Chinese agents target telcos, Your water is safe to drink, DOJ and Microsoft take down Russian-linked phishing, No More Secrets podcast
By John Bruggeman, virtual Chief Information Security Officer
Chinese agents attack major telecommunications companies
Various news outlets have reported that Chinese agents attacked several major telecommunication companies over the last few months, and U.S. Congress is demanding answers. Chief executives from several large telecommunication companies were called before Congress in October and asked for details on several cybersecurity attacks this past year.
Congress wanted to know what security controls the companies had in place to protect their critical infrastructure because the frequency and severity of the attacks were increasing. The target of these Chinese attackers appears to be the infrastructure that these telcos use to implement court-ordered wiretaps on phone lines.
The House Energy and Commerce Committee demanded that additional security controls be implemented for telecommunications companies so that the U.S. would be less vulnerable to attacks by foreign agents.
What to do?
Cybersecurity risk posed by foreign agents is real! We can help you improve your cybersecurity posture.
How?
We start with a cybersecurity assessment of your security controls and infrastructure, then deliver a three-year roadmap after the assessment is complete. Think of it like going to your doctor to find out what you need to do to improve your health—we recommend some standard things everyone should do and custom tools to support any particular needs. We will provide you with a template and guide to improve your cybersecurity program.
More details on these attacks can be found here.
Your water is safe to drink!
New Jersey-based American Water reported that no water or wastewater plants were impacted by a recent cybersecurity attack. American Water supplies millions of U.S. customers with drinking water and filed a Form 8-K with the SEC regarding this recent cybersecurity attack.
The filing is part of new SEC rules on cybersecurity breaches. The attack hit their digital infrastructure and shut down the payment portal and account management portal for their customers. The main impact was on customers who wanted to pay their bill, manage their account, or schedule services.
What to do?
Do you have an incident response plan?
If you do, that is GREAT!
When did you last test the plan?
If the answer is “never” or “not recently,” we can create a custom exercise for your organization to see how your team will respond to an incident.
Just like you would never send your kid out to play baseball or football or soccer without practice, the same is true for the IT department and the cybersecurity team. Both groups need practice to succeed, and OnX can help.
Our cybersecurity consulting team can provide a high-level executive tabletop exercise for senior leadership, or an “in the weeds” technical tabletop that will help them feel more confident and comfortable when an incident occurs.
More information on the attack can be found here.
DOJ and Microsoft take down Russian-linked phishing infrastructure
The Callisto Group—which has been linked with the Federal Security Service of the Russian Federation, aka the FSB—has been targeting U.S. military contractors, DOD companies, NGOs, journalists, and government officials with a sophisticated phishing campaign.
This past month the U.S. DOJ and Microsoft shut down more than 100 domains used by the group to launch targeted phishing campaigns, which are known as spear phishing attacks. The DOJ warrant took down 41 domains and Microsoft’s warrant took down an additional 66 domains.
The work by the DOJ and Microsoft helped slow Russian intelligence agents and their helpers or proxies prior to the recent U.S. elections by forcing them to rebuild their infrastructure before they could launch new attacks.
The website takedown also follows criminal charges levied against two alleged Callisto-affiliated individuals—FSB officer Ruslan Aleksandrovich Peretyatko and co-conspirator Andrey Stanislavovich Korinets—for their supposed roles in a scheme to break into computer networks in the U.S., the UK, other NATO countries, and in Ukraine on behalf of the Russian government.
What to do?
Spread the good news!
The wheels of justice move slowly, and it can feel like the bad guys are always winning, but you must be patient to see the fruits of your hard work.
Also, this is a reminder that the threat landscape has changed. It continues to be an area where you need to invest wisely in cybersecurity to deal with these advanced criminal groups.
For more information, you can check out The Register.
No More Secrets Podcast has new episodes!
In case you haven’t heard, the “No More Secrets” podcast has new episodes available for download. The content is fun, easy to follow, and a great way to stay up to date on the latest in cybersecurity!
No More Secrets Podcast Series - Apple Podcasts
About the author
John Bruggeman is a veteran technologist, CTO, and CISO with nearly 30 years of experience building and running enterprise IT and shepherding information security programs toward maturity. He helps companies, boards, and C-level committees improve and develop their cybersecurity programs, create risk registers, and implement compliance controls using industry-standard frameworks like CIS, NIST, and ISO
Military Expert en Security fisica integral
1moKind regards: Read well this statement: I am a retired soldier of the Ecuadorian Army with my 26 years of professional career. I AM LOOKING FOR JOB AND JOB OFFERS; I NEITHER SEEK NOR DESIRE ANY GIFTS OF MONEY NOR FINANCIAL AID. What I hope and seek is to work and job offers because I need to raise the amount of money: 300,000 American dollars to pay a heart operation to my mother and cover all expenses. Therefore I ask and pray to you that you open the doors of your heart to me and extend your hands and arms. I am a citizen of Ecuadorian nationality and professional military, I see that in some countries require labor of Latino people, or have XENOPHOBIA, RACISM AND DISCRIMINATION against us professional Latino military?. My private email address is: raul-militar@live.com and my mobile-whassatp number: +593988901740 He reiterated my greetings of appreciation, esteem and friendship. Atte; Raúl Humberto Rodríguez Miranda Sergeant Major 1st Army of Ecuador (R)