Security News

The Chinese surveillance balloon that drifted across the US last week looks set to spark a new round of sanctions against Middle Kingdom tech firms. Ned Price, the State Department spokesperson said on Thursday, "We're exploring taking action against PRC entities linked to the PLA that supported the balloon's incursion into US airspace."

The National Institute of Standards and Technology announced that ASCON is the winning bid for the "Lightweight cryptography" program to find the best algorithm to protect small IoT devices with limited hardware resources. The weak chips inside these devices call for an algorithm that can deliver robust encryption at very little computational power.

A top US cyber diplomat said his Twitter account was compromised over the weekend. Nate Fick, the inaugural US ambassador at large for Cyberspace and Digital Policy, on Saturday announced the hack of his personal account with - of course - a tweet.

A Chinese high-altitude surveillance balloon, spotted drifting over the US, has caused concern about national security - but the Department of Defense says it will not be shot down by F22s at this time. "The United States Government has detected and is tracking a high altitude surveillance balloon that is over the continental United States right now," read a statement from Pentagon press secretary brigadier general Pat Ryder.

The U.S. Department of State today offered up to $10 million for information that could help link the Hive ransomware group with foreign governments. "If you have information that links Hive or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government, send us your tip via our Tor tip line. You could be eligible for a reward," the State Department's Rewards for Justice Twitter account said.

The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization's offensive cyber operations during the runup to the 2022 midterm elections. "We did conduct operations persistently to make sure that our foreign adversaries couldn't utilize infrastructure to impact us," said Nakasone.

In brief Nearly 3,000 immigrants seeking asylum in the United States have been released from custody after Immigration and Customs Enforcement officials inadvertently published their personal information online. Now, the Los Angeles Times reports that ICE has promised not to deport anyone affected by the breach until they have an opportunity to raise the issue in immigration court.

T-Mobile US today said someone abused an API to download the personal information of 37 million subscribers. A regulatory filing [PDF] disclosed one or more miscreants were able to access potentially the "Name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features" of each affected customer.

Faculty and students at the University of Texas at Austin this week became the latest members of a public US university to lose access to Chinese video app TikTok via campus networks. According to Neyland's email, the ban puts the university in compliance with a December directive issued by state governor Greg Abbott.

Three years from now, hypothetically, China launches an amphibious invasion of Taiwan. There's no overland route to deliver supplies to Taiwan's military - whatever it has when China invades is what it'll have until friendly forces can resupply it over the Pacific.