Posted on 03/27/2024 9:04:35 PM PDT by bitt
Early Tuesday morning the Singaporean-Flagged Cargo Ship crashed into the supports and took down the Francis Scott Key Bridge in Baltimore, Maryland.
The M/V Dali can be seen suffering a Total Loss of Power at least Twice before the Crash.
But there’s more to the story.
DC Draino reported on a CISA Conference in February 2024 (just last month) where the US government confirmed that China compromised US infrastructure via cyber attacks – including transportation.
DC Draino: Feb 2024: The US Gov’t confirmed China compromised US-Infrastructure via cyber attacks…to include *TRANSPORTATION*
CISA and its U.S. Government partners have confirmed that this group of PRC state-sponsored cyber actors has compromised entities across multiple critical infrastructure sectors in cyberspace, including communications, energy, *TRANSPORTATION*, and water and wastewater, in the United States and its territories.
The data and information CISA and its U.S. Government partners have gathered strongly suggest the PRC is positioning itself to launch destructive cyber-attacks that would jeopardize the physical safety of Americans and impede military readiness in the event of a major crisis or conflict with the United States.
Great dig by @its_gabbygabs
Feb 2024: The US Gov’t confirmed China compromised US-Infrastructure via cyber attacks…to include *TRANSPORTATION*
CISA and its U.S. Government partners have confirmed that this group of PRC state-sponsored cyber actors has compromised entities across multiple critical… https://t.co/Flya4EBn2G pic.twitter.com/CM2UMu0npu
— DC_Draino (@DC_Draino) March 27, 2024
The report was published on February 7, 2024.
(Excerpt) Read more at thegatewaypundit.com ...
p
How many cyberattacks until it is called an act of war?
“How many cyberattacks until it is called an act of war?”
Not at least until next January, even with many dead.
China, Russia, Iran and most of the countries south of our border(many are in cahoots with China, Russia or Iran) ALL know that they have at least 9 months to do exactly as they please.
Boom! You win the prize!
Clickbait. But that’s Jim Hoft’s forte. No calories after the scary headline.
.
So it’ll be a Black Swan event of intentional negligence. How often has that happened? Pearl Harbor and 9-11 come to mind.
https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
By Microsoft Threat Intelligence
Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.
Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States. In this campaign, the affected organizations span the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible.
Microsoft is choosing to highlight this Volt Typhoon activity at this time because of our significant concern around the potential for further impact to our customers. Although our visibility into these threats has given us the ability to deploy detections to our customers, the lack of visibility into other parts of the actor's activity compelled us to drive broader community awareness and further investigations and protections across the security ecosystem.
To achieve their objective, the threat actor puts strong emphasis on stealth in this campaign, relying almost exclusively on living-off-the-land techniques and hands-on-keyboard activity.
They issue commands via the command line to:
(1) collect data, including credentials from local and network systems,
(2) put the data into an archive file to stage it for exfiltration, and then
(3) use the stolen valid credentials to maintain persistence.
In addition, Volt Typhoon tries to blend into normal network activity by routing traffic through compromised small office and home office (SOHO) network equipment, including routers, firewalls, and VPN hardware. They have also been observed using custom versions of open-source tools to establish a command and control (C2) channel over proxy to further stay under the radar.
In this blog post, we share information on Volt Typhoon, their campaign targeting critical infrastructure providers, and their tactics for achieving and maintaining unauthorized access to target networks. Because this activity relies on valid accounts and living-off-the-land binaries (LOLBins), detecting and mitigating this attack could be challenging. Compromised accounts must be closed or changed.
At the end of this blog post, we share more mitigation steps and best practices, as well as provide details on how Microsoft 365 Defender detects malicious and suspicious activity to protect organizations from such stealthy attacks.
The National Security Agency (NSA) has also published a Cybersecurity Advisory [PDF] which contains a hunting guide for the tactics, techniques, and procedures (TTPs) discussed in this blog.
....................................
WHAT ARELIVING OFF THE LAND (LOTL) ATTACKS? Bart Lenaerts-Bergmans - February 22, 2023
https://www.crowdstrike.com/cybersecurity-101/living-off-the-land-attacks-lotl/
................................................... https://logrhythm.com/blog/what-are-living-off-the-land-attacks/
Posted by: Andrew Hollister on March 4, 2020
Category: LogRhythm Labs | Security Tips and Tricks
Type: Blog
In the physical world, “living off the land” simply means to survive only by the resources that you can harvest from the natural land. There may be multiple reasons for doing this — perhaps you want to get “off the grid,” or maybe you have something or someone to hide from. Or maybe you just like the challenge of being self-sufficient.
In the technology world, “living off the land” (LotL) refers to attacker behavior that uses tools or features that already exist in the target environment. In this multi-part blog series, we'll explore why attackers use LotL, review a selection of the tools and features they use, and discuss examples of actual LotL attacks. We'll also provide some guidance for detecting and preventing some of the commonly used approaches.
Far more than the federal infrastructure, it’s Traitorjoe, his kakistocratic administration, and key Senate and House members who have been compromised by the ChiComs.
All being covered up by biden’s stooges including the media.
You are right about Hoft, but this is not click bait topic.
It’s real.
It is an act of war.
And it’s been ongoing for a long time.
You aren’t seriously believing that the Chinese had something to do with this ship, are you?
I’m talking about computer hacking attacks.
An indictment was unsealed today charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
The defendants are Ni Gaobin (倪高彬), 38; Weng Ming (翁明), 37; Cheng Feng (程锋), 34; Peng Yaowen (彭耀文), 38; Sun Xiaohui (孙小辉), 38; Xiong Wang (熊旺), 35; and Zhao Guangzong (赵光宗), 38. All are believed to reside in the PRC.
And these have *what* to do with this ship going off course?
“ And these have *what* to do with this ship going off course?”
I have no idea, probably nothing.
Why are you obsessed with thinking the ship crashed due to hacking?
The Chicom hacking cyber attacks as they are called are constant and large scale.
This is the only article posted I’ve seen that even touches on it.
I agree about the clickbait aspects.
So why are you posting this stuff on a thread about the ship?
I’m commenting on this from this thread:
“ CISA and its U.S. Government partners have confirmed that this group of PRC state-sponsored cyber actors has compromised entities across multiple critical infrastructure sectors in cyberspace, including communications, energy, *TRANSPORTATION*, and water and wastewater, in the United States and its territories.
The data and information CISA and its U.S. Government partners have gathered strongly suggest the PRC is positioning itself to launch destructive cyber-attacks that would jeopardize the physical safety of Americans and impede military readiness in the event of a major crisis or conflict with the United States.”
Nothing about the Baltimore incident.
You’re the one talking about it, not me.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.