As the Biden administration comes to a close, the White House released a report Thursday's 40-page executive order aims to strengthen federal cybersecurity protections and place barriers to the US government's use of AI. WIRED also spoke with the outgoing US ambassador about cyber and digital policy, Nathaniel Fick, on the urgency of the Trump administration not co-opting Russia and China in the global race for technical dominance. Extrovert FCC Chairwoman Jessica Rosenworcel revealed details to WIRED threats facing US telecommunications, at least nine of which were recently breached by Chinese hacker Salt Typhoon. Meanwhile, US officials are still trying to get a handle on multiple espionage campaigns and other data breaches, with new revelations this week about an AT&T breach revealed last summer . Compromised FBI call and text logs could reveal the identities of anonymous sources.
Huione Guaranteed, the giant online marketplace that researchers say offers a range of services to online scammers, is expanding its services to include messaging app, stablecoin and cryptocurrency exchange and has facilitated a whopping $24 billion worth of transactionsaccording to new research. New findings indicate that GitHub's efforts to crack down on the use of deepfake porn are failing. And WIRED took a deep dive The opaque world of predictive travel monitoring and companies and governments are pumping out data about international travelers using AI tools to detect people who could be a “threat.”
But wait, there's more! Each week, we round up security and privacy news that we haven't covered in depth. Click on the title to read the full story. And stay safe out there.
Chinese spies, American spies, everyone is a spy. Mutual espionage is a geopolitical game played in by almost every country in the world. So when the US government singles out a single hacker for espionage-focused intrusions, names him, and targets him with sanctions, he must have been spying on a forcefully—or effectively—enough to make powerful people very angry.
The US Treasury Department on Friday imposed sanctions on Yin Ke Cheng, a 39-year-old Chinese man allegedly involved in the breach of nine US telecommunications companies by a hacker group. China's Salt Typhoon carried it out, as did another recent breach of the US Treasury. In a statement on the news, the Treasury Department alleged that Yin is affiliated with China's Ministry of State Security and has been a “cyber actor” for more than a decade. It also imposed sanctions on Sichuan Juxinhe Network Technology, a company the Treasury Department said was also involved in Salt Typhoon.
Salt Typhoon's breach of the US telecommunications system gave Chinese hackers huge access to Americans' real-time text messages and phone calls, and is believed to be used for surveillance. tracking President-elect Donald Trump and Vice President-elect JD Vance, among other targets. FBI Director Christopher Wray has call telecommunications violated China's “most significant cyber espionage campaign in history”.
As the Treasury Department responds to China's espionage activities, it is still working to determine the scope of intrusions that some of the same hackers have carried out inside its networks. An internal Treasury report obtained by Bloomberg shows hackers penetrated at least 400 agency computers and stole more than 3,000 files in a recent breach. The espionage-focused intrusion appeared to target sanctions and law enforcement-related information as well as other intelligence materials, the report found. Despite that widespread access, the intruders did not gain access to Treasury emails or classified portions of its network, nor did they leave malware behind, the report said. suggests efforts to maintain longer-term access.
The Justice Department revealed this week that the FBI launched an operation to remove a sample of malware called PlugX from 4,200 computers around the world. The malware, often transmitted to computers via infected USB drives, has been around for at least a decade and is sometimes used by Chinese state-sponsored hacker groups to target dissidents. Chinese politics. In July last year, cybersecurity firm Sekoia and French law enforcement took over the command-and-control server behind the malware. This week, the FBI received a court order allowing the agency to send self-destruct commands to software on infected machines.
Following news earlier this week of a December cyberattack that breached U.S. education technology platform PowerSchool, school districts targeted in the intrusion told TechCrunch on Thursday that The attackers gained access to “all” teacher and student data stored in their accounts. PowerSchool is used by more than 60 million K-12 students in the US. Hackers gained access to the information by stealing credentials that allowed them to access the company's customer support portal. The attack has not yet been publicly linked to a specific perpetrator. PowerSchool has not yet disclosed the exact number of victim schools nor whether all of its customers were affected.