Stories
Slash Boxes
Comments

SoylentNews is people

China Hacks on US Continue, Facebook to Warn Users About Potential State-sponsored Attacks

posted by n1 on Tuesday October 20 2015, @06:57AM   Printer-friendly
Security News

Arthur T Knackerbracket and Phoenix666 writes:

CNet reports:

Seven US companies have been attacked by government-associated Chinese hackers in the three weeks since the US and China announced a pact that banned government spying on companies, a US security firm said Monday.

The hacks by "actors we have affiliated with the Chinese government" targeted five technology companies and two pharmaceutical companies, US security company CrowdStrike said in a blog post. The first of these occurred the day after the two countries struck a landmark pact in which they agreed not to spy on one another to steal business secrets. They "are continuing to this day", the company said.

Computer world reports:

Facebook will now warn people if it has a strong suspicion an account is being targeted by a nation-state.

The social networking service already takes steps to secure accounts that may have been compromised but has decided to directly alert users of the type of attack that's under way, wrote Alex Stamos, Facebook's chief security officer.

Since state-sponsored attacks can be more sophisticated "having an account compromised in this manner may indicate that your computer or mobile device has been infected with malware," he wrote.

Original Submission #1Original Submission #2

Related Stories

“Disabling Cyberattacks” Are Hitting Critical US Water Systems, White House Warns 36 comments

Freeman writes:

https://arstechnica.com/security/2024/03/critical-us-water-systems-face-disabling-cyberattacks-white-house-warns/

The Biden administration on Tuesday warned the nation's governors that drinking water and wastewater utilities in their states are facing "disabling cyberattacks" by hostile foreign nations that are targeting mission-critical plant operations.

"Disabling cyberattacks are striking water and wastewater systems throughout the United States," Jake Sullivan, assistant to the president for National Security Affairs, and Michael S. Regan, administrator of the Environmental Protection Agency, wrote in a letter. "These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities."

[...] The letter extended an invitation for secretaries of each state's governor to attend a meeting to discuss better securing the water sector's critical infrastructure. It also announced that the EPA is forming a Water Sector Cybersecurity Task Force to identify vulnerabilities in water systems. The virtual meeting will take place on Thursday.

"EPA and NSC take these threats very seriously and will continue to partner with state environmental, health, and homeland security leaders to address the pervasive and challenging risk of cyberattacks on water systems," Regan said in a separate statement.

This discussion has been archived. No new comments can be posted.
China Hacks on US Continue, Facebook to Warn Users About Potential State-sponsored Attacks | Log In/Create an Account | Top | 4 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Insightful) by Anonymous Coward on Tuesday October 20 2015, @07:01AM

    by Anonymous Coward on Tuesday October 20 2015, @07:01AM (#252197)
    Does that perhaps include being targeted by the United States of America?

    • (Score: 2) by LoRdTAW on Tuesday October 20 2015, @11:44AM

      by LoRdTAW (3755) on Tuesday October 20 2015, @11:44AM (#252247) Journal

      This isn't some one way street where China is the only aggressor. Though i'm sure the US government wants to paint that picture so we forget about their little NSA snafu.

      I'm pretty sure everyone, and I mean everyone, is hacking everyone else.

      • (Score: 1, Interesting) by Anonymous Coward on Tuesday October 20 2015, @05:51PM

        by Anonymous Coward on Tuesday October 20 2015, @05:51PM (#252391)

        To me it seems more like Facebook trying to scare more users into giving them their real phone numbers.

        From the article:

        When Facebook sees someone logging on from a different browser or computer, it sends a one-time passcode to their mobile phone that must be entered in order to access the account.

        Anyone who knows their IT security stuff would know that the one-time passcode would be traveling in clear-text form through many unencrypted channels to that phone.

        So if a nation state is truly targeting you and they aren't hiring/using completely incompetent fools Facebook would be helping them gain control over your account!

        Doesn't even need to be a nation-state:
        https://en.wikipedia.org/wiki/IMSI-catcher [wikipedia.org]
        http://www.wired.com/2010/07/intercepting-cell-phone-calls/ [wired.com]
        http://www.twelvesec.com/using-a-gsm-tester-to-intercept-calls-and-sms-part-2-equipment-and-setup/ [twelvesec.com]

        And if it really is a Nation-State, as far as I know the encryption is only between the phone and the cellular tower- the messages on the wire are plaintext (or effectively plaintext to the Telco). So a determined Nation-State with significant resources might be able to pwn the Telco if it didn't already own it- e.g. you're visiting/living in that Nation-State and using their Telco's network - they just have to look at the log/archive of text messages.

    • (Score: 2) by DeathMonkey on Tuesday October 20 2015, @06:01PM

      by DeathMonkey (1380) on Tuesday October 20 2015, @06:01PM (#252398) Journal

      Does that perhaps include being targeted by the United States of America?
       
      No, too much alarm fatigue. [wikipedia.org]