Ubisoft reportedly stopped hackers from stealing 900GB of data from the company, including user data from the game Rainbow Six Siege.
The company reportedly discovered the breach 48 hours after the hack, at which point it revoked the hackers’ access before they could remove any data, BleepingComputer reports.
Still, the hackers reportedly were able to access Microsoft Teams conversations, the Ubisoft SharePoint server, and the Confluence and Mongo DB Atlas.
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware.
The security shortcoming is CVE-2020–14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers.
“This vulnerability allows remote authenticated attackers to execute code using a gadget chain and is commonly chained with CVE-2020–14882 (an authentication bypass vulnerability also affecting Oracle Weblogic Server) or the use of leaked, stolen, or weak credentials,” Imperva said in a report published last week.
No one knows who might get there first. The United States and China are considered the leaders in the field; many experts believe America still holds an edge.
As the race to master quantum computing continues, a scramble is on to protect critical data. Washington and its allies are working on new encryption standards known as post-quantum cryptography – essentially codes that are much harder to crack, even for a quantum computer. Beijing is trying to pioneer quantum communications networks, a technology theoretically impossible to hack, according to researchers. The scientist spearheading Beijing’s efforts has become a minor celebrity in China.
Quantum computing is radically different. Conventional computers process information as bits – either 1 or 0, and just one number at a time. Quantum computers process in quantum bits, or “qubits,” which can be 1, 0 or any number in between, all at the same time, which physicists say is an approximate way of describing a complex mathematical concept.
The Chinese military has been escalating its cyber capabilities, posing a potential threat to key American infrastructure. This includes power and water utilities, as well as communication and transportation systems. Over the past year, hackers affiliated with China’s People’s Liberation Army have successfully infiltrated the computer systems of approximately two dozen critical entities.
These cyber intrusions are not isolated incidents. They are part of a broader strategy to develop methods that could cause panic, chaos, or disrupt logistics in the event of a U.S.-China conflict. The victims of these cyber-attacks include a water utility in Hawaii, a major West Coast port, and at least one oil and gas pipeline. There was also an attempt to breach the operator of Texas’s power grid.
Takeaways:
• The Chinese military is reportedly increasing its attempts to infiltrate essential infrastructure, utilities, communication, and transportation services in the U.S., according to anonymous U.S. officials and cybersecurity experts.
• Hackers linked with China’s People’s Liberation Army have infiltrated around two dozen essential service entities in the past year, including a water utility in Hawaii, an oil and gas pipeline, and a West Coast port.