian Air Force (IAF) will now have to sign a declaration that they will not save or view any official document on personal computers. Failure to adhere to this directive will lead to a court marshal and prosecution. In a recent case, operational documents were found on the personal computer of a young pilot posted at an airbase in Tamil Nadu. A court of inquiry has been initiated. Over the years, cyberspace has emerged as a critical frontier for espionage as the use of computers and dependence on the internet has grown. Thus, document security has emerged as one of critical areas of concern for the government. It is perhaps alluding to these increasing instances of the cyberspace being used by foreign agencies to collect critical information. Prime Minister Manmohan Singh, while addressing top cops of the country at the annual security conference hosted by the Intelligence Bureau earlier this month, said, "Our country's vulnerability to cybercrime is escalating... Large-scale computer attacks on our critical infrastructure and economy can have potentially devastating results. The government is working on a robust cyber security structure."

As a general rule, computers in which sensitive information are stored or prepared are never connected to the internet. "The IAF internal communication network, for instance, is not only a stand-alone network with no connection to the net, but also has the system configured in such a way that it doesn't allow external storage devices like pen drives or CDs," a senior MoD official told the press. Nonetheless, some officers have been found "keeping copies or preparing documents using critical information in their personal computers, which have subsequently passed out by malwares in the system or hacked," the officer added.

Beside of developing a robust cyber security structure, there is another reason behind this decision, and that is Couple of months ago we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Later, inquiries revealed that a few naval officers had, against the rules, taken copies of the plans in pen drives from a naval computer, to study. The Chinese-made pen drives allegedly had malwares which transmitted the data back to IP addresses in China once they were used on computers connected to the internet. So the Indian Govt is now very strict about data privacy, so the implemented this new rule. Such bold decisions will surely make security tight and also reduce the probability of data theft & cyber espionage. 

-Source (NDTV)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Indian Air Force (IAF) Issued Strict Rules & Discipline to Avoid Hacking"https://www.voiceofgreyhat.com/2012/09/IAF-Issued-Strict-Rules-to-Avoid-Hacking.html</a>