X-Industry

Humanoid robot called “Jia Jia” was created by a team of engineers from the University of Science and Technology of China and was presented at a conference in Shanghai at the beginning of 2017.  Jia Jia can hold a simple conversation and make specific facial expressions when asked, and her creator believes the eerily lifelike robot heralds a future of cyborg labor in China. This was five years ago and was billed as China’s first human-like robot.  2022 - The Brave New World is in full force.

Ji

Are hackers better at using AI than defenders?  “There are three parts of any security strategy. You want to be able to detect, to prevent, and to respond,” says the Global Chief Technology Officer of Dell Technologies.  “It turns out that in the 'detect' area, we are well underway.  If you are using a security event information-management service or managed-security service provider, and they are not already using high degrees of advanced machine intelligence to detect threats, you already lost

Activity Summary - Week Ending 15 October 2021:

• Red Sky Alliance identified 37, 307 connections from new IP’s checking in with our Sinkholes
• Analysts identified 1,873 new IP addresses participating in various botnets
• Sality remains the top Malware Variant at 33,705 times seen
• AtomSilo targeting Confluence
• FamousSparrow and Hotels
• BloodyStealer
• Another .edu Hit in the UK
• Pointing a Finger at China
• Spanish Melia Hotels hacked
• Afghan Telcom Roshan

Link to full report: IR-21-288-001_weekly_288.pdf

The US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

Lloyd’s of London, for centuries the world’s dominant marine insurer, continues to witness sharp decline in premium volumes as lines on graph now cross with Asian economic giant.[1]  China is now the world’s second-largest provider of hull insurance, after overtaking Lloyd’s on market share, the International Union of Marine Insurance (IUMI) has confirmed.

China, which has seen its slice of the pie grow slowly but steadily in recent years, recorded a 12.4% share of 2020 global aggregate hull pre

The U.S. needs to devise ways to counter Chinese cyber activity including the theft of intellectual property and cyberattacks on government networks and critical infrastructure that poses a direct threat to U.S. national security, according those who testified at a Senate hearing this first week in August 2021.  All organizations need to take immediate steps to stop cyber breaches to protect their data and intellectual Property.  The government cannot curb or stop it, so it is in the hands of al

Activity Summary - Week Ending 23 July 2021:

• Red Sky Alliance identified 19,903 connections from new unique IP addresses
• Top observed Attacker Server (C2): Alexey[.]rybalov@yandex.ru & taleq[.]simeon888@mail.com
• Analysts identified 2,670 new IP addresses participating in various Botnets
• DLL Side-Loading Technique
• dmerchant
• WildPressure
• China keeps pulling Triggers
• Russia Cyber-Attacks
• Saudi Aramco Hit with Ransomware
• Cell Phones and Spying
• Norway blaming China for March cyber-attack
• What will b

China, Russia, North Korea, and Iran continue to pose significant cybersecurity threats to the US, because each is capable of launching disruptive attacks, according to a report published 13 April 2021 by the Office of the Director of National Intelligence.

Threats include disinformation campaigns that target elections and try to undermine democratic institutions as well as aggressive hacking campaigns, such as the SolarWinds supply chain attack, according to the report. In many cases, criminal

Just how much US land does China own?  Excerpts by Libertas Bella (edited).

American-US prosperity has largely been built on a dual foundation: cheap land or expensive labor.  Until the US Immigration Act of 1965, Ronald Reagan’s Amnesty of 1986 and North American Free Trade Association (NAFTA) opened up the floodgates of immigration (both legal and illegal) this formula basically held firm.  When there was not enough labor, employers had to pay more rather than simply importing massive amounts

A suspected Chinese hacking group has been attacking the airline industry for the past few years with the goal of obtaining passenger data in order to track the movement of persons of interest.  The intrusions have been linked to a threat actor that the cyber-security has been tracking under the name of Chimera, believed to be operating in the interests of the Chinese state.  Researchers say the group has remained undetected in a network for up to three years. Initial reports mentioned a series

The ongoing controversies surrounding TikTok hit a new gear on 14 January 2021 with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google.  According to a Wall Street Journal report, TikTok used a banned tactic to bypass the privacy safeguard in Android to collect unique identifiers from millions of mobile devices, data that allows the app to track users online without allowing them to opt out.

TikTok, based in Beijing, China, h

For years, Red Sky Alliance has been monitoring the Chinese Communist Party (CCP) in both cyber activity and geopolitical matters.  The CCP has been and continues to be aggressive in their Belt and Road, long term, initiatives, or the China Maritime Silk Road.[1]  The CCP yearly train approximately 20,000 cyber ‘professionals’ in hacking type activities.  This permeates into the business and citizen cultures of the Chinese population.  China controls all business ventures inside its borders and

In June 2015, the US Office of Personnel Management (OPM) announced that it had been the target of a data breach targeting the records of as many as four million people.  The final estimate of the number of people impacted is 22.1 million.  This includes records of people who had undergone background checks, as well as their friends and family, many of whom were not government employees.  It has been described by federal officials as among the largest breaches of government data in the history o

Our friends from the US Department of Homeland Security have provided an open source Threat Assessment for October 2020 - which is Cyber Security Awareness Month.  The following is the Cyber Threat Assessment Section. 

Cyber threats to the Homeland from both nation-states and non-state actors will remain acute. U.S. critical infrastructure faces advanced threats of disruptive or destructive cyber-attacks. Federal, state, local, tribal and territorial governments, as well as the private sector, w

In a recent study by CrowdStrike regarding cyber threat activity show more intrusion attempts in the first six months of this year than in all of 2019.  The pandemic-related shift to remote work and the growing availability of Ransomware-as-a-Service (RaaS) were two major drivers.  Red Sky Alliance has reported on many of these ransomware groups and actors in detail in 2020.  These reports can be found at no charge at https://redskyalliance.org.

The security vendor's threat-hunting team blocked

Three US agencies published a joint warning alert for private companies about new versions of Taidoor, a malware family previously associated with Chinese state-sponsored hackers.

The alert is from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (DHS CISA), the Department of Defense's Cyber Command (CyberCom), and the Federal Bureau of Investigations (FBI).  The three US government agencies report they have observed Taidoor being used in new attacks.  The n

Red Sky Alliance has written extensively about China regarding their many aspects of the Belt and Road Initiative; most recently about its creation of their “new” Internet.[1]  The US think-tank Brookins Institute has provided an excellent report on China’s electric grid, which has direct connection and implications to their “new” Internet capabilities.  See below for their Executive Summary and link to full report.        

Brookins Institute Executive Summary[2]:

The importance of China’s elec

A new ransomware strain called PXJ ransomware (also known as XVFXGW ransomware) was first discovered in late February 2020.[1]  Half of the known samples were uploaded from Korea, and it uses a Korean website for a C2, showing predominantly Asian targeting.

Details

The earliest PXJ ransomware sample is from 24 February 2020.  It received its name for the .pxj extension that it adds to the files it encrypts.  Its alternative name, XVFXGW, refers to the strings in two contact emails (xvfxgw3929@pr

From our Friends and Colleagues at Dryad:

The coronavirus outbreak in China has forced several countries to resort to stringent quarantine checks in their battle to contain the spread and the measures are starting to have a knock-on effect on the global commodities shipping market.

Delays in loading and delivery of cargoes in the tanker, dry bulk and container shipping segments are being reported due to ships being forced to sit idle amid a lack of crew availability.
Merchant ships arriving in A

China Coverage of Report on the Cyber Vulnerabilities of Asian Ports

SUMMARY

Nanyang Technological University in Singapore has just released a report examining the economic losses expected if Asian port systems, including several in China, were subjected to a major cyber-attack.  This report did not assess the cyber vulnerabilities of Asian ports but rather postulated a major attack in order to calculate economic impact, with a focus on losses in the insurance industry.  The report concluded tha