Researchers Identified Sophisticated Chinese Cyber Espionage Team

Collaboration between various security firms has thwarted one of the biggest and most sophisticated cyber espionage crew called the Axiom which is thought to be linked to China. This Axiom Threat Actor Group mostly targeted NGO and pro-democratic along with other individuals who are perceived as potential threat to China.

The Axiom Group

The group mostly targets pro-democratic NGOs in Asia along with industrial espionage by targeting organizations with influential energy policy and environmental policies. Also on the list is IT giants, chip makers, telecom companies and infrastructure providers.

The group mostly used phishing attack and malwares to get the job done. The typical attack seems more like a state-sponsored attack yet again. Their prime is the Hikit tool linked to an attack referred to as Deputy-dog attack, which famously used an IE zero day bug to attack Asian firms mostly.

The group seems to work relatively quietly and is thought to be more heavily funded than say APT1 crew (Shanghai based and PLA affiliated). According to Novetta, the group is active for 6 years, is highly disciplined and is well-resourced. The suspect that Chinese government is related is most certainly true.

The Collaboration and Solution

The attacks performed did not go unnoticed however and sooner rather than later, security firms started collaborating to bring it down. The coalition among the partner is led by Novetta along with Bit9, Cisco, F-Secure, ThreatTrack Security, iSIGHT Partners, Microsoft, FireEye, Tenable, ThreatConnect, Volexity and other unnamed partners. Via Microsoft’s coordinated malware removal campaign, the coalition took its first public action called operation SMN.

Over 43k machines with Axiom tool installations have been removed from machines. Among them 180 were clear examples of Hikit – the last stage persistent and data exfiltration tool that is the peak of the Axiom victim’s lifecycle. This was perhaps the first of its kind from security firms to fight off potentially deadly state-sponsored threats to the whole world.

The Diplomacy 

China has clearly denied any involvement in Axiom. According to Chinese Embassy spokesman, such events and allegations judging from the past are fictitious and China has itself been on the wrong end of cyber espionage according to revelations by Snowden.

With 2 weeks to go before President Barrack Obama gives Beijing a visit, cyber security will be a high priority agenda to discuss. Washington has previously tried hard enough to pressurize China over issues of possible state-sponsored cyber warfare against the US but has failed to sustain it after the Snowden revelations.

Novetta however hopes that the example set by the coalition will be followed in future to fight cyber terrorism. However, it will be very stupid to think that Axiom is gone for good. The operation was more of a remediation than knock-out blow and chances are that Axiom will be back soon though with probably different tools and strategies this time around.

The group has amassed lots of technical data regarding the threat and its workings which will help in future in fighting against such groups.

1.2 Billion Passwords Snipped: Secure Your Online Account with a Strong Password

Technology represents a new identity with the extensive improvement and thus you can easily acknowledge the optimistic features helping you to set up a new identity online. However, along with the advanced attributes also you may be the victim of a negative impact such as hacking. Nowadays it appears as one of the biggest concerns that you need to take care of maintaining a suitable profile online. Manifold users complain that they have been hacked and the passwords are stolen, which lead to lose the confidential and important data.

The newspapers and the online news channels reveal the entire fact specifying the dark side of technology. According to the authenticated information, a particular Russian group hacked about 1.2 billion passwords from nearly 500 accounts. Therefore, all the users using the accounts faced serious problems recovering the entire set of data.

How to maintain the privacy of your account? 

From the above fact, it emerges as the essential feature to sustain a suitable privacy that blocks the hackers stealing your password. You need to set a password that is really difficult to retrieve. The passwords accumulating the common characters or figures can be easily tracked by the hackers that may be threatening for your account.

Incorporate other security features such as the secret questions that protect your account from the unauthorized access. So, all your information remains safe and you would not have to worry regarding the spamming activities. Furthermore, nowadays the webmail providers and the other social sites are implementing multiple security attributes to safeguard their users from the unruly bustles. Follow the regular news and other technical periodicals that depict useful information helping you to know how you can incorporate more safety measures to your account. Hence, you can prevent the leaking out of the data that may bring a tragic episode in your life.

Cyber Security to safeguard the Online Users

Furthermore, the administration employs a specific cyber security feature that protects the privacy of the users and thus you can carry out the online activities without any worry. The entire society is therefore convinced that they attain the ultimate safety over the web that leads to the flawless execution of the operations. Browse the various online sites that consist of other information revealing the particular facets for the cyber security. Acknowledge certain software and other equipment installing which you can increase the safety of your account online.

Eliminate the Negative Technical Brunt

Once, you are able to put a complete barrier to the hackers and other unqualified persons entering your personal account the overall theft will decrease to the large extent. It comes out as a significant feature that is really useful to affix a strict blockade to your top secret data. Employ the feasible security measures and ensure the effective account free from the spamming activities that destroy your useful information. Make sure that you are on the safe hands protecting your account from every type of unscrupulous bustle. Finally, you are able to set up a complete well-organized online account that achieves the ultimate safety.

Why Internet Security is Important to Small Businesses

Online security isn’t just important to businesses – it’s important to every user of the Internet. We all have something to lose when we’re online; we are all vulnerable. As an individual, knowing that your emails have been hacked is enough of a breach of privacy, let alone if you’re a business which has a lot more to lose.
Whether we like it or not, the increasing dominance of the Internet has brought with it a rise in hackers and cybercrime. The best way in which we can deal with the prevalence is by ensuring that we’re safe and secure, at home and at work.

Small businesses are becoming increasingly targeted. According to a part one of an infographic, targeted attacks on small businesses have risen by 13% between 2011 and 2012. The Symantec infographic, found in two parts, exposes some web threat trends that may be of interest to you and your business and may help you to understand the importance of internet security for small businesses.
The fact of the matter is, cybercrime can happen to anyone. Small businesses may not think that they’re vulnerable but the infographic shows that they are. It’s important the business owners don’t become complacent with an “it won’t happen to me” attitude. If suitable security measures are in place and updated regularly, the chance of a malicious attack is substantially smaller. Protecting yourself online isn’t just a technical measure though; it’s also down to you and the policies you implement so that every employee knows how to be as secure as possible while online.

Something as easy to install as reliable anti-virus software can help to maintain a high level of security for your business network. This sort of software is well worth the investment and, on the grand scale of things, is inexpensive too. Once it’s installed, it will help to spot any malicious activity, by warning you before opening attachments that it may deem suspicious, and also scanning the websites you visit and flagging up any that are vulnerable or are potential phishing sites.

As a business, your efforts shouldn’t stop at your online activity. You should also ensure that your business network is protected, too. Most small businesses that use more than one computer are connected to a network which can be targeted by unscrupulous third parties. According to the infographic mentioned, the vast majority of security breaches came from outside business networks, meaning that strong user passwords, wireless passwords and private SSIDs are essential.

By implementing some simple measures, your business will be as safe as possible and should, hopefully, be able to avoid any prolific security attack. Unfortunately, nothing you do will make you completely invincible, but ensuring that some element of protection is in place will mean that chances of your business being caught out are much less.

Your employees need to understand the importance of online security so that they don’t unwittingly cause your business to be victimised. Appropriate training and business policies should be put into place so that every working day can run smoothly.

Being aware of online security issues is the first step towards protecting yourself from cybercrime. Educate yourself and your staff to minimise the risk to your business.

by Roxanne