fbpx
Connect with us

News

US: Hack of federal agencies ‘likely Russian in origin’

Inside Telecom Staff

Published

 on

US Hack of federal agencies 'likely Russian in origin'

Top national security agencies confirmed Tuesday that Russia was likely responsible for a massive hack of U.S. government departments and corporations, rejecting President Donald Trump’s claim that China might be to blame.

The rare joint statement represented the U.S. government’s first formal attempt to assign responsibility for the breaches at multiple agencies and to assign a possible motive for the operation. It said the hacks appeared to be intended for “intelligence gathering,” suggesting the evidence so far pointed to a Russian spying effort rather than an attempt to damage or disrupt U.S. government operations.

The agencies made clear the Russian operation was “ongoing” and indicated the hunt for threats was not over.

“This is a serious compromise that will require a sustained and dedicated effort to remediate,” said the statement, distributed by the FBI, the National Security Agency, the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency.

It was not clear why the statement was issued Tuesday, especially since government officials and cybersecurity experts have for weeks believed that Russia was responsible. Even so, the announcement puts the imprimatur of national security agencies, albeit belatedly, on information that members of Congress had clamored for the White House to make public.

The Associated Press reported last month that officials at the White House had been prepared to issue a statement that accused Russia of being the main actor in the hack but were told at the last minute to stand down. The day of that report, Dec. 19, Trump tweeted that the “Cyber Hack is far greater in the Fake News Media than in actuality” and suggested without any evidence that China could be to blame.

Sen. Mark Warner, the Democratic vice chairman of the Senate Intelligence Committee, lamented the belated statement, saying “it’s unfortunate that it has taken over three weeks after the revelation of an intrusion this significant for this Administration to finally issue a tentative attribution.” He said he hoped “that we will begin to see something more definitive” as well as a warning to Russia, which has denied involvement in the hack.

With the public finger-pointing taking place in the final two weeks of the Trump administration, it will almost certainly fall to incoming President Joe Biden to decide how to respond to a hacking campaign that amounts to Washington’s worst cyberespionage failure to date. Biden has said his administration will impose “substantial costs” on countries responsible for U.S. government hacks, but it is unclear whether the response in this case will involve sanctions, prosecution, offensive cyber operations or some combination of those options.

The hacking campaign was extraordinary in scale, with the intruders having stalked through government agencies, defense contractors and telecommunications companies for months by the time it was discovered. Experts say that gave the foreign agents ample time to collect data that could be highly damaging to U.S. national security, though the scope of the breaches and exactly what information was sought is unknown.

An estimated 18,000 organizations were affected by malicious code that piggybacked on popular network-management software from an Austin, Texas, company called SolarWinds. Of those customers, though, “a much smaller number has been compromised by follow-on activity on their systems,” the statement said, noting that fewer than 10 federal government agencies have so far been identified as falling into that category.

The Treasury and Commerce departments are among the agencies known to have been affected. Sen. Ron Wyden, an Oregon Democrat, said after a briefing last month provided to Senate Finance Committee staff that dozens of Treasury Department email accounts were compromised and that hackers had broken into systems used by the department’s highest-ranking officials.

A senior executive of the cybersecurity firm that discovered the malware, FireEye, said last month that “dozens of incredibly high-value targets” have been infiltrated by elite, state-backed hackers. The executive, Charles Carmakal, would not name the targets. Nor has Microsoft, which said it identified more than 40 compromised government and private targets, most in the U.S.

Microsoft said in a blog post last week that hackers tied to the intrusions of government agencies and companies sneaked further into its systems than previously thought and were able to view some of the code underlying Microsoft software, but weren’t able to make any changes to it.

The extent of affected targets remains undisclosed.

“I think it’s highly unlikely at this stage of the investigation they can actually be certain that there are only 10 agencies impacted,” said Dmitri Alperovitch, former chief technical officer of the cybersecurity firm CrowdStrike.

Ben Buchanan, a Georgetown University cyberespionage expert, said the fact that multiple investigating agencies are now attributing the hacking campaign to Russia “removes any remaining serious doubts about the perpetrators.”

As for the number of federal agencies compromised, he said it’s difficult to know “from the outside how they’ve evaluated this.” While such assessments are difficult, Buchanan said, he believes the government must have evidence for the claim given the joint nature of the statement.

U.S. officials, including then-Attorney General William Barr and Secretary of State Mike Pompeo, and cybersecurity experts have in recent weeks said that Russia was to blame. But Trump, who throughout his term has resisted blaming Moscow for cyber operations, broke from the consensus within his own administration by tweeting that the media was afraid of “discussing the possibility that it may be China (it may!).”

Tuesday’s statement makes clear that is not the case, saying the U.S. investigation reveals that a cyber actor, “likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.”

“At this time, we believe this was, and continues to be, an intelligence gathering effort. We are taking all necessary steps to understand the full scope of this campaign and respond accordingly,” the statement said.


WASHINGTON (AP) — By ERIC TUCKER and FRANK BAJAK

Advertisement

We’re a diverse group of industry professionals from all corners of the world. Our desire is to provide a high-quality telecoms publication that caters to an international market, offering the latest and most relevant telecoms information to businesses, entrepreneurs and enthusiasts.

News

Online review platform Trustpilot chooses London for IPO

Associated Press

Published

 on

Online review platform Trustpilot chooses London for IPO

Online review platform Trustpilot said Monday it plans to sell shares in London, in a stock offering that helps shore up the city’s status as a financial hub and destination for tech companies after Brexit.

Trustpilot, which is based in Copenhagen, Denmark, said it will hold an initial public offering on the London Stock Exchange to sell 25% of its shares to raise $50 million.

While not yet profitable, Trustpilot’s net loss narrowed last year as its revenue rose to $102 million. It’s aiming for a market valuation of 1 billion pounds ($1.4 billion), according to a person close to the company who was not allowed to speak publicly.

People can use Trustpilot to publicly leave feedback for businesses. One of Trustpilot’s selling points is that it doesn’t allow businesses to pick and choose which reviews are published on, or deleted from its platform, as a way to raise trust and transparency.

The company also uses technology to weed out shady posts. Last year it took down 2.2 million reviews deemed to be fake or fraudulent, 70% of which were removed by automated systems.

Trusptilot is going public as a boom in online transactions due to the coronavirus pandemic is driving demand for reviews. The company said in its registration document that COVID-19 has resulted in more web domains carrying Trustpilot reviews as well as more consumer reviews on its platform, though it came at the expense of other businesses hit by the pandemic through store closures, travel restrictions, and social distancing.

The company, which was founded in 2007, says it has hosted more than 120 million reviews for more than 529,000 websites belonging to businesses in more than 100 country and territories. Its biggest markets are the U.K. and U.S.

LONDON (AP) — By KELVIN CHAN

Continue Reading

News

Senate vetting Biden’s choice for SEC head amid stock drama

Associated Press

Published

 on

Senate vetting Biden's choice for SEC head amid stock drama

President Joe Biden’s choice to head the Securities and Exchange Commission is coming before a Senate panel for his confirmation hearing at a moment when a roiling stock-trading drama has spurred clamor for tighter regulation of Wall Street.

Gary Gensler, a chairman of the Commodity Futures Trading Commission during the Obama administration, has experience as a tough markets regulator during the financial crisis. More recently he has been in the academic world. Biden’s selection of Gensler to lead the SEC signals a goal of turning the Wall Street watchdog agency toward an activist role after a deregulatory stretch during the Trump administration.

The Senate Banking Committee is weighing Gensler’s confirmation in a virtual hearing Tuesday. Also being vetted and questioned is Rohit Chopra, a member of the Federal Trade Commission who is Biden’s nominee to lead the Consumer Financial Protection Bureau.

Gensler is promising to work toward strengthening transparency and accountability in the markets. That will enable people “to invest with confidence and be protected from fraud and manipulation,” he said in written testimony prepared for the hearing. “It means promoting efficiency and competition, so our markets operate with lower costs to companies and higher returns to investors. … And above all, it means making sure our markets serve the needs of working families.”

The trading frenzy in shares of the struggling video-game retailer GameStop lifted their price 1,600% in January, though they later fell back to Earth after days of wild price swings. A number of big hedge funds had bet that GameStop stock would fall, only to be thwarted by small investors who banded together on social media with a wave of buying that sent the price up. The saga was portrayed as a victory of ordinary investors over Wall Street giants. But some lawmakers charged that the online trading platform Robinhood acted to favor its big Wall Street clients when it blocked its customers on Jan. 28 from buying GameStop shares.

The SEC is investigating. Treasury Secretary Janet Yellen convened a meeting of top federal regulators to discuss the trading turbulence and whether the way the market operates may hurt individual investors.

Allison Herren Lee, the acting SEC chair, has said the agency is examining the role that short-selling may have played in GameStop’s extreme stock moves, as well as potential stock manipulation and whether companies issuing stocks are adequately disclosing risks to investors.

The GameStop episode has bolstered political momentum in the direction of closer regulation of the securities markets, though Republican lawmakers and regulators generally will oppose new rules. Possible avenues for new rules that have been raised include requiring market players to disclose short-selling positions and restricting arrangements of payment for order flow — a common practice in which Wall Street trading firms pay companies like Robinhood to send them their customers’ orders for execution.

Gensler was a leader and adviser of Biden’s presidential transition team responsible for the Federal Reserve, banking issues and securities regulation. He doesn’t appear to face enough opposition to derail his approval by the full Senate, which the Democrats control by a slim margin.

“Gensler will tip the SEC away from making it easy for companies to raise money and toward protecting unsophisticated investors,” says Erik Gordon, assistant business professor at the University of Michigan.

Jay Clayton, a former Wall Street lawyer who headed the SEC during the Trump administration, presided over a deregulatory push to soften rules affecting Wall Street and the financial markets, as President Donald Trump pledged when he took office. Rules under the Dodd-Frank law that tightened the reins on banks and Wall Street in the wake of the 2008-09 financial crisis and the Great Recession were relaxed. Clayton also eased rules for smaller companies raising capital in the market.

With a background of having worked for nearly 20 years at Goldman Sachs, the Wall Street powerhouse investment bank, Gensler surprised many by being a tough regulator of big banks as head of the Commodity Futures Trading Commission. He imposed oversight on the $400 trillion worldwide market for the complex financial instruments that helped spark the 2008-09 crisis. Gensler pushed for stricter regulations that big banks and financial firms had lobbied against, and he wasn’t afraid to take positions that clashed with the Obama administration.

Among his likely priorities as SEC chair would be requirements for corporations to disclose their climate change risks, political spending and executive compensation. Gensler, who co-authored a 2002 book of investing advice for moderate-income people titled “The Great Mutual Fund Trap,” also could push for protections in ordinary investors’ relationships with their advisers. He may take up tighter rules for new “blank-check” offerings used by companies in developing stages to raise money in the markets, observers say.

Gensler comes armed with receptiveness to new financial technologies and cryptocurrency. As a professor of economics and management at MIT’s Sloan School of Management, he has focused research and teaching on public policy as well as digital currencies and blockchain, the global running ledgers of digital currency transactions.
WASHINGTON (AP) — By MARCY GORDON

Continue Reading

News

Huawei daughter back in Canada court in US extradition case

Associated Press

Published

 on

Huawei daughter back in Canada court in US extradition case

Lawyers for a senior executive for Chinese communications giant Huawei Technologies were in court Monday arguing evidence should be introduced which would undermine the case to have their client extradited to the U.S.

Canada arrested Meng Wanzhou, the daughter of Huawei’s founder and the company’s chief financial officer, at Vancouver’s airport in late 2018. The U.S. wants her extradited to face fraud charges. Her arrest infuriated Beijing, which sees her case as a political move designed to prevent China’s rise.

The U.S. accuses Huawei of using a Hong Kong shell company called Skycom to sell equipment to Iran in violation of U.S. sanctions. It says Meng, 49, committed fraud by misleading the HSBC bank about the company’s business dealings in Iran. Much of the case centers around an August 2013 PowerPoint presentation made to a HSBC executive during a lunch in Hong Kong.

Defense lawyer Frank Addario asked the court to admit evidence he says shows officials with HSBC were aware of Huawei’s connection to Skycom and another company called Canicula Holdings Inc.

“It was widely known in the bank … that Huawei owned Skycom,” Addario told Associate Chief Justice Heather Holmes. “It sold Skycom to Canicula and thereafter Huawei controlled Canicula’s account at the bank.”

Addario said by omitting this evidence, the U.S. misled Canadian courts.

“The case put to you for the prosecution is the bank’s knowledge came from all these misleading statements by Huawei employees generally,” said Addario. “Once you see all this evidence the picture that emerges is a different picture abut the knowledge of HSBC employees generally and the decision makers.”

Canadian government lawyer Robert Frater told Holmes an extradition hearing is not a trial and said some of Addario’s comments are standard defense cross examination material.

“It is up to a trial to decide if a witness is credible and to determine what officials knew at a certain time. What my friend wants to do is to argue the trial issues,” Frater said.

Meng attended the hearing wearing a mask and an ankle tracking bracelet. She followed the proceedings with an interpreter while reading documents on her lap and taking sips of water.

Over the next several weeks, Meng’s defense team will present several justifications for halting the extradition proceedings.

On Wednesday they will be back in court to argue her arrest was politically motivated and will point to comments made by former U.S. President Donald Trump that he was using Meng as a bargaining chip to force a better trade deal with China.

Canada’s attorney general said in court documents that Trump’s comments were public statements by a president no longer in office about a possible intervention that never occurred.

Later this month, Meng’s lawyers will claim an abuse of process, saying Canada Border Services Agency officers detained and questioned Meng without a lawyer, seized her electronic devices and compelled her to give up the passcodes before her official arrest.

Her lawyers also contend the U.S. is exceeding the limits of its jurisdiction by prosecuting a foreign citizen for actions that took place in Hong Kong and that Canada was misled by the U.S. about the strength of its case.

Meng’s arrest has soured relations between Canada and China. In apparent retaliation, China detained former Canadian diplomat Michael Kovrig and Canadian entrepreneur Michael Spavor. China has also placed restrictions on various Canadian exports to China, including canola oilseed. China also handed death sentences to four Canadians convicted of drug smuggling. Kovrig and Spavor remain jailed. Meng remains free on bail in Vancouver and living in a mansion.

VANCOUVER, British Columbia (AP) — By JIM MORRIS.

Continue Reading

Trending