Security News

The U.S. Department of Justice yesterday revealed charges against two Chinese nationals for their alleged involvement in a decade-long hacking spree targeting dissidents, government agencies, and hundreds of organizations in as many as 11 countries. "China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being 'on call' to work for the benefit of the state, [and] to feed the Chinese Communist party's insatiable hunger for American and other non-Chinese companies' hard-earned intellectual property, including COVID-19 research," said Assistant Attorney General John C. Demers, who leads the DoJ's National Security Division.

The U.S. Department of Justice yesterday revealed charges against two Chinese nationals for their alleged involvement in a decade-long hacking spree targeting dissidents, government agencies, and hundreds of organizations in as many as 11 countries. "China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being 'on call' to work for the benefit of the state, [and] to feed the Chinese Communist party's insatiable hunger for American and other non-Chinese companies' hard-earned intellectual property, including COVID-19 research," said Assistant Attorney General John C. Demers, who leads the DoJ's National Security Division.

Hackers working with the Chinese government targeted firms developing vaccines for the coronavirus and stole hundreds of millions of dollars worth of intellectual property and trade secrets from companies across the world, the Justice Department said Tuesday as it announced criminal charges. The indictment does not accuse the two Chinese defendants of actually obtaining the coronavirus research, but it does underscore the extent to which scientific innovation has been a top target for foreign governments and criminal hackers looking to know what American companies are developing during the pandemic.

Apple was alone among corporate giants in foreseeing the pandemic risk in the run-up to the global COVID-19 outbreak, according to analysis by research firm Forrester. As part of a report that predicts the continuing rise of blockchain, robotic process automation and Kubernetes among the technology responses to the pandemic, Forrester also looked at how organisations are set to change their approach to operational and technological risk.

97% of enterprise decision makers believe COVID-19 accelerated their company's digital transformation efforts, according to a Twilio survey of over 2,500 enterprise decision makers. "Over the last few months, we've seen years-long digital transformation roadmaps compressed into days and weeks in order to adapt to the new normal as a result of COVID-19. Our customers in nearly every industry have had to identify new ways to communicate with their customers and stakeholders - from patients, to students, to shoppers, and even employees - essentially overnight," said Glenn Weinstein, Chief Customer Officer at Twilio.

The UK government has admitted it deployed the COVID-19 Test and Trace programme without a Data Protection Impact Assessment required by law, according to privacy campaigners the Open Rights Group. The ORG said the Department of Health and Social Care had confirmed in writing that the impact assessment had not been carried out following its legal complaint to data protection watchdog the Information Commissioner's Office.

Additional results revealed business leaders are confident in their company's business continuity during COVID-19 due to managed cloud services. 48 percent of businesses have adopted cloud solutions to provide end-customers with critical services.

CISOs are asked how secure their organization is against cyberattacks. "It's not, how secure are we, it's how ready are we to respond?" said Andrew Stanley, who was one of three CISO participants in the MIT Sloan CIO Digital Learning Series panel discussion Wednesday on "Keeping our organizations cyber-secure in the COVID-19 environment. How secure are we?".

In a recently released report by the UK National Cyber Security Centre, whose findings have been backed by Canada's Communications Security Establishment and the US NSA and CISA, the agency has warned about active cyber attacks targeting biomedical organizations that are involved in the development of a COVID-19 vaccine. On Friday, BitSight researchers shared the results of a study that looked for detectable security issues at a number of companies who play a big role in the global search for a vaccine, and found compromised systems, open ports, vulnerabilities and web application security issues.

The Kremlin-backed APT29 crew, also known by a variety of other names such as Cozy Bear, Iron Hemlock, or The Dukes, depending on which threat intel company you're talking to that week, is believed by most reputable analysts to be a wholly owned subsidiary of the FSB, modern-day successor to the infamous Soviet KGB. NCSC ops director Paul Chichester said in a statement: "We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic." Foreign Secretary Dominic Raab added: "It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic. While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health."