|
|
|
|
|
Cyber Daily: Political Summits Signal International Focus on Ransomware
|
|
|
|
|
|
Hello. President Biden's meetings with allies in Europe underscore the global threat of ransomware. This attention from world leaders highlights how quickly the destructive cyberattacks have ascended the political agenda, WSJ Pro's Catherine Stupp reports from Brussels.
Other news: Alibaba data leak; Verizon targeted; hospitals at risk in denial-of-phone-service attacks; South Korean cargo shipper reveals security breach; EU's top court expands regulator authority.
|
|
|
Sponsored by Netscout
|
|
A New Kind of Adversary
Without the right protection, yours could be next. See how NETSCOUT visibility can detect and help mitigate these complex threats.
Learn How Today
|
|
|
|
|
|
|
|
|
National flags of the U.S. and Russia at the waterfront near Villa La Grange ahead of the U.S.-Russia summit in Geneva. President Biden is expected to pressure Russian President Vladimir Putin to curb ransomware groups based in Russia. PHOTO: STEFAN WERMUTH/BLOOMBERG NEWS
|
|
|
|
Political summits signal an international focus on ransomware. On Wednesday in Geneva, President Biden is expected to pressure Russian President Vladimir Putin to curb ransomware groups based in Russia.
Meanwhile, at the North Atlantic Treaty Organization summit on Monday and the Group of Seven meeting last weekend, leaders committed to disrupting ransomware networks and holding attackers accountable, in documents published after each summit.
“This is an issue that has been starving for that political attention for a long time,” said Chris Painter, a former senior official in charge of cyber issues at the U.S. State and Justice departments.
Read the full story.
|
|
|
More Cyber and Privacy News
|
|
|
|
|
Two men were sentenced to more than three years in prison related to a data-scraping case affecting China's Alibaba. PHOTO: QILAI SHEN/BLOOMBERG NEWS
|
|
|
|
Prison sentences for Alibaba data leak: A Chinese software developer trawled Alibaba Group Holding Ltd.’s popular Taobao shopping website for eight months, clandestinely collecting more than 1.1 billion pieces of user information before Alibaba noticed the scraping, a Chinese court verdict said. Data collected included user IDs, mobile-phone numbers and customer comments. (WSJ)
-
An Alibaba spokeswoman said the company proactively discovered and addressed the incident and was working with law enforcement to protect its users. She wouldn’t elaborate on how many people were affected. No user information was sold to a third party and no economic loss occurred, she said.
-
About 925 million people use Alibaba’s Chinese retail platforms at least once a month, according to the company.
-
The Henan court filing, dated in May but released this month, indicated the software developer, surnamed Lu, passed the phone numbers he collected to his employer. The employer, who operated a company doing promotion for sellers on Taobao, used the information to target clients and claim coupons from Taobao. The two were each sentenced to more than three years in prison.
|
|
|
PHOTO: DAVID PAUL MORRIS/BLOOMBERG NEWS
|
|
|
Verizon targeted in hack traced to China. Hackers suspected to be operating in China were discovered in April to have attacked Verizon Communications Inc. in a widespread campaign to exploit vulnerabilities in networking technology. The involvement of Verizon wasn't previously known. (Associated Press)
|
|
|
-
Other organizations, including the New York subway system and the Metropolitan Water District of Southern California, were also targeted through holes in technology from cybersecurity firm Pulse Secure.
-
A Verizon representative said it isolated a compromise of a Pulse device and no data was accessed.
-
Pulse has issued fixes for the vulnerability. The Chinese government has denied involvement in the campaign.
|
|
|
PHOTO: ANGELA WEISS
/AGENCE FRANCE-PRESSE/GETTY IMAGES
|
|
|
Denial of phone service: Hospitals are being flooded with robocalls, sometimes enough to disrupt phone services used by medical staff handling emergencies. A ransom demand often comes with such an attack. Hospitals with response plans for such incidents will be better equipped to navigate them, the Federal Communications Commission said. Other recommendations for hospital technology staff include:
|
|
|
-
Use blocking services provided by telecommunications providers and collect data about robocall attacks to share with law enforcement and other hospitals.
-
Isolate critical phone lines from the rest of the voice network.
South Korean shipper disclosed breach. Seoul-based container shipper HMM Co. said its Microsoft Outlook email system is down in the U.S. and Europe because of a security breach. Operations have continued normally, the shipper said, adding that it is investigating the incident. (The Loadstar)
|
|
|
|
|
PHOTO: ARTUR WIDAK/ZUMA PRESS
|
|
|
EU court ruling extends reach of privacy watchdogs. A privacy regulator in the European Union can bring a case against a company even if its Europe headquarters isn't within the regulator's home country, the EU's top court ruled Tuesday. The case began when Belgium's privacy watchdog took Facebook to court despite the tech giant operating its European base in Ireland.
|
|
|
👉 The decision from the European Court of Justice affects any company that does business in any of the 27 EU countries and undermines a provision known as the one-stop-shop rule in the 2018 General Data Protection Regulation. That rule says companies are overseen by the national data regulator in the EU country where their European headquarters is located. The idea was to streamline interactions between regulators and firms, but in practice, many cases were funneled to just a few watchdogs, slowing oversight. Read more from WSJ Pro Cybersecurity.
|
|
|
|
|
|
|
|
|