Latvian woman charged in US with role in cybercrime group Trickbot
Group accused of infecting millions of computers worldwide with malware that targeted hospitals, schools, governments, businesses and other entities
Updated 05 June 2021
WASHINGTON: A Latvian woman has been charged with developing malicious software used by a cybercrime organization that infected computers worldwide and looted bank accounts of millions of dollars, the Justice Department said Friday.
Alla Witte is charged as part of a 47-count indictment with participating in an organization known as the Trickbot Group, which authorities say operated in Russia and several other countries. The group is accused of infecting millions of computers worldwide with malware that targeted hospitals, schools, governments, businesses and other entities.
Witte, who authorities say previously lived in Suriname, was arrested in Miami in February. She was arraigned Friday in federal court in Cleveland, according to the Justice Department.
The prosecution, which the Justice Department says is part of its newly developed ransomware task force, comes as the Biden administration confronts a growing scourge of ransomware attacks that have targeted crucial supply chains including meat and fuel. The White House, which has also been contending with cyberespionage campaigns aimed at US government agencies, issued a memo this week underscoring that the fight against ransomware is a top priority.
“These charges serve as a warning to would-be cybercriminals that the Department of Justice, through the Ransomware and Digital Extortion Task Force and alongside our partners, will use all the tools at our disposal to disrupt the cybercriminal ecosystem,” Deputy Attorney General Lisa Monaco said in a statement.
The indictment accuses Witte of participating in a scheme to steal millions of dollars from entities across the world by infecting computers with malware that captured personal information — such as credit card numbers and passwords — and gave TrickBot members access to the victims’ networks.
Among the targets identified in the indictment are real estate and law firms, country clubs, public school districts and other companies.
Prosecutors say Witte worked as a malware developer for the group, writing code related to ransomware that told victims that they’d need to acquire special software to decrypt their files. She’s also accused of providing code that monitored and tracked authorized users of the malware.
In October, weeks before the 2020 presidential election, Microsoft announced legal action to disrupt TrickBot in an operation aimed at knocking offline command-and-control servers.
The indictment, which includes multiple other defendants whose names have been blacked out, includes charges of conspiracy to commit computer fraud, aggravated identity theft and other crimes.
It was not immediately clear if Witte had a lawyer.
China to send 3 male astronauts to its space station in June
The Tianhe, or Heavenly Harmony, is the third and largest space station launched by China’s increasingly ambitious space program
China has sent 11 astronauts, including two women, into space beginning with Yang’s flight in October 2003
Updated 31 May 2021
BEIJING: A three-man crew of astronauts will blast off in June for a three-month mission on China’s new space station, according to a space official who was the country’s first astronaut in orbit.
The plans for the station’s first crew were confirmed to state television by Yang Liwei, the manned space program’s deputy chief designer, as an automated spacecraft was launched with fuel and supplies for the Tianhe station.
The Tianhe, or Heavenly Harmony, is the third and largest space station launched by China’s increasingly ambitious space program. Its core module was launched into orbit April 29.
The Shenzhou 12 capsule carrying the crew will be launched from the Jiuquan base in China’s northwest next month, Yang said in comments broadcast Saturday by China Central Television.
They will practice spacewalks and conduct repairs and maintenance as well as scientific operations.
Yang, who orbited Earth in 2003, gave no details of the astronauts’ identities or a flight date and said the crew will come from the program’s two earliest groups of astronauts.
Asked whether women would be in the crew, Yang said, “on Shenzhou 12 we don’t have them, but missions after that all will have them.”
The Tianzhou-2 spacecraft that docked with Tianhe on Sunday carried 6.8 tons of cargo including space suits, food and equipment for the astronauts and fuel for the station, according to the space program.
The space agency plans a total of 11 launches through the end of next year to deliver two more modules for the 70-ton station, supplies and the crew.
Beijing doesn’t participate in the International Space Station, largely due to US objections. Washington is wary of the Chinese program’s secrecy and its military connections.
China has sent 11 astronauts, including two women, into space beginning with Yang’s flight in October 2003. The first female astronaut was Liu Yang in 2012.
All of China’s astronauts to date have been pilots from the ruling Communist Party’s military wing, the People’s Liberation Army.
Astronauts on the Tianhe will practice making spacewalks with two people outside the hull at one time, according to Yang. China’s first spacewalk was made in 2008 by Zhai Zhigang outside the Shenzhou 7 capsule.
Also this month, the Chinese space program landed a probe, the Tianwen-1, on Mars carrying a rover, the Zhurong.
China says Martian rover takes first drive on surface of Red Planet
Zhurong, named after a mythical Chinese god of fire, drove down to the surface of Mars at 10:40 a.m. Beijing time
Updated 22 May 2021
BEIJING: A remote-controlled Chinese motorized rover drove down the ramp of a landing capsule on Saturday and onto the surface of the Red Planet, making China the first nation to orbit, land and deploy a land vehicle on its inaugural mission to Mars.
Zhurong, named after a mythical Chinese god of fire, drove down to the surface of Mars at 10:40 a.m. Beijing time (0240 GMT), according to a post on the rover’s official Chinese social media account.
Hackers targeted SolarWinds earlier than previously known
By seeding the company’s widely used software update with malicious code, hackers were able to penetrate the networks of multiple US government agencies and private sector corporations in an apparent act of cyberespionage
Updated 20 May 2021
WASHINGTON: The hackers who carried out the massive SolarWinds intrusion were in the software company’s system as early as January 2019, months earlier than previously known, the company’s top official said Wednesday.
SolarWinds had previously traced the origins of the hack to the fall of 2019 but now believes that hackers were doing “very early recon activities” as far back as the prior January, according to Sudhakar Ramakrishna, the company’s president and CEO.
“The tradecraft that the attackers used was extremely well done and extremely sophisticated, where they did everything possible to hide in plain sight, so to speak,” Ramakrishna said during a discussion hosted by the RSA Conference.
The SolarWinds hack, which was first reported last December and which US officials have linked to the Russian government, is one in a series of major breaches that has prompted a major cybersecurity focus from the Biden administration. By seeding the company’s widely used software update with malicious code, hackers were able to penetrate the networks of multiple US government agencies and private sector corporations in an apparent act of cyberespionage. The US imposed sanctions against Russia last month.
Also Wednesday, Ramakrishna apologized for the way the company blamed an intern earlier this year during congressional testimony for poor password security protocols. That public statement, he said, was “not appropriate.”
“I have long held a belief system and an attitude that you never flog failure. You want your employees, including interns, to make mistakes and learn from those mistakes and together we become better,” he added. “Obviously you don’t want to make the same mistake over and over again. You want to improve.”
China’s first probe on the Red Planet has beamed back its first “selfies” after its history-making landing last week
The Zhurong rover has been celebrated in China as a milestone in its ascent to space superpower status
Updated 19 May 2021
BEIJING: Solar panels against an alien landscape, ramps and rods pointing at the Martian horizon — China’s first probe on the Red Planet has beamed back its first “selfies” after its history-making landing last week.
The Zhurong rover was carried into the Martian atmosphere in a lander on Saturday, in the first ever successful probe landing by any country on its first Mars mission.
Zhurong, named after a mythical Chinese fire god, arrived a few months behind the United States’ latest probe to Mars — Perseverance — and has been celebrated in China as a milestone in its ascent to space superpower status.
The China National Space Administration on Wednesday published the images taken by cameras attached to the rover, which showed the obstacle-avoidance equipment and solar panels on the vehicle, as well as the texture of the Martian surface.
“People of the Internet, the Mars images you’ve been longing for are here,” the space agency said in a social media post containing the images.
The rover’s landing was a nail-biter for Chinese space engineers, with state media describing the process of using a parachute to slow descent and buffer legs as “the most challenging part of the mission.”
It is expected to spend around three months there taking photos and harvesting geographical data.
China has come a long way in its race to catch up with the United States and Russia, whose astronauts and cosmonauts have decades of experience in space exploration.
It successfully launched the first module of its new space station last month with hopes of having it crewed by 2022 and eventually sending humans to the Moon.