Man
Professional
- Messages
- 3,070
- Reaction score
- 605
- Points
- 113
What will the NSA offer this time to protect against Chinese hackers?
The US Department of Homeland Security has imposed strict restrictions on employee communication after the disclosure of another Chinese cyberattack. The agency's chief information officer, Eric Haysen, sent a service directive to his colleagues that they were only allowed to use devices issued by the agency.
Ministry employees were instructed to conduct work correspondence mainly through Microsoft Teams. The guide also warned against the careless use of telephone communications and SMS messaging.
The strengthening of security measures is associated with the penetration of the Salt Typhoon hacker group into the systems of leading American operators. AT&T, Lumen and Verizon were hit. According to the Wall Street Journal, cybercriminals could have been on corporate networks for about eight months.
Experts who have studied the activities of Salt Typhoon speak of the highest level of training of the group's members. The hackers have demonstrated not only outstanding technical skills, but also the ability to act methodically and without attracting attention. According to analysts, the telecommunications data obtained by the attackers is a real treasure for the special services of any country.
But the US Bureau of Consumer Protection in the Financial Industry completely excluded the use of phones for official communication. Subsequently, the department assured that hackers failed to penetrate its information systems.
Members of the American intelligence community reported on the scale of the hack at a congressional meeting. It is still unclear whether the attack affected the surveillance systems operating under the Foreign Intelligence Surveillance Act. Access to such networks would allow Beijing to learn about the goals of American intelligence agencies abroad.
Kevin Mandia, the founder of Mandiant, a cyber threat company, recalled that the correspondence of diplomats has always attracted attackers. Emails and messages also provide valuable information about the intentions and plans of government officials.
In the aftermath of the attack, many questioned the credibility of the Communications Law Enforcement Assistance Act (CALEA). According to this law, telecom operators must provide the technical ability to listen to conversations at the request of special services.
Under FCC rules, telecommunications companies have the right to choose how to comply with CALEA requirements. Operators can develop their own solutions, use the best practices of equipment manufacturers or turn to third-party organizations. Those responsible for cyber defense agree on one thing: existing standards need to be changed.
The US Department of Homeland Security entrusted the investigation of the incident to a specially created Cybersecurity Council. In parallel, the Joint Coordination Group is working, which is responsible for organizing countermeasures to threats at the state level.
Source
The US Department of Homeland Security has imposed strict restrictions on employee communication after the disclosure of another Chinese cyberattack. The agency's chief information officer, Eric Haysen, sent a service directive to his colleagues that they were only allowed to use devices issued by the agency.
Ministry employees were instructed to conduct work correspondence mainly through Microsoft Teams. The guide also warned against the careless use of telephone communications and SMS messaging.
The strengthening of security measures is associated with the penetration of the Salt Typhoon hacker group into the systems of leading American operators. AT&T, Lumen and Verizon were hit. According to the Wall Street Journal, cybercriminals could have been on corporate networks for about eight months.
Experts who have studied the activities of Salt Typhoon speak of the highest level of training of the group's members. The hackers have demonstrated not only outstanding technical skills, but also the ability to act methodically and without attracting attention. According to analysts, the telecommunications data obtained by the attackers is a real treasure for the special services of any country.
But the US Bureau of Consumer Protection in the Financial Industry completely excluded the use of phones for official communication. Subsequently, the department assured that hackers failed to penetrate its information systems.
Members of the American intelligence community reported on the scale of the hack at a congressional meeting. It is still unclear whether the attack affected the surveillance systems operating under the Foreign Intelligence Surveillance Act. Access to such networks would allow Beijing to learn about the goals of American intelligence agencies abroad.
Kevin Mandia, the founder of Mandiant, a cyber threat company, recalled that the correspondence of diplomats has always attracted attackers. Emails and messages also provide valuable information about the intentions and plans of government officials.
In the aftermath of the attack, many questioned the credibility of the Communications Law Enforcement Assistance Act (CALEA). According to this law, telecom operators must provide the technical ability to listen to conversations at the request of special services.
Under FCC rules, telecommunications companies have the right to choose how to comply with CALEA requirements. Operators can develop their own solutions, use the best practices of equipment manufacturers or turn to third-party organizations. Those responsible for cyber defense agree on one thing: existing standards need to be changed.
The US Department of Homeland Security entrusted the investigation of the incident to a specially created Cybersecurity Council. In parallel, the Joint Coordination Group is working, which is responsible for organizing countermeasures to threats at the state level.
Source
