Reuters: Chinese spyware code was copied from America’s NSA: researchers. “Chinese spies used code first developed by the U.S. National Security Agency to support their hacking operations, Israeli researchers said on Monday, another indication of how malicious software developed by governments can boomerang against their creators.”
ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack
ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack. “The software company SolarWinds unwittingly allowed hackers’ code into thousands of federal computers. A cybersecurity system called in-toto, which the government paid to develop but never required, might have protected against this.”
Politico: France identifies Russia-linked hackers in large cyberattack. “France’s cybersecurity agency ANSSI on Monday said ‘several French entities’ had been breached, and linked the attacks to a Russian hacker group thought to be behind some of the most devastating cyberattacks in past years. The agency said it had identified “an intrusion campaign” in which hackers, linked to Russian military intelligence agency GRU, compromised the French software firm Centreon in order to install two pieces of malware into its clients’ networks.”
AP: Russian hack of US agencies exposed supply chain weaknesses. “The elite Russian hackers who gained access to computer systems of federal agencies last year didn’t bother trying to break one by one into the networks of each department. Instead, they got inside by sneaking malicious code into a software update pushed out to thousands of government agencies and private companies.”
Quartz: US spies want to know how to identify compromised AI. “The US government’s research arm for intelligence organizations, IARPA, is looking for ideas on how to detect ‘Trojan’ attacks on artificial intelligence, according to government procurement documents.”
TechCrunch: Russian hackers ‘Fancy Bear’ now targeting governments with rootkit malware. “Security researchers say that they have found evidence that for the first time Russia-backed hackers are now using a more sophisticated type of malware to target government entities. ESET presented its case Thursday that the hacker group, known as Fancy Bear (or APT28), is using rootkit malware to target its victims. That marks an escalation in tactics, which the researchers say the group’s hacking capabilities ‘may be even more dangerous than previously thought.’” ESET sounds like it should be an explained acronym but it’s the name of a security company.