How China hacked US telephone networks | MarketingwithAnoy

How do you do smuggling information into the USSR right under the nose of the KGB? Of course, create your own encryption system. That’s exactly what saxophonist and music professor Merryl Goldberg did during the 1980s. This week, Goldberg revealed that she used sheet music to hide the names and addresses of activists and details of meetings on a rare trip to the Soviet Union. To do so, she created her own encryption system. Each node and marker represented letters in the alphabet and helped hide the sensitive information. When Soviet officers inspected the documents, no suspicion was raised.

Goldberg’s story was retold at the RSA conference in San Francisco this week, where WIRED’s Lily Newman has dug up stories. Also coming out of RSA: a warning that as ransomware becomes less profitable, attackers can turn to business email compromise (BEC) scams to make money – BEC attacks are already very profitable.

Also this week, the dark-web marketplace AlphaBay is completing its journey back to the top of the online underworld. The original AlphaBay website – home to more than 350,000 product lists, ranging from drugs to cybercrime services – was cleared from the dark web in July 2017 as part of a huge law enforcement operation. However, AlphaBay’s deputy commander, an actor under the name DeSnake, survived the law enforcement operation and relaunched since last year. Now AlphaBay is growing rapidly and is on the verge of resuming its dominant dark-web market position.

Elsewhere, Apple hosted its annual Worldwide Developers Conference this week, unveiling iOS 16, macOS Ventura, and some new MacBooks – WIRED’s Gear team has you covered over everything Apple announced at WWDC. However, there are two notable new security features worth mentioning: Apple replaces passwords with new cryptographic access keys, and it introduces a security check feature for help people in violent relationships. Database company MongoDB also held its own event this week, and while it may not have been as high-profile as WWDC, MongoDB’s new Queryable Encryption tool may be a key defense against preventing data leaks.

Also this week, we reported on a Tesla bug that lets anyone create their own NFC car key. New research from the Mozilla Foundation has found that disinformation and hate speech flood TikTok ahead of Kenya’s elections, which take place in early August. Elon Musk has reportedly gained access to Twitter’s “fire hose”, which raises concerns about privacy. And we dived into the shocking new evidence that was televised by the committee on January 6th.

But that’s not all, folks. Every week, we pick up the big news about security and privacy that we did not cover ourselves. Click on the links for the full stories, and be safe out there.

For the past two years, state-sponsored hackers working on behalf of the Chinese government have targeted dozens of communications technologies, ranging from home routers to large telecommunications networks. It informs the NSA, FBI and Cybersecurity and Infrastructure Security Agency (CISA), which published a security advice this week describes the “widespread” hacking.

Since 2020, Chinese-backed actors have exploited publicly known software flaws in hardware and incorporated compromised devices into their own attack infrastructure. According to US agencies, the attacks typically contained five steps. China’s hackers would use publicly available tools to scan for network vulnerabilities. They would then gain initial access through online services, access login information from the systems, access routers and copy network traffic before eventually “filtering out” offer data.

Leave a comment