WASHINGTON: US and British agencies disclosed on Thursday details of “brute force” methods they say have been used by Russian intelligence to try to break into the cloud services of hundreds of government agencies, energy companies and other organizations.
An advisory released by the US National Security Agency describes attacks by operatives linked to the GRU, the Russian military intelligence agency, which has been previously tied to major cyberattacks abroad and efforts to disrupt the 2016 and 2020 American elections.
In a statement, NSA Cybersecurity Director Rob Joyce said the campaign was “likely ongoing, on a global scale.”
Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access. The advisory urges companies to adopt methods long urged by experts as common-sense cyber hygiene, including the use of multi-factor authentication and mandating strong passwords.
Issued during a devastating wave of ransomware attacks on governments and key infrastructure, the advisory does not disclose specific targets of the campaign or its presumed purpose, saying only that hackers have targeted hundreds of organizations worldwide.
The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019 through early this year. While a “significant amount” of the attempted break-ins targeted organizations using Microsoft’s Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.
The US has long accused Russia of using and tolerating cyberattacks for espionage, spreading disinformation, and the disruption of governments and key infrastructure.
The Russian Embassy in Washington on Thursday “strictly” denied the involvement of Russian government agencies in cyberattacks on US government agencies or private companies.
In a statement posted on Facebook, the embassy said, “We hope that the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security.”
Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the activity described by NSA on Thursday shows the GRU has further streamlined an already popular technique for breaking into networks. He said it appears to overlap with Department of Energy reporting on brute force intrusion attempts in late 2019 and early 2020 targeting the US energy and government sectors and is something the US government has apparently been aware of for some time.
Slowik said the use of Kubernetes “is certainly a bit unique, although on its own it doesn’t appear worrying.” He said the brute force method and lateral movement inside networks described by NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.
John Hultquist, vice president of analysis at the cybersecurity firm Mandiant, characterized the activity described in the advisory as “routine collection against policy makers, diplomats, the military, and the defense industry.”
“This is a good reminder that the GRU remains a looming threat, which is especially important given the upcoming Olympics, an event they may well attempt to disrupt,” Hultquist said in a statement.
The FBI and the Cybersecurity and Infrastructure Security Agency joined the advisory, as did the British National Cyber Security Center.
The GRU has been repeatedly linked by US officials in recent years to a series of hacking incidents. In 2018, special counsel Robert Mueller’s office charged 12 military intelligence officers with hacking Democratic emails that were then released by WikiLeaks in an effort to harm Hillary Clinton’s presidential campaign and boost Donald Trump’s bid.
More recently, the Justice Department announced charges last fall against GRU officers in cyberattacks that targeted a French presidential election, the Winter Olympics in South Korea and American businesses.
Unlike Russia’s foreign intelligence agency SVR, which is blamed for the SolarWinds hacking campaign and is careful not to be detected in its cyber ops, the GRU has carried out the most damaging cyberattacks on record, including two on Ukraine’s power grid and the 2017 NotPetya virus that caused more than $10 billion in damage globally.
GRU operatives have also been involved in the spread of disinformation related to the coronavirus pandemic, US officials have alleged. And an American intelligence assessment in March says the GRU tried to monitor people in US politics in 2019 and 2020 and staged a phishing campaign against subsidiaries of the Ukrainian energy company Burisma, likely to gather information damaging to President Joe Biden, whose son had earlier served on the board.
The Biden administration in April sanctioned Russia after linking it to election interference and the SolarWinds breach.
US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
https://arab.news/v385k
US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
- Operatives linked to Russia's spy agency GRU have tried to break into networks using Kubernetes, says NSO
India’s foreign minister rejects Biden’s ‘xenophobia’ comment
NEW DELHI: Indian foreign minister Subrahmanyam Jaishankar rejected US President Joe Biden’s comment that “xenophobia” was hobbling the South Asian nation’s economic growth, The Economic Times reported on Saturday.
Jaishankar said at a round table hosted by the newspaper on Friday that India’s economy “is not faltering” and that it has historically been a society that is very open.
“That’s why we have the CAA (Citizenship Amendment Act), which is to open up doors for people who are in trouble ... I think we should be open to people who have the need to come to India, who have a claim to come to India,” Jaishankar said, referring to a recent law that allows immigrants who have fled persecution from neighboring countries to become citizens.
Earlier this week, Biden had said “xenophobia” in China, Japan and India was holding back growth in the respective economies as he argued migration has been good for the US economy.
“One of the reasons why our economy’s growing is because of you and many others. Why? Because we welcome immigrants,” Biden said at a fundraising event for his 2024 re-election campaign and marking the start of Asian American, Native Hawaiian and Pacific Islander Heritage Month.
The International Monetary Fund (IMF) forecast last month that growth in Asia’s three largest economies would slow in 2024 from the previous year.
The IMF also forecast that the US economy would grow 2.7 percent, slightly brisker than its 2.5 percent rate last year. Many economists attribute the upbeat forecasts partly to migrants expanding the country’s labor force.
Philippine bishops instruct flock to pray for rain, heat relief
- Rising temperatures have forced the government to shut down tens of thousands of schools over the past week
- Increased demand has also stressed the country’s already strained power supply
MANILA: Catholic bishops in the Philippines are pitching in to seek divine relief from the extreme heatwave scorching the country, instructing their flock to recite special prayers for rain and lower temperatures.
Rising temperatures have forced the government to shut down tens of thousands of schools over the past week, while increased demand has stressed the country’s already strained power supply.
A widespread El Nino drought that began early this year is compounding the problem, ruining 5.9 billion pesos ($103 million) worth of farm produce so far according to the Department of Agriculture.
The Catholic Bishops Conference of the Philippines issued an “Oratio Imperata,” instructing parishes in the mainly Catholic nation to recite a prayer for deliverance from calamities during masses, according to the text seen by AFP on Saturday.
“We humbly ask you to grant us relief from the extreme heat that besets your people at this time, disrupting their activities and threatening their lives and livelihood,” the prayer read.
“Send us rain to replenish our depleting water sources, to irrigate our fields, to stave off water and power shortages and to provide water for our daily needs.”
A record-high 38.8 degrees Celsius (101.8 degrees Fahrenheit) was recorded in the capital Manila on April 27, forcing the closure of more than 47,000 schools for two days.
Nearly 8,000 schools remained shuttered as of Friday, the education department said, while the highest temperature in the country was recorded at 38.2C on the island of Mindoro south of the capital.
Indonesia to permanently relocate 10,000 people after Ruang volcano eruptions
- Authorities warned of the a possible tsunami if parts of the mountain collapse into the surrounding waters
- Indonesia straddles the “Pacific Ring of Fire,” an area of high seismic activity where multiple tectonic plates meet
JAKARTA: The Indonesian government will permanently relocate almost 10,000 residents after a series of explosive eruptions of the Ruang volcano has raised concerns about the dangers of residing on the island in future, a minister said on Friday.
About 9,800 people live on Ruang island, in the province of North Sulawesi, but in recent weeks all residents have been forced to evacuate after the mountain has continued to spew incandescent lava and columns of ash kilometers into the sky.
Authorities this week raised the alert status of the volcano to the highest level, closed the provincial airport in Manado, and also warned of the a possible tsunami if parts of the mountain collapse into the surrounding waters.
Hundreds of “simple but permanent” homes would be built in the Bolaang Mongondow area to facilitate the relocations, said coordinating human development minister Muhadjir Effendy, after a cabinet meeting to discuss the volcano on Friday.
“As instructed by President Joko Widodo, we will build houses that meet disaster-standards,” he said, adding that the site was located about 200 km (125 miles) from Ruang island.
Mount Ruang began to dramatically erupt last month, with experts saying the eruptions were triggered by increased seismic activity, including deep sea earthquakes.
The mountain erupted again on Tuesday, causing damage to some homes and forcing residents to evacuate from the Tagulandang island, where they had initially sought refuge, to the provincial capital of Manado.
Roads and buildings on Tagulandang were blanketed in a thick layer of volcanic ash, and the roofs of some homes had collapsed, according a Reuters witness.
The volcano had not erupted on Friday but Manado’s Sam Ratulangi Airport remained closed until the evening due to the spread of volcanic ash.
Indonesia straddles the so-called “Pacific Ring of Fire,” an area of high seismic activity where multiple tectonic plates meet.
US congressman praises heckling of war protesters, including 1 who made monkey gestures at Black woman
JACKSON, Mississippi: Israel-Hamas war demonstrations at the University of Mississippi turned ugly this week when one counter-protester appeared to make monkey noises and gestures at a Black student in a raucous gathering that was endorsed by a far-right congressman from Georgia.
“Ole Miss taking care of business,” Republican US Rep. Mike Collins wrote Friday on the social platform X with a with a link to the video showing the racist jeers.
The Associated Press left voicemail messages for Collins on Friday at his offices in Georgia and Washington and sent an email to his spokesperson, asking for an explanation of what Collins meant. There was no immediate response.
The taunting brought sharp criticism on and off campus.
“Students were calling for an end to genocide. They were met with racism,” James M. Thomas, a sociology professor at the University of Mississippi, wrote Friday on X.
The Rev. Cornell William Brooks, a former president and CEO of the NAACP and professor at the John F. Kennedy School of Government at Harvard University, wrote on X that a white man mocking a Black woman as a monkey “isn’t about ‘Stand With Israel’ or ‘Free Palestine.’ This is protest as performative racism.”
Collins was first elected to Congress in 2022 and made several social media posts criticizing campus protests.
Nobody was arrested during the demonstration Thursday at the University of Mississippi, where hecklers vastly outnumbered war protesters. According to a count by AP, more than 2,400 arrests have occurred on 46 US university or college campuses since April 17 during demonstrations against the war.
The student newspaper, The Daily Mississippian, reported about 30 protesters on the Oxford campus billed themselves as UMiss for Palestine. Videos and photos from the event showed the protesters were in a grassy area near the main library, blocked off by barriers erected by campus security.
They chanted “Free, free Palestine,” and carried Palestinian flags and signs with slogans including, “Stop the Genocide” and “US bombs take Palestine lives.”
Student journalist Stacey J. Spiehler shot video that showed campus police officers and the dean of students standing between anti-war protesters and hecklers. After the Black woman protesting the war had what appeared to be a heated exchange of words with several white hecklers, one of the men made the monkey gestures and noises at her.
About 76 percent of the university’s students were white and about 11 percent were Black in 2022-23, the most recent data available on the school’s website.
University of Mississippi Chancellor Glenn Boyce said the school is committed to people expressing their views. He said some statements made on campus Thursday were “offensive and unacceptable.”
Republican Gov. Tate Reeves reposted a video on X that showed counter-protesters on the campus singing “The Star-Spangled Banner.”
“Warms my heart,” Reeves wrote. “I love Mississippi!”
US campus protests wane after crackdowns, Biden rebuke
- More than 2,000 arrests have been made in the past two weeks across the US
NEW YORK: Pro-Palestinian protests that have rocked US campuses for weeks were more muted Friday after a series of clashes with police, mass arrests and a stern White House directive to restore order.
Police in Manhattan cleared an encampment at New York University after sunrise, with video posted to social media by an official showing protesters exiting their tents and dispersing when ordered to do so.
The scene appeared relatively calm compared to crackdowns at other campuses around the country — and some worldwide — where protests over Israel’s war against Hamas in Gaza have multiplied in recent weeks.
University administrators, who have tried to balance the right to protest and complaints of violence and hate speech, have increasingly called on police to clear out the demonstrators ahead of year-end exams and graduation ceremonies.
At the University of Chicago, law enforcement appeared set to dismantle an encampment Friday after the school’s president said talks with protesters on a compromise had failed.
Before the clearing operation began, dozens of American flag-wielding counter-protesters showed up and confronted the pro-Palestinian group, but police separated the two sides, local media reported.
More than 2,000 arrests have been made in the past two weeks across the US, some during violent confrontations with police, giving rise to accusations of use of excessive force.
President Joe Biden, who has faced pressure from all political sides over the conflict in Gaza, gave his first expansive remarks on the protests Thursday, saying that “order must prevail.”
“We are not an authoritarian nation where we silence people or squash dissent,” Biden said in a brief address from the White House.
“But neither are we a lawless country. We’re a civil society, and order must prevail.”
His remarks came hours after police moved in on demonstrators at the University of California, Los Angeles, which had seen a violent confrontation when counter-protesters attacked a fortified encampment there.
A large police contingent forcibly cleared the sprawling encampment early Thursday while flashbangs were launched to disperse crowds gathered outside.
Schools officials said that more than 200 people were arrested.
On the US East coast Thursday, protesters at New Jersey’s Rutgers University agreed to take down their camp after reaching a compromise with administrators — a similar deal to one made at Brown University in Rhode Island.
Republicans have accused Biden of being soft on what they say is anti-Semitic sentiment among the protesters, while he faces opposition in his own party for his strong support for Israel’s military offensive.
“There should be no place on any campus, no place in America for anti-Semitism, or threats of violence against Jewish students,” Biden said.
Education Secretary Miguel Cardona echoed the condemnation in a letter to university leaders on Friday, pledging to investigate reports of anti-Semitism “aggressively,” CNN reported.
Meanwhile, similar student protests have popped up in countries around the world, including in Australia, France, Mexico and Canada.
In Paris, police moved in to clear students staging a sit-in at the Sciences Po university.
An encampment has grown at Canada’s prestigious McGill University, where administrators on Wednesday demanded it be taken down “without delay.”
However, police had yet to take action against the site as of Friday.
The Gaza war started when Hamas militants staged an unprecedented attack on Israel on October 7 that resulted in the deaths of more than 1,170 people, mostly civilians, according to an AFP tally of Israeli official figures.
Israel estimates that 128 hostages remain in Gaza. The Israeli military says 35 of them are dead.
Israel’s retaliatory offensive has killed more than 34,600 people in Gaza, mostly women and children, according to the Hamas-run territory’s health ministry.
