Yazılar

US Congressional Panel Urges Americans to Ditch China-Made Routers

/in /tarafından

A U.S. congressional committee has called for Americans to remove Chinese-made wireless routers, particularly those produced by TP-Link, citing national security concerns. The House of Representatives Select Committee on China warned that these devices could serve as entry points for Chinese hackers aiming to infiltrate U.S. critical infrastructure. The committee has also urged the Commerce Department to investigate TP-Link Technology Co., the world’s leading seller of Wi-Fi routers by volume, according to research firm IDC.

At a hearing on Wednesday, former NSA cybersecurity director Rob Joyce stated that TP-Link routers exposed users to cyber vulnerabilities, which could be exploited by hackers to launch attacks on U.S. infrastructure. He emphasized the need for action, suggesting that Americans replace these devices to prevent them from being used in cyberattacks. Reports have also surfaced that U.S. authorities are considering a potential ban on the sale of TP-Link routers.

In response, TP-Link denied any links to the Chinese government, asserting that no government controls the design or production of its products. The company further clarified that it had separated from its former Chinese affiliate and now manufactures routers in Vietnam. TP-Link’s president, Jeff Barney, described the committee’s claims as “baseless” and without merit.

During the hearing, Democratic Representative Raja Krishnamoorthi advised against using TP-Link routers, holding one up as an example. He echoed concerns about the growing sophistication of Chinese government-linked hackers, stating that they were approaching parity with U.S. cyber capabilities. Rep. Krishnamoorthi also proposed a more aggressive approach, suggesting the U.S. might need to enlist private companies to counteract hackers.

In 2023, the Cybersecurity and Infrastructure Security Agency (CISA) identified a vulnerability in TP-Link routers that could be exploited to execute remote code. U.S. lawmakers have stressed the need for stronger cyber defenses and more proactive measures to deter Chinese hackers.

Chinese Cyberattacks on Taiwan Government Surge in 2024, Report Reveals

/in /tarafından

Cyberattacks on Taiwan’s government doubled in 2024, with an average of 2.4 million attacks per day, according to a report from Taiwan’s National Security Bureau. The majority of these cyberattacks were attributed to Chinese cyber forces, marking a significant increase from the previous year, which saw 1.2 million daily attacks.

These attacks are part of what Taiwan sees as China’s ongoing “grey-zone harassment” campaign, which includes daily military drills, surveillance balloons, and escalating cyberattacks. These actions coincide with China’s growing political and military pressure on Taiwan to accept its sovereignty claim. The Government Service Network (GSN), a key Taiwanese infrastructure, was one of the primary targets of these cyberattacks, with sectors like telecommunications, transportation, and defense being particularly targeted.

Despite many of the attacks being effectively blocked, the report highlights the increasingly severe nature of China’s cyber activities. Some of the attacks were timed to coincide with Chinese military drills around Taiwan, including distributed denial-of-service (DDoS) attacks aimed at disrupting access to Taiwan’s transportation and financial institutions. The purpose of these attacks was seen as part of a broader strategy to intimidate Taiwan through military and cyber harassment.

The report also detailed efforts by China’s cyber forces to exploit advanced persistent threats and backdoor software to infiltrate Taiwan’s critical infrastructure, including highways and ports. These tactics aim to disrupt government operations and gain strategic advantages in various sectors, including politics, military, technology, and the economy.

China has repeatedly denied involvement in cyberattacks but has been frequently accused by foreign governments, including the U.S., of cyber espionage. Taiwan’s report pointed out that China’s cyberattacks included efforts to steal sensitive information from Taiwanese civil servants’ emails and involved social engineering tactics.

 

Hacker Claims Breach of US Location Tracking Company Gravy Analytics

/in /tarafından

An unknown hacker is claiming responsibility for a breach at U.S. location tracking company Gravy Analytics, with screenshots of the boast circulating online. The breach details remain unclear, but a Russian-language post and screenshots uploaded early Sunday to XSS, a site frequented by cybercriminals, allege that the company was hacked, and large volumes of data were stolen.

Gravy Analytics, which merged with Unacast in 2023, has not commented on the situation. Attempts to contact both Gravy and Unacast were unsuccessful, and Gravy’s website was down on Wednesday. The leaked data, around 1.4 gigabytes, has been reviewed by experts who have confirmed its authenticity, raising concerns that the breach is legitimate.

This hack follows recent scrutiny from the U.S. government over companies, including Gravy, that collect and sell highly detailed location data. The Federal Trade Commission (FTC) had previously settled with Gravy Analytics and another broker, Mobilewalla, over deceptive practices in gathering location data without proper consent. The FTC has raised alarms over the vulnerability of Americans’ sensitive data, especially in the context of targeted advertising and surveillance.