Search This Blog

Showing posts with label Cyber War. Show all posts

Polish Authorities Says Recent Hacker Attacks Connected with Special Services of The Russian Federation

On Tuesday, a spokesman for the minister coordinating Poland's intelligence services said the hacking attacks in the republic two weeks ago could allegedly be linked to Russian intelligence services.

According to the report, "the list of targets of the social engineering attack conducted by the hacker group UNC1151 included at least 4,350 email addresses belonging to Polish citizens or operating on Polish email services. The intelligence services have information indicating links between the aggressors with the activities of the Russian special services".

Moreover, the list of 4,350 hacked addresses includes more than 100 accounts used by persons performing state functions, such as members of the former and current government, deputies, senators, and local authorities.

"The list also included an email used by Minister Michal Dworczyk. The services responsible for cyber security recorded several unauthorized accesses to the mailbox used by Minister Dworczyk," the press service said in a statement.

Western countries have repeatedly made claims that Russia is involved in various cyber attacks, including against US government agencies and companies. The Russian side has consistently denied these accusations. In particular, Russian presidential spokesman Dmitry Peskov said earlier that Moscow is not involved in these hacker attacks. According to him, "any accusations of Russia's involvement are absolutely unfounded and are rather a continuation of Russophobia."

On June 9, the head of the office of the head of the Polish government, responsible for the implementation of the National Vaccination Program, Michal Dworczyk, said that he was attacked by hackers. E-mail and social media pages belonging to him and his wife were hacked. 

Putin called the accusations of launching a cyber war against the United States unsubstantiated

 Russian President Vladimir Putin said that the US accusations against Russia, including cyber attacks and election interference, are groundless, the US side has never provided any evidence.

"We are accused of a variety of things: interference in elections, cyber attacks, and so on. And they [the accusers] did not bother to provide any evidence. Just baseless accusations," he said, calling statements about Russia's involvement in cyber attacks in the United States a farce.

"The issue of cybersecurity is one of the most important today because all sorts of shutdowns of entire systems lead to very serious consequences, and this is possible," the Russian leader said in an interview with the program "Moscow. The Kremlin. Putin" of the Russia-1 TV channel.

According to Putin, the Russian Federation will be ready to extradite cybercriminals to the United States if the American side also extradites criminals to Russia.

He stressed that such agreements are expressed in the relevant interstate agreements, where the parties undertake certain obligations.

"And they are in the vast majority of cases equivalent. Both sides assume the same obligations," Putin explained.

On June 4, Putin called the accusations of cyber attacks on American companies made against Moscow ridiculous and suggested that the situation could have been provoked to increase disagreements in connection with the upcoming meeting with US President Joe Biden. The press secretary of the Russian leader Dmitry Peskov assured that Moscow will promptly consider the appeals of the American side in connection with the hacker attack on the JBS enterprises if such requests are received. He also stressed that Russia does not have data on the organizers of cyber attacks on JBS.

Putin did not rule out that Western intelligence services, including American ones, may conduct activities against Russia in the cyber sphere.

"I am not afraid of this, but I do not rule out that it may be so," the Russian leader said.

“What the US is afraid of may pose a threat to us. NATO has declared cyberspace a war zone. They are planning something, and this cannot but worry us," the Russian president added.

The Russian expert assessed the threat of the United States to launch "offensive cyber operations" against "Russian hackers"

"If the United States does carry out an "offensive operation", Russia will be able to both prevent it and respond symmetrically," said military expert Viktor Murakhovsky, commenting on reports about the US president's plans to instruct the US military to prepare "offensive cyber operations" against hackers based in Russia

"The US doctrinal documents say that in response to hacker attacks, they can use not only cyber weapons but also military means. However, I have little faith that the Americans, in response to an attack, would risk striking Russian territory with conventional weapons. Instead, they can carry out attacks on public networks and on local networks of Russian organizations," said Viktor Murakhovsky, a member of the expert council of the board of the Military-Industrial Commission of the Russian Federation.

In addition, according to him, the US authorities may declare some persons on the international wanted list and detain them on the territory of other states. "It is known that several Russian citizens have been charged by the US Department of Justice with participating in cyber attacks," the expert added.

"At the same time, it is extremely difficult to determine exactly where the attack was carried out. Therefore, such accusations are based on certain assumptions. However, if we talk about attacks on the cyber structure of foreign states, then DDOS attacks are used. Many Russian state information resources have already been subjected to such attacks," Murakhovsky said.

According to the expert, the problem lies in the fact that Russia proposes not to consider cyberspace, including social networks, as a battlefield. And the Americans do not agree with this view.

The expert suggests that if the United States does carry out an "offensive operation", then Russia will be able to both prevent it and respond symmetrically. "We have all the necessary technical means for this," he explained.

In addition, as Murakhovsky noted, Russia has specially trained cyber-military specialists under the control of the General Staff of the Russian Armed Forces.

On Friday, government sources told NBC that the President of the United States, Joe Biden, may instruct the US military to prepare "offensive cyber operations" against hackers based in Russia.

As the TV company points out, the head of the White House will resort to such measures if he fails to reach an understanding on the issue of hacking activity at the upcoming meeting with Russian President Vladimir Putin in Geneva on June 16.

Check Point: What to expect from hackers in 2021

The pandemic has made its own adjustments in all areas of modern life. The attackers changed the targets of their attacks, choosing new priority areas of hacking, including focusing on the medical industry. Founder and CEO of information security company Check Point Software Technologies Gil Shwed told how hacker attacks have changed in the pandemic and what to expect from cybercrime in the future.

Gil Shwed suggested that in 2021, first, since the coronavirus and the fight against it will continue to bother humanity, then pharmaceutical companies working on the development of vaccines and medicines will most likely be attacked.

Secondly, while schoolchildren and students study from home, most likely, hackers will be interested in distance learning systems as well.

Third, it can be expected that botnets will increasingly be used in attacks. Hackers have already transformed many existing malicious applications into botnets to create entire armies of infected computers for cyber attacks.

The fourth expected point is that cyberwarfare will be at the global level.

Mr. Shwed noted that attacks on hospitals, research laboratories, especially during the period of COVID-19 are an opportunity for attackers to get ransom or attention.

The goals of cybercriminals who attack medical institutions can be different - both obtaining financial gain, and causing harm, and gaining widespread publicity. For example, medical records are sold in Darkweb for up to $1,000 per record.

In addition, medical devices such as insulin injectors, heart monitors, and pacemakers can be targeted.  

Check Point researchers have demonstrated the ease with which an ultrasound machine running on an old Windows operating system can be hacked, revealing an entire database of patient images. Unsurprisingly, there has been a 75% increase in ransomware attacks on healthcare facilities in recent months.

Microsoft's researchers said that hackers from only three countries carried out 89% of national cyberattacks this year. Attacks were extremely common, and their target was events of various levels, from elections to the Olympic Games. And also in 2021, the active use of deepfakes is expected.

Earlier E Hacking News reported that Russian hackers gained access to the source codes of Microsoft programs and systems. The organization assured that there is no reason to believe that hackers gained access to services for maintenance of its products or to customer data.

Declaring War Against Cyber Negligence

Amidst perhaps the most widespread and impactful cyberattack in history, American businesses and government agencies alike must take a drastically different approach to cybersecurity. Unfortunately, many cybersecurity professionals have become complacent and have become far too dependent on a handful of well-marketed tools designed for yesterday’s threats that underperform against modern attacks.

It is far easier for cybersecurity manufacturers to deliver services from their own cloud. It may be less expensive for the vendor but relying on a “trusted 3rd party” for your security is a foundational vulnerability that has been proven to be disastrous for you as a customer.

We are currently in a state of cyber-warfare. Nation-states regularly use their practically limitless resources and technical sophistication to overpower companies and government agencies. Cybersecurity professionals need to shift their focus from “indicators of compromise” to data protection, which will limit how widespread these vicious digital attacks can have an impact.

Most cloud providers claim they alone provide the “best cloud protection” and brag billions spent on beefing up the many layers surrounding their server farms to reassure their clients that “everything will be alright.” But will it?

Vulnerabilities from security vendors will likely continue far into the future. While much of the industry has moved towards promoting “zero-trust” infrastructures, they often forget to remove themselves from the client’s circle of trust. Instead, everyone from individuals to multinationals should take security into their own hands. Firewalls, antivirus, and network monitoring tools indeed still have their place, but a shift must be taken to provide more independence between the owner of data and its protectors.

Active Cypher, a California-based cybersecurity startup led former-Microsoft/Cisco/U.S. intelligence with decades of experience protecting (and at times stealing data), has led the charge against what it calls “cyber-negligence”.

“IT organizations need to stay nimble, test and adopt new approaches quickly, and don’t be afraid to throw out solutions that were simply inherited,” says Active Cypher’s CEO, Mike Quinn.

Active Cypher has pioneered a unique, independent security infrastructure that provides its clients the automated tools, proprietary cryptography, and advanced anti-ransomware sensors to control their data with the utmost precision. Yet unlike the numerous SaaS applications which plague the market and create undue “man-in-the-Middle” vulnerabilities, Active Cypher deploys and operates its software directly within the client’s tenant. Cryptographic keys, the soft underbelly of security, are held not by Active Cypher, who knows well it may be a target of state actors and cybercriminals but by the client alone. Once deployed, the security solution uniquely runs alone without contact with any 3rd party home base.

While the solution Active Cypher provides is certainly not an end-all, it gives a much-needed last line of defence against increasingly menacing (and successful) threats. “We believe cybersecurity is a human right. Something that is sacrosanct and should be upheld with the highest degree. Yet, too many executives still see it as just another budget line within often ballooning IT budgets without considering what kind of impact a security breach will have on their brand, and ultimately their revenue,” explains Mike Quinn.

Based in Newport Beach, California, with partners and operations across the US and in Western Europe, Active Cypher and the rest of its industry saw an uptick in business when Covid-19 forced companies to rapidly extend its security frontier to its employee’s homes.

“It has become increasingly clear that the focus for cybersecurity needs to be on data protection. Once the perimeter is breached, and it will be, there’s nothing to stop them. We’ve built great systems to observe and record cyber theft in action but little to defend the data inside.” says Devin Jones, Active Cypher’s new Chief Product Officer and a veteran of both Cisco, Juniper Networks, and a variety of cyber-startups.

Active Cypher uncovered that many major companies had regulated the management of vital security infrastructures to the “back-office” of IT but often hadn’t evolved and updated systems, like the prolific Active Directory in years. The result was growing technical messes that left gaping holes in security. Active Cypher also encountered a level of defeatism; one company declined to expand and solidify its cybersecurity posture, choosing instead to continue to pay ransomware demands at the cost of an astounding $1million per month. In this firm’s view, it was easier to keep paying and therefore avoid the risk of negative press surrounding disclosures of data breaches.

“But thankfully, not all companies have been so lethargic. We are thrilled to be working with a variety of innovating clients ranging from state agencies, healthcare providers, and sports teams who understand that the success of their future protection should be in their own hands. Active Cypher provides them with the tools to own their own destiny,” says Devin Jones.

As IT organizations across the nation take time over the next few weeks to uncover the extent of their firm’s exposure to recent and still unfolding cyberattacks, one only hopes they seek to not simply install a short-lived patch but take a leap towards the zero-trust, zero-vendor contact future; only then can cyber-negligence be finally tackled.

Expert: the image of a "Russian hacker" has become a means of information warfare with the Russian Federation


Experts commented on the release of the report of independent public organizations "Information fight against Russia: constructing the image of the enemy".

The director of the Center for Political Information, Alexei Mukhin, noted that the report analyzed how the image of the "Russian hacker" works. According to him, this image is replicated much less through the media than through social networks.

The image of a "Russian hacker", as Mukhin said, is mainly distributed via Twitter using similar hashtags, such as #Russianhacker. This is done to attract attention, to redirect the user to materials that demonstrate "horror and lawlessness".

This forms a "public opinion", with which not only politicians but also the military are already working. This is bad, because, in their hands, the information struggle turns into a hybrid war.

In different years, according to this scheme, Russia was accused of various outrages. In 2014, in the participation in the war in the Donbass, in 2016, in interference in the American elections.

It is characteristic that as soon as Russia requires to show evidence, it turns out that they are not.
Anna Shafran, a TV and radio host, believes that an open information war has already begun. 

According to her, recently, YouTube blocked without warning or explanation three popular Russian resources, including the TV company "Crimea-24". The Russian Foreign Ministry, of course, protested and rightly qualified the incident as an attack on Russian-language resources from the American Internet platform.

Sergei Sudakov, a Professor at the Military Academy of Sciences, said that the meme "Russian mafia" was created in the interests of the United States in the 1990s. It is outdated, replaced by a new meme "Russian hacker". It is fashionable to present Russia as an international information terrorist.
It is worth noting that in the Russian sector of the Internet, the meme “Russian hackers” is perceived approximately as “British scientists”. At the same time, in the foreign segment, the concept of "Russian hackers" is linked to such concepts as danger, interference, and more recently, incitement to riot.

Germany threatened Russia with sanctions for a hacker attack on the Bundestag


German Foreign Ministry spokeswoman Maria Adebar on Friday confirmed that Germany in connection with the case of a hacker attack on the Bundestag introduces a sanctions regime,  which includes freezing accounts and restrictions on entry to the European Union.  Hackers linked to Russian intelligence are suspected of hacking emails. Moscow denies any involvement.

Adebar added that this sanctions regime allows freezing assets and restricting entry not only for individuals but also for organizations.

The day before, the State Secretary of the German Foreign Ministry Miguel Berger invited the Russian Ambassador to Germany Sergei Nechaev to Berlin in connection with the case of a hacker attack on the Bundestag. Berger, on behalf of his government, "strongly condemned" the attack.

He also reported on Germany's plans to use the EU's cyber sanctions regime against the Russians involved in this attack, including Dmitry Badin. The reason for this, he also called a warrant for the arrest of Badin, which was issued by the US Attorney General in May.

Recall, in early May, the German media reported that the Prosecutor General's office of Germany announced an international search for Dmitry Badin on suspicion of complicity in a cyberattack on the Bundestag network in 2015. It was noted that he was also wanted by the US Federal Bureau of Investigation (FBI).

Berlin believes that Baden is part of the hacker group Fancy Bear. He is accused of conducting secret intelligence and illegally extracting computer data.

A cyberattack on the Bundestag's resources occurred in April 2015. German members of Parliament received similar emails, allegedly related to the UN, in which there was a link to malicious spyware. According to official data, hackers stole at least 16 gigabytes of data. It is assumed that the attackers copied two mailboxes with correspondence from the parliamentary office of German Chancellor Angela Merkel from 2012 to 2015.

The German side believes that Russia is not sufficiently involved in the investigation of the crime.

Russia has responded to Canada's accusations of cyberattacks on Georgian websites


The international community, following Georgia, the UK and the US, continues to publish statements condemning the cyberattack allegedly committed by Russia on the websites of Georgian government agencies, non-governmental organizations and the media. The relevant statements are published in Georgian by the Georgian Foreign Ministry.

Foreign Ministry of Australia, the Ministry of Foreign Affairs of Ukraine, and the foreign ministries of Canada, the Netherlands, Romania, and Montenegro condemned the actions of the Russian GRU. And the Icelandic Foreign Minister on his behalf published a short statement on Twitter.
The Ministry of Foreign Affairs of Ukraine not only condemns Russia but also calls on the international community to "bring to justice those who deliberately organize and carry out cyberattacks".

The authors of all statements regard the report of a cyberattack on Georgian websites as a "violation by Russia of the sovereignty and territorial integrity of Georgia and disrespect for the norms and principles of international law".

However, the Russian Embassy in Canada on Twitter stated that Russia is not involved in cyberattacks on Georgian government websites.

"Another fragment of Russophobic lies and fakes," the Russian mission responded to the accusations from Canada. The diplomats called the Canadian policy towards Russia extremely deplorable and reprehensible, and stressed that it further worsens the weakened relations between the two countries.
Prior to this, the accusations of cyberattacks on Georgia were denied by the Deputy head of the

Russian Foreign Ministry, Andrey Rudenko. According to him, Russia did not intend and is not going to interfere in the internal affairs of the neighboring country.

Recall, on February 20, US Secretary of State Michael Pompeo accused Russia of attacking Georgia. They allegedly occurred in October 2019. According to him, because of this, the work of the country's government, several private websites and two major television stations was disrupted. Representatives of the Georgian government made the same statements. The cyberattack was allegedly indicated by the results of the investigation, which Tbilisi conducted "together with other partners."

Cyber Security Company Predicts Cyber Cold War Will Escalate In 2020


A new Cold War will begin in the world in 2020, it will break out in cyberspace. Fake news before the elections will become an Internet trend in politics, and companies and ordinary people need to be wary of old threats - phishing and ransomware viruses. This forecast was made by Check Point IT company in a study available to the Russian Agency for International Information RIA Novosti.

According to experts, cyber attacks will increasingly be used as indirect conflicts between small states, which are supported and financed by large countries seeking to expand their spheres of influence.

In addition, they predict an increase in the number of cyber attacks on utility and other critical infrastructures, explaining this by the fact that in many cases outdated technologies are used in the field of electricity and water supply.

In 2020, an increase in the number of targeted attacks on authorities, specific enterprises and healthcare organizations through mobile malware and ransomware is projected. According to the study, "new versions of malware are available to anyone willing to pay developers".

Companies Check Point predicts more phishing against their employees. "Despite the fact that email remains the main attack vector, cybercriminals now use many other attack vectors. Phishing increasingly includes SMS attacks on mobile phones or the use of messages on social networks and gaming platforms," said experts.

Another trend in 2020, according to the IT company, will be fake news during election campaigns. "In 2016, before the US presidential election, the distribution of fake news based on artificial intelligence began. Political opponents were successful by creating special teams that created and spread false stories," said IT company.

Cyber-War Exercise held between US and Taiwan


In a cyber-war event that has been going for a week now, the Taiwanese executives are getting hit by phony emails and messages as a part of it. The event is said to be one of its kind. As a part of the cyber-war training between Taiwan and America, the local authority (of Taiwan) is co-directing the cyber drill with the American Institute in Taiwan (AIT), which also represents the US interests in Taiwan. "The foremost is attention is on threats professed by 'North Korea and other countries' that are responsible for the attack," says AIT in a statement.


On the contrary, Taiwan says that a vast number of cyber-attacks that it suffers come from China. "It is like fighting combat when we are dealing with attacks like these," said a Taiwanese official earlier this month. The cyber-war drills are to take place on Friday, which will try to break into the administration servers and websites by duping the workers in receiving misleading messages. "Taiwan considers China as the main offender for these cyberattacks threats on the island," said Veerle Nouwens, Royal United Services Institute for Defence and Security Studies, UK.

"Taiwanese administration's systems suffer around 30 million cyberattacks every month, and China is responsible for half of it," says the administrator general of Cyber Security Agency, Taiwan. He further adds, "But, no matter where the origin of the attacks happen, building a robust cyber-security system is the first priority for every government and private-sector corporations."

Risks involved- 
The cyber-war exercises were formally started by Raymond Greene, Director, AIT, at a Microsoft event. "It is a start of new opportunities between the two nations in the cybersecurity field," says Raymond regarding the tests. "The concern today is not any physical violence in any country but rather an invasion of cyber-security by corrupt criminals that is capable of stirring the society from the inside." "But in the end, these attacks are a concern for us all in numerous ways." This is a matter of serious concern as the cyberattacks are trying to influence the elections, economy, and infrastructure of the victim country.

New report says IoT adoption heightens cybersecurity threat

A new report by Navigant Research says that due to the increasing adoption of Internet of Things (IoT) devices and systems, threats to cybersecurity are also increasing as attackers are given more numbers of “vectors and surfaces” to target.

The report looks at the state of IoT as a whole, not just its utilities, and addresses questions such as common vulnerabilities present in IoT settings, strategies for cybersecurity, global revenue forecast on IoT security, etc. It also examines regulatory frameworks shaping the market and steps that can be taken to minimize risk.

Oracle Chairman, Larry Ellison, says that companies are losing this cyber war and that, “Make no mistake, it’s a war.”

“The mushrooming number of IoT devices being deployed by utilities and other enterprises carries an obvious and growing security risk,” said Neil Strother, principal research analyst with Navigant Research. “Smart managers need a comprehensive strategy to stay ahead of potentially devastating threats to IoT assets.”

He added that managers can no longer rely on the “old-school reactive” approach but must instead adopt “latest proactive and predictive tools and methodologies to keep devices and systems safe.”

The report itself is aimed at utility security managers, enterprises, IoT cybersecurity solution vendors, investor groups, regulators, and other stakeholders.

Chinese Huawei allegedly hacked into Indian state-owned Telecoms company BSNL

Parliament of India was informed on Wednesday that the State-owned Telecoms Company Bharat Sanchar Nigam Limited(BSNL)'s network was allegedly hacked by a Chinese Telecom equipment maker Huawei.

"The government has constituted an inter-ministerial team to investigate the matter."Killi Kruparani, Minister of State for Communications and IT, told the Lok Sabha.

According to reports,  the engineers of Huawei allegedly hacked a BSNL's mobile tower in Coastal area of Andhra Pradesh in October 2013.

India has launched an investigation, the investigation team is comprise of top officials from National Security council Secretariat, Intelligence Bureau, Union home ministry and BSNL.

It is worth to note that BSNL has offered a major part of its network expansion tender to another Chinese company ZTE in 2012.  The goverment suspects it might be the "inter-corporate rivalry" between these two chinese companies.

Huawei India denies allegations of hacking BSNL's network, said it will continue to work with Indian customers and Government and ready to help in addressing any network security issues.

Indian Public Health Engineering Department website hacked by Pakistan Hackers


West Bengal Branch of Indian Public Health Engineering Department website(www.wbphed.gov.in) has been breached by a hacker from Pakistan.

A hacker with handle H4$N4!N H4XOR from Pakistan Haxors CREW has has uploaded a defacement page in the "Uploads" directory of the site (http://www.wbphed.gov.in/applications/GO/uploads/index.html).

When we asked about the vulnerability responsible for the breach, the hacker said that the website is vulnerable to SQL Injection vulnerability.

"Security Breach!Free Kashmir. Free Syria. Stop Spying On US. Stop Killing Muslims. We Have All Your Data. Don't Try To Catch Us" The defacement message reads.

The hackers said the defacement is revenge for hacking Pakistan websites.  He also claimed to have compromised the database from the server.

In the last two days, the group hacked into Indian Railways website and Official website of Assam Rifles.

Central Bank Of India Hacked by Pakistan Cyber Army and Team MaDLeeTs

The official site of "Central Bank Of India" has been defaced by Pakistan Cyber Army and Team MaDLeeTs .

The deface seems to be a retaliation to defaces this morning by "Indian Cyber Army" on many Pakistani Sites.

The reasons for the Indian attack was that today is the 5th anniversary of the 26/11 terrorists attacks on Mumbai.



 Mirror:http://www.zone-hack.com/134702.html

Deface Link:https://www.centralbankofindia.co.in/site/

Indian websites suffer cyber attack


Earlier Today, a Pakistani Hacker with online handle "Dr@cul@" hacked into several Indian websites including one Indian Government website and defaced them.

The hacked government website is "envisddd.gov.in". I'm not able to find the exact usage of this website.  The google cache displays "account suspended" page.

Another Pakistani hacker with handle "Hasnain Haxor" claimed to have hacked more than 500 Indian websites and defaced them. "Indian's Be ready cyber war begin " The hacker send a warning message.

Few hacked websites:
ns1.pointersoft.co.in
ns1.pointersoft.co.in
abhinavsteel.com
adcharitable.org
adppowers.com
agarwalpackersmovers.net
aggarwalrelocation.co.in
aggarwalironco.com
The full list of hacked websites can be found here : "http://pastebin.com/1fxDWUsb ". 

At the time of writing, the Government domain "envisddd.gov.in" is taken offline, few other websites displays "under construction" message.

Pakistan Ministry Education website hacked by Indian Hackers

Recently, Multiple Indian Government websites hacked by a Pakistani Hacker called H4x0r HuSsy.  An Indian Hacker group named "Team Indi-Heax" has breached one of the Pakistani Government websites.

The hacker group claimed it is payback for the Goa government sites hack." THIS SITE F**** BY T3AM INDI-HEAX DUE TO A LAMENESS OF A PAKI HACKER NAMED H4x0r HuSsy :P" The defacement message reads.


We have been informed yesterday that the "moptt.gov.pk" is hacked by ICP and Team Indi-HeX-  The official Ministry Education website of Pakistan that provides Trainings and Standards in Higher Education. 

The website still displays the defacement message. It appears admins are not aware about the security breach.

#OpPhilippines: Anonymous Taiwan launched cyber war against Philippines


The Philippines cyber space is again facing another cyber war. Following the cyberattack from China, Malaysia hackers, now the Taiwan hackers have started the cyber war against Philippines.

The operation named #OpPhilippines has been launched by the Anonymous Taiwan. The attack comes after Philippine Coast Guard killed Taiwanese fisherman. EHN was notified about the cyberwar by pinoyhacknews.

"Philippine coastguard killed taiwanese unarmed fishermen is injustice and unforgivable. Philippine government protecting murders is unacceptable." The hackers posted in the pastebin. "You must apologize. Killers must be arrested immediately. Otherwise, we will not stop."

The hackers defaced the '.gov.ph' domain registry website(dns.gov.ph/opph.html). They also defaced one more government webstie "Advanced Science and Technology Institute(suppliers.asti.dost.gov.ph/opph.html)".

The hacktivist also leaked database from six different Government websites as part of the cyberwar. The links to the database dump is provided in a single paste(pastebin.com/sRykr2Wd).

The affected websites includes Department of Education of the Philippines(former.deped.gov.ph), onlineservices.ipophil.gov.ph, Provincial Government of Bulacan (bulacan.gov.ph), Philippine Public Safety College(ppsc.gov.ph),Province of Sulu(sulu.gov.ph). The leak contains username, email address and passwords.

The hackers also dumped(pastebin.com/D7gCEdS6) the database from the 'gov.ph' domain registry website that contains username and password details belong to all Government websites. It has more than 2300 entries.

South Korea hit by cyber attack.




Yesterday South Korea was hit by a massive cyber attack . The attack disturbed the functioning of three banks and two TV channels. The bank were hit such that no financial transactions can be made.

The TV channels were affected by locking their computers hence not allowing the TV channels to edit or function to full efficiency.The attack points towards North Korea which only days ago said it will attack South Korea.

The attacks originated from China but this might simply be because the IP's from North Korea are not allowed in South Korean Cyberspace ,so the hackers  could have used compromised computers in China to bypass that restriction and also to hide their real location.

Unlike other "disruption" attacks which rely on DDOS this was done using a malware called "DarkSeoul" which "locked" the systems.

These sort of attacks are more dangerous because when you block the DDOS attack the servers will get back to "normal" with minimum effort but a virus attack takes much longer to recover from and even then you cant be really sure that the computers are fully clean.

This recent attack shows that the need for a strong "physical" army is not needed to bring down an another country. A few experienced hackers can do the work of a massive army. 

China blames US for more than half of cyber attacks this year


China's National Computer Network Emergency Response Coordination Center (CNCERT) , the Chinese top cyber security agency reportedly identified that more than half of cyber attacks on this year targeting their nation's computer system are originated from the US.

CNCERT detected 2,196 US-based control servers were controlling 1.29 million infected computers in china.

According to Xinhua report, more than 80 websites of public institutions , Government and companies were attacked from september 2012 to February 2013. CNCERT found that 39 of those websites were attacked from U.S. IP addresses.

"A large amount of facts have proven that for many years, China has been one of the primary victims of cyber attacks," an unnamed official from the China National Internet Information Office told Xinhua.

Last month, US-based computer security company released a report which accused Chinese military unit of conducting a series of sophisticated hacking attack on US. But Chinese authorities denied the accusations and claimed that their systems are targeted by US.

China Government portal hacked and defaced by Indian Cyb3r Devils


Indian hacker group known as "Indian cyber Devils" has breached the Chinese Ningxia Yongning County Government portal and defaced the main website(chinayn.gov.cn).

At the time of writing, we are still able to the defacement page. A simple defacement with some background music. Hacker didn't left any special message in this defacement message.

Recently, hackers also claimed to have hacked into the College of Software , Suzhou website(cose-sz.seu.edu.cn) and defaced .  It seems like the admin took the site offline after the security breach.

Recently, the Indian cyb3r devils launched cyber war against the China government websites and defaced one of the Bank service website .