Tag: brand safety-nsf online illegal

TSMC confirms supplier data breach following ransom demand by Russian-speaking cybercriminal group | CNN Business

[ad_1]

CNN
—

Taiwanese semiconductor giant TSMC confirmed Friday that one of its hardware suppliers was hacked and had data stolen from it, but said the incident had no impact on business operations.

Confirmation of the breach came after Russian-speaking cybercriminals claimed TSMC as a victim on Thursday and demanded an extraordinary $70 million ransom from the semiconductor firm.

There were no signs that TSMC or the hardware supplier, Taiwanese firm Kinmax, had any plans to pay the hackers (representatives from both companies didn’t respond to CNN’s questions about any ransom).

TSMC — one of the world’s largest chipmakers and a key supplier to Apple

(AAPL) — was quick to assure investors and the public that the hack had no impact on its operations and that it did not compromise its customers’ data.

“After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures,” TSMC said in a statement to CNN.

The hackers accessed Kinmax’s internal “testing environment” for the technology it prepares to deliver to customers, Kinmax said in a statement distributed by TSMC.

“The leaked content mainly consisted of system installation preparation that the Company provided to our customers as default configurations,” Kinmax said. The company apologized to customers whose names may show up in the leaked data.

Ransomware groups are known to exaggerate the value of the data they steal and make outlandish demands that are never met.

LockBit is the name of the group claiming responsibility for the hack of the TSMC supplier and the type of ransomware they use. LockBit ransomware was the most deployed ransomware around the world in 2022, according to US cybersecurity officials.

Jon DiMaggio, an executive at security firm Analyst1 who has studied LockBit extensively, said the hackers will likely publish the stolen data or sell it if TSMC refuses to negotiate a ransom.

For years, American officials and Taiwanese cybersecurity experts have looked to fortify the island’s infrastructure in the face of hacking threats.

Taiwan’s chip industry is critical to the global hardware supply chain, making any potentially impactful cyberattacks on it a concern for government officials and business executives around the world.

While the TSMC-related hacking incident doesn’t appear to have been impactful, a separate ransomware attack in 2020 on Taiwan’s state-run energy company temporarily disrupted some customers’ ability to pay for gas with company cards, according to local media reports at the time.

[ad_2]

Source link

April 12, 2021
Japan’s largest port hit with ransomware attack | CNN Business

[ad_1]

New York
CNN
—

Japan’s busiest shipping port said Thursday it would resume operations after a ransomware attack prevented the port from receiving shipping containers for two days.

The expected restoration of the Port of Nagoya, a hub for car exports and an engine of the Japanese economy, will ease concerns about any wider economic fallout from the ransomware attack.

The hacking incident began Tuesday when the computer system that handles shipping containers was knocked offline, according to a statement from the Nagoya Harbor Transportation Association. The hack forced the port to stop handling shipping containers that came to the terminal by trailer, the association said.

Ransomware is a type of malicious software that typically locks the computers of a victim organization so that hackers can demand payment.

This is the first reported ransomware attack on a Japanese port, and the incident has “created great concerns over the impact on the local economy and supply chain including the auto industry,” Mihoko Matsubara, chief cybersecurity strategist at NTT Corporation, a Japanese telecom firm, told CNN.

Japanese media reported that LockBit, a type of ransomware linked with Russian-speaking hackers, was used in the hack.

The LockBit cybercriminal group has been prolific in recent weeks, claiming Taiwanese semiconductor giant TSMC as a victim last week (TSMC said one of its hardware suppliers was hacked but the incident had no impact on TSMC’s business operations.)

As of midday Thursday in Japan, there was no claim of responsibility for the Port of Nagoya ransomware attack from the LockBit group on their dark-web site.

It was unclear if the Port of Nagoya received a ransom demand. CNN was unable to reach a spokesperson for the port association.

Japanese critical infrastructure operators should drill for cyberattacks on their supply chains and have a response plan in place, given threats from both cybercriminals and state-backed hackers, Matsubara told CNN.

Though this may be a first for Japan, ransomware and related hacks have hit ports in other countries.

In 2017, malicious software allegedly unleashed by the Russian military on Ukraine spread around the world and disrupted operations at shipping giant Maersk, coasting the company an estimated $300 million.

— CNN’s Mayumi Maruyama contributed to this report

[ad_2]

Source link

April 12, 2021
China-based hackers breached US government email accounts, Microsoft and White House say | CNN Politics

[ad_1]

CNN
—

China-based hackers have breached email accounts at two-dozen organizations, including some United States government agencies, in an apparent spying campaign aimed at acquiring sensitive information, according to statements from Microsoft and the White House late Tuesday.

The full scope of the hack is being investigated, but US officials and Microsoft have been quietly scrambling in recent weeks to assess the impact of the hack, which targeted unclassified email systems, and contain the fallout.

The federal agency where the Chinese hackers were first detected was the State Department, a person familiar with the matter told CNN. The State Department then reported the suspicious activity to Microsoft, the person said.

The Department of Commerce, which has sanctioned Chinese telecom firms, was also breached. The hackers accessed Commerce Secretary Gina Raimondo’s email account, one source familiar with the investigation told CNN. The Washington Post first reported on the access of the secretary’s account.

The Chinese hackers were detected targeting a small number of federal agencies and just a handful of officials’ email accounts at each agency in a hack aimed at specific officials, multiple sources familiar with the investigation told CNN.

“Microsoft notified the (Commerce) Department of a compromise to Microsoft’s Office 365 system, and the Department took immediate action to respond,” a department spokesperson said in a statement on Wednesday.

The spokesperson did not immediately reply to a request for comment on the targeting of Raimondo’s email account.

The hackers targeted email accounts at the House of Representatives, but it was unclear who was targeted and if the breach attempts were successful, two sources familiar with the matter told CNN.

The breaches add to what is already one of the steepest cybersecurity challenges facing the Biden administration: limiting the ability of Beijing’s formidable hacking teams to access US government and corporate secrets.

“Last month, US government safeguards identified an intrusion in Microsoft’s cloud security, which affected unclassified systems,” National Security Council spokesperson Adam Hodge said in a statement to CNN.

“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” Hodge said. “We continue to hold the procurement providers of the US Government to a high security threshold.”

The State Department “detected anomalous activity, took immediate steps to secure our systems, and will continue to closely monitor and quickly respond to any further activity,” a department spokesperson said on Wednesday.

US Capitol Police declined to comment, referring CNN to the FBI.

Hodge did not identify who was behind the hack, but Microsoft executives said in a blog post that the hackers were based in China and focused on espionage.

In response to the Microsoft and White House statements, the Chinese foreign ministry on Wednesday accused Washington of conducting its own hacking operations.

US officials have consistently labeled China as the most advanced of US adversaries in cyberspace, a domain that has repeatedly been a source of bilateral tension in recent years. The FBI has said Beijing has a larger hacking program than all other governments combined.

China has routinely denied the allegations.

The hacking began in mid-May, when the China-based hackers used a stolen sign-in key to burrow their way into email accounts, according to Microsoft. The tech giant has since blocked the hackers from accessing customer emails using that technique, Microsoft said late Tuesday.

Secretary of State Antony Blinken visited China in mid-June, but it was not immediately clear if the cyber-espionage campaign was connected to that high-stakes visit.

Some US officials credited the State Department with investing in more cyber-defense capabilities, allowing the agency to detect the suspicious activity earlier than in past advanced hacks.

The number of US organizations, public or private, impacted by the hacking campaign is in the “single digits,” a senior US Cybersecurity and Infrastructure Security Agency official told reporters on Wednesday.

“This appears to have been a very targeted, surgical campaign,” the official said.

This story has been updated with additional information.

[ad_2]

Source link

April 12, 2021