Chinese Foreign Ministry spokesperson says 53 per cent of cyber attacks on China come from the US
China has very firmly pushed back against the accusation it paid contractors to attack Microsoft's Exchange Server.
The USA, UK, NATO and other nations on Monday named China as the source of the attack.
On Tuesday, spokesperson for the Chinese Foreign Ministry, Zhao Lijian, responded to accusations that China's Ministry of State Security launched a global cyber hacking campaign.
The spokesperson then accused the US of being the world's largest source of cyber attacks. He launched into statistics reported by China's National Computer Network Emergency Response Technical Team (CNCERT):
Zhao took to Twitter to further air his grievances:
The US is the world's top "hacking empire". It mustered allies to make groundless accusations against China on cybersecurity. By distorting facts, they aim to smear & suppress China to serve political purposes. We categorically reject their allegations. pic.twitter.com/Np6qgjxFny— Lijian Zhao 赵立坚 (@zlj517) July 20, 2021
Still hot under the collar during Wednesday's briefing with more tweets to prove it, Zhao cited data that appears to come from CNCERT's China Internet Cyber Security Report 2020 dated June 2021 and published online yesterday.
The spokesperson claimed that 53 per cent of the 42 million malicious programs found in 2020 originated from the US. Then, for the second day in a row, he made a point of the United States’ penchant for wiretapping – not just its enemies but also its allies.
Zhao concluded that: "People can tell right from wrong. The US has not a shred of credibility left on the issue of cyber security, making whatever it says more than dubious."
The 248-page Mandarin-language CNCERT report's early pages claim a fall in cyber incidents across China during 2020.
- Miscreants started scanning for Exchange Hafnium vulns five minutes after Microsoft told world about zero-days
- Microsoft's GitHub under fire after disappearing proof-of-concept exploit for critical Microsoft Exchange vuln
- US National Security Council urges review of Exchange Servers in wake of Hafnium attack
For example, the document states the number of cases the organization handled fell by 4.2 per cent year-on-year. Implanted backdoors among Chinese web sites fell overall 37.3 per cent year-on-year and domestic government sites with backdoors fell even more – a whopping 64.3 per cent year-on-year. Tampered web sites decreased by 45.9 per cent year-on-year. DDoS attacks, total attack traffic and botnet control terminals all dropped year-on-year – 16.16 per cent, 19.67 per cent and 2.05 per cent respectively.
CNCERT is a non-governmental, non-profit organization that has put out an annual cyber security report on China since 2008. ®
Other stories you might like
Thales launches payment card with onboard fingerprint scanner
Would you like to pay with a poke?
Thales has announced what it claims is the "world's first" payment card to include an onboard fingerprint sensor, promising improved security and usability – and an end to contactless payment limits.
The Thales Gemalto Biometric Sensor Payment card (BSPC), the company explained, replaces the traditional PIN with an on-card fingerprint sensor and requires no modifications to existing point-of-sale (POS) payment terminals. Banks signing up to use it, though, will need to implement a procedure for enrolling users' fingerprints onto the card's secure element.
Thales claimed to have implemented the card with banks worldwide, boasting of 30 months of live trials and 10,000 users across nine countries including the UK. "Over 80 per cent of users interviewed confirmed they love it and feel it's more convenient and provides greater security," Frédéric Martinez, product line manager for biometric and advanced payment at Thales, told The Register.
Brain-computer interface researchers warn of a 'bleak' cyberpunk future – unless we tread carefully
Commercial exploitation of a person's inner thoughts 'particularly worrisome'
Researchers at Imperial College London have sounded the alarm over a "bleak panorama" surrounding brain-computer interfaces (BCI), warning of a potential future in which BCI-equipped cyborgs divide the world – or have their inner thoughts harvested for commercial exploitation.
But not all progress on the BCI front is positive, researchers at Imperial College London warned – and the industry needs to take care amid reports of reliance on technology, thoughts of a world divided into those with access and those without, and the potential for commercial exploitation of a person's innermost musings.
Europe mulls anonymous crypto-wallet ban, rules to make transfers more traceable
Won't someone please think of the ch, er, money laundering
The European Commission has put forward legislation requiring cryptocurrency exchanges and other companies to ensure crypto-asset transfers include the personal details of the customers involved.
That information is set to include the sender's name, address, and date of birth, and the name of the receiver. Anonymous crypto-asset wallets are banned, too, under the proposals, which are supposed to ensure crypto-payments and suchlike are transparent and traceable. Anonymous bank accounts are already outlawed by the EU, after all.
Europe has rules in place to clamp down on money laundering, and the proposed laws would extend that red tape to the “entire crypto sector, obliging all service providers to conduct due diligence on their customers,” according to an announcement this week. Officials also want to limit all cash payments to €10,000 in all member states, making it more difficult to shift large amounts of money. EU nations with lower limits can keep those limits.
NASA warns Mars: We're about to laser your rocks and start stealing them
Perseverance prepares to snaffle first sample for eventual retrieval
NASA's Perseverance Mars rover has started the process of acquiring its first sample of Martian rock.
The space agency on Thursday gave Martian authorities fair warning of the imminent heist, which will see the rover move to a spot named "Cratered Floor Fractured Rough" that offers geology of sufficient interest that it's worth bringing bits of it home.
NASA's plan is to find two patches of similar rock and subject one to the tender embrace of an "abrading bit to scrape off the top layers of rock and dust to expose fresh, unweathered surfaces". Next, NASA will "blow it clean with our Gas Dust Removal Tool".
Troll jailed for 5 years after swatting of Twitter handle owner ends in death
Creator of QWK format suffered fatal heart attack as cops surrounded home
A teenager in the US has been jailed for five years for his role in the harassment and swatting of the owner of a desirable Twitter handle – a swoop that led to the netizen's death.
Shane Sonderman, of Lauderdale County, Tennessee, wanted the username @Tennessee that had been registered on Twitter years prior by Mark "Sparky" Herring, 60, of Bethpage, Tennessee. Herring is known to bulletin-board users as the inventor of the widely used offline mail reader format QWK.
Herring had refused to give up his Twitter handle to Sonderman, who had recruited a group of online friends to harass the man. The gang of miscreants found Herring’s home phone number, repeatedly sending him unwanted pizzas, and on April 27 last year, made a call to law enforcement, falsely claiming Herring had killed a woman and set up booby-trap bombs at his home, which sent cops rushing to the man's door. It was alleged someone with a British accent made the actual 911 call.
NSO Group 'will no longer be responding to inquiries' about misuse of its software
Denies everything, as governments open probes into the company and its wares
The NSO Group, a purveyor of spyware it hopes governments and law enforcement bodies will use to fight terrorism, has announced it will not answer any further questions about allegations raised by Amnesty International and Forbidden Stories that its products have been widely misused.
The company on Wednesday published a missive titled "Enough is Enough" that opens as follows:
US senators warn China's Digital Yuan could compromise Olympic athletes
Meanwhile, Tokyo games ticket holder data leaks, and those affected can't even use their seats
Three US senators have written to their nation's Olympic Committee with a request that it "forbid American athletes from receiving or using Digital Yuan during the Beijing Olympics" – a reference to the Winter Games scheduled to commence on February 4th, 2022.
"While the Chinese Communist Party insists their efforts are aimed at digitizing bank notes and coins, Olympic athletes should be aware that the Digital Yuan may be used to surveil Chinese citizens and those visiting China on an unprecedented scale," wrote [PDF] Senators Marsha Blackburn (R-Tennessee), Roger Wicker (R-Mississippi) and Cynthia Lummis (R-Wyoming).
The conservative trio added that China "hopes that they [athletes] will maintain Digital Yuan wallets on their smartphones and continue to use it upon return.
NPM is Now Providing Malware – or was until recently
Password-stealing package outed by security firm evokes sense of déjà vu
Like other software package registries – repositories of code libraries for specific tasks – NPM, which was acquired last year by Microsoft's GitHub, has proven to be an effective mechanism for spreading malicious software. Developers tend to trust the modules they download from such services and typically incorporate them into their projects without much scrutiny.
On Wednesday, ReversingLabs, a software security analysis firm, said it had identified password-stealing code in the
nodejs_net_serverpackage distributed via NPM.
Money can't buy you love: Huawei continues to throw fistfuls of dollars at US lobbying efforts
Another year, and Chinese tech bogeyman is still on the blocklist
Huawei says it is looking to facilitate a "deeper, mutual understanding" with the US government despite remaining on the security naughty step, and is continuing to spend millions lobbying American officials in areas such as broadband and mobile technology.
According to the latest lobbying disclosures from the US Senate, Huawei Technologies USA Inc spent $1.06m in the three months to the end of June on issues related to the Leading Infrastructure For Tomorrows America Act and the Accessible, Affordable Internet for All Act, both of which deal with the rollout of broadband infrastructure.
In Q1 2021, Huawei spent $180,000 on areas described as "defence and national security issues" and "general trade" along with other legislation that deals with the rollout of telecoms networks and personal data.
Gloom-dwelling subterranean robots battle for million-dollar DARPA prize
SubT Challenge pits high-tech rescue drones against one another in upsettingly non-violent combat
Legendarily loopy US military (and now also non-military) ideas factory DARPA has launched a $1m competition for underground robots.
This September, the SubT Challenge will pit eight teams against each other in a series of tests in the Louisville Mega Cavern, deep under the surface of the US state of Kentucky.
Sadly, despite the number of entrants lending itself to a one-on-one elimination contest, culminating in a mighty fight to the death between the last two 'bots standing after destroying their foes in a traditional knockout structure, all eight teams will compete alongside each other in tests to detect certain items and situations vital in rescue work.
Spanish cops cuff Brit bloke accused of playing role in 2020 celeb Twitter hijacking
'PlugWalkJoe' also said to have meddled with TikTok, SnapChat
The Spanish National Police have, at the request of America, arrested UK citizen Joseph O’Connor in Estepona, Spain, in connection with the July 2020 takeover of more than 130 Twitter accounts.
The US Department of Justice said that, in addition to the alleged Twitter account joyride, O'Connor, 22, has been charged in a federal district court in northern California with computer intrusions tied to the commandeering of TikTok and Snapchat user accounts. He has also been accused of cyberstalking a juvenile, and faces extradition to the United States.
A year ago, the Twitter accounts of various celebrities including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates, Tesla CEO Elon Musk, former US president Barack Obama, and others were briefly commandeered to promote a Bitcoin scam.