Chinese hackers soon will steal everything

[xdangerousxdavex]

Number affected by hack soars to 18M agency head says nobody personally responsible Fox News

As you can remember, first they claimed Chinese hackers stole data of 4 million of state employees. Now it’s 18 million and maybe more, up to 30 million!
If you’ve seen this news about Chinese hacking attacks on the reliable sources, share it. They don’t know when hackers stole information, they don’t know how much info was stolen. But they definitely need to report it to citizens to raise another stink. Ridiculous are the media lies.

 

[waltky]

Uncle Ferd says it's prob'ly dem Chinamens...

IRS Commissioner: ‘More Than 1 Million Malicious Attempts’ to Access IRS Computers Daily
April 12, 2016 | IRS Commissioner John Koskinen told the Senate Finance Committee on Tuesday that the Internal Revenue Service’s computers “withstand more than 1 million malicious attempts to access them each day.” “We work continuously to protect our main computer systems from cyber attacks and to safeguard taxpayer information stored in our databases. These systems withstand more than 1 million malicious attempts to access them each day,” Koskinen said in his opening statement.

Koskinen said the IRS has made “steady progress in protecting against fraudulent refund claims and criminally prosecuting those who engage in this crime,” but he said the type of criminal it deals with has changed. “The problem used to be random individuals filing a few dozen or a few hundred false tax returns at a time. Now we’re dealing more and more with organized crime syndicates here and in other countries,” he said. “They are gathering, as the chairman noted, almost unimaginable amounts of personal data from sources outside the IRS so they can do a better job of impersonating taxpayers, evading our return-processing filters and obtaining fraudulent refunds,” Koskinen added.

To combat this “complex and evolving threat,” the IRS joined with leaders of the electronic tax industry, the software industry, and the states to create the Security Summit Group” in March 2015, Koskinen said. “This is an unprecedented partnership that is focused on making the tax filing experience safer and more secure for taxpayers in 2016 and beyond. Our collaborative efforts have already shown concrete results this filing season. For example, Security Summit partners have helped us improve our abilities to spot potentially false returns before they’re processed,” he added.

In written testimony to the committee, Koskinen said the IRS “initially identified approximately 114,000 taxpayers whose transcripts had been accessed and approximately 111,000 additional taxpayers whose transcripts were targeted but not accessed” during last year’s tax filing season. “We offered credit monitoring, at our expense, to the group of 114,000 for which the unauthorized attempts at access were successful. We also promptly sent letters to all of these taxpayers to let them know that third parties may have obtained their personal information from sources outside the IRS in an attempt to obtain their tax return data using the Get Transcript online application,” he wrote. “One aspect of the IRS’s efforts to help taxpayers affected by identity theft involves the IP PIN, a unique identifier that authenticates a return filer as the legitimate taxpayer,” he wrote. “If the IRS identifies a return as fraudulently filed, the IRS offers the legitimate taxpayer the ability to apply for an IP PIN for use when filing their next return.”

The IP PIN is mailed to the taxpayer’s address of record and is valid for only one tax filing season. The IP PIN program began in 2011. Since then, the program “has grown significantly,” Koskinen wrote. For the 2016 tax filing season, the IRS issued IP PINs to 2.7 million taxpayers identified as victims of identity theft or participants in a pilot program. Participants of the pilot program live in Florida, Georgia, and Washington, D.C. – areas with “high concentrations of stolen identity refund fraud.”

IRS Commissioner: ‘More Than 1 Million Malicious Attempts’ to Access IRS Computers Daily

 

[waltky]

Hackers selling info on cracked servers...

'Hacker’s Dream:’ Market Sells Access to Compromised Servers
June 15, 2016 - An online underground marketplace that sells access to hacked servers all over the world is a “hacker’s dream,” according to a cyber security firm.

Moscow-based Kaspersky Lab says the market, called xDedic, is selling access to more than 70,000 compromised government and corporate servers in more than 173 countries with the prices starting at a mere $6.

"It’s a marketplace similar to eBay where people can trade information about cracked servers," Costin Raiu, head of global research at Kaspersky Lab, told Bloomberg. "The forum owners verify the quality of the hacked data and charge a commission of 5 percent for transactions."

Kaspersky said the companies affected include a U.S. aerospace firm, as well as oil companies from the United Arab Emirates and China.

In a post on the Kaspersky website, the company said the “possibilities are truly endless” for hackers who buy server access from xDedic, which Kaspersky said appears to be run by Russian speakers. The firm said the hacked servers come with pre-installed software that could allow low-level hackers to launch denial-of-service attacks, obtain stolen credit card information or illegally mine digital currencies like bitcoins.

'Hacker’s Dream:’ Market Sells Access to Compromised Servers

See also:

Pentagon Unleashes Cyber Effort to Counter Militants on Battlefield
June 15, 2016 — Unit is part of effort to intensify cyber war against Islamic State in order to 'physically and virtually isolate' terror group

The Pentagon has launched a new cyber task force to counter the Islamic State group, and officials say it is creating advantages both in cyberspace and on the battlefield. The task force, JTF-Ares, was developed in May and is in its “initial operation phase,” U.S. Cyber Command spokesman Joe Holstead said. The military has carried out several cyber offensive operations against IS militants, which experts say have produced many coalition successes in the last few months. “There’s no bang, and there’s no explosion, but it does give you a military advantage,” said James Lewis of the Center for Strategic and International Studies.

The Arabic-language al-Shamouk jihadist website, shown in 2012, shows promotional material for an animated cartoon that an al-Qaida affiliate said it planned to roll out to help recruit children into the terror network.​

During Secretary of Defense Ash Carter’s latest news briefing at the Pentagon, he said the U.S. military was looking to “accelerate” the cyber war against IS in order to “physically and virtually isolate” the terror group. Holstead said the new task force is a part of that acceleration effort, using both operations and intelligence professionals from all military branches to “improve efficiencies” and unify cyber efforts for a “focused and sustained cyberspace campaign in support of the broader counter-ISIL [Islamic State] efforts in Syria and Iraq.” A defense official, speaking to VOA on the condition on anonymity, confirmed Wednesday that specific cyber tools were being developed and integrated into the coalition battle, but declined to give details because of operational sensitivities.

Disruptive effects

Carter has said the U.S. is using cyber attacks to interrupt IS command and control, to cause the militants to lose confidence in their networks and to overload their networks so that they can't function. Some penetrations have interrupted supply chains or sent enemy combatants to the wrong places, according to Lewis, who directs the CSIS Strategic Technologies Program. Colonel Chris Garver, a spokesman for the U.S.-led coalition fighting IS in Iraq and Syria, told VOA on Tuesday that the coalition had reaped the benefits from this disruption of networks through both cyber attacks coming out of U.S. Cyber Command and kinetic attacks on the ground. “Just as when we attack a radio station, the disruption by cyber attacks fits into that,” Garver said in a phone interview from Baghdad. “It’s harder to count than the bombs we drop, but it certainly has an effect.”

Garver told reporters last week via teleconference that the coalition had seen changes in the terror group’s communication structure as multiple attacks on its networks forced the use of other means of transferring information. IS leaders communicate with their fighters by cellphones, push-to-talk radios, internet applications and emails. On the battlefield, the coalition has focused on bombing IS headquarters to destroy large amounts of communications devices at once, but strikes do not always happen immediately. “We may be listening, we may be watching,” Garver told reporters, “and we may not hit that right away because we want to keep using that to gather intelligence.”

Eliminate or infiltrate

 

[waltky]

Chinese hackers getting more sophisticated...

Chinese hackers getting sophisticated
Thu, Apr 05, 2018 - UNDER ATTACK: The government’s digital domains suffered 10 level 3 incidents last year, which might have compromised personal data stored on the affected systems

The threat from state-sponsored cyberattacks on the nation’s digital infrastructure, including those directed by Beijing-affiliated groups, has increased in sophistication and severity over the past year, the Department of Cyber Security said yesterday. Last year, Chinese hackers mounted 288 successful cyberattacks on the government’s systems, or 80 percent of the total of 360 successful attacks that the department discovered, department Director Chien Hung-wei said. Each month, the government’s systems are subjected to anywhere between 20 million and 40 million attacks, in addition to billions of probing actions made by hackers looking for weaknesses, he said. These actions are initiated by hackers from around the world, though groups based in China are believed to be involved in many of them, Chien said.

The overwhelming majority of cyberattacks are level 1 or level 2 events that result in unauthorized changes to Web pages or other minor damage, he said. However, the government’s digital domains suffered 10 level 3 incidents, which might have compromised personal data stored on the affected systems, he said. While there were no successful level 4 attacks — the highest threat level — against the nation’s infrastructure, Chinese hackers had improved the success rate of their attacks, he said. “The increasing precision of Chinese attacks is a matter of concern for this department,” Chien said. Hackers route their attacks through servers in the US, Russia, EU member states and other nations, which makes pinpointing an attack’s point of origin difficult, he said.

President Tsai Ing-wen, center left, attends the inauguration of the information communication and electronic warfare office under the Ministry of National Defense’s General Staff Headquarters in Taipei​

However, the department is able to identify specific patterns, traits and other modes of operation that are associated with China-sponsored hackers, including the presence of certain characters or styles of coding used in hacking tools, he said. Hackers from China, North Korea and Russia have been highly active, and Taiwan often serves as a testing ground for new hack tools or techniques before their deployment against targets in other nations, he said. As a result, foreign governments have expressed an interest in gaining access to the information the department has collected on cyberattacks directed against Taiwan, he said. The department is overseeing the government’s efforts to develop a system of defense to shield its core computer systems, infrastructure and sensitive data from cyberattacks, Chien said.

The defensive system would involve building up defenses at each of the government’s Web portals and each of the office domains connected to them, he said. Furthermore, government offices need to communicate with each other and share information about cyberattacks to coordinate their security efforts and discern emerging threats, he said. An academic, on the day of being nominated a Cabinet official, had received an e-mail with an embedded virus that was designed to penetrate the government’s internal networks, said an official, who asked not to be named.

Chinese hackers getting sophisticated - Taipei Times