August 3, 2022
Photo: Robert Atanasovski/AFP via Getty Images
Hello, and welcome to Protocol Enterprise! Today: why after years of warnings about the threat posed by Russian hackers, security experts are more worried about China, ransomware strikes a German chipmaker and Palo Alto Networks plunges further into managed security.
In recent years, threats from Russia have driven much of the cybersecurity attention among Western businesses, especially after Russia’s invasion of Ukraine in February.
But for a number of reasons — not least of which is the current state of U.S.-China tensions — the massive cyber threat posed by the Chinese government is coming back into the spotlight.
Even apart from that anxiety-producing prospect, the warnings about China's more-typical hacking efforts — often focused on theft of intellectual property from U.S. companies — are growing.
There's been a clear shift in China's IP theft priorities from its traditional focus on defense-related technologies and into the high-tech and biotech sectors, said Christian Sorensen, a former U.S. Cyber Command official.
How global ecommerce benefits American workers and the U.S. economy: Alibaba — a leading global ecommerce company — is a particularly powerful engine in helping American businesses of every size sell goods to more than 1 billion consumers on its digital marketplaces in China. In 2020, U.S. companies completed more than $54 billion of sales to consumers in China through Alibaba’s online platforms.
German industrial and electric vehicle chipmaker Semikron said that it was hacked earlier this week.
Semikron said that a professional hacking group claims to have stolen data, and the attack led to the encryption of some of the company’s IT systems and files. “The entire network is currently being forensically investigated and cleaned up,” the company said in a statement.
The Nuremberg-based company noted that it was investigating the claim that data was taken and, if it was, what specifically the hackers gained access to.
Semikron didn’t offer many details about the type of hack or how the attackers managed to gain access to the company’s systems, but Bleeping Computer reported that the hackers used an LV ransomware hack. The ransomware operators attempted to blackmail Semikron and threatened to leak the purloined data.
Semikron develops thousands of designs for power chips that are used in a range of renewable energy technologies, such as wind turbines and hybrid vehicles. The chips are used in trains and in industrial equipment such as conveyor belts and welding machines.— Max A. Cherney (email | twitter)
If you've been following our security coverage closely (and if so, thank you), then you might've seen my recent articles on extended detection and response (aka XDR) and the cybersecurity talent shortage. Well, here's a bit of news that incorporates both: Cybersecurity heavyweight Palo Alto Networks announced today that it's launching a new managed detection and response (MDR) service built on its Cortex XDR platform.
The company is doing so not only because it knows a heckuva lot about XDR (its founder Nir Zuk invented the concept), but also because this is exactly the sort of thing talent-strapped businesses are looking for right now. While customers have a lot of interest in gaining the security benefits of XDR — which can correlate threat data from across all of a customer's IT environments — many just don't have the skilled staff to operate the platform, Palo Alto Networks' Wendi Whitmore told me.
The company also hopes to sweeten the pot for customers by leveraging Unit 42, the company's well-regarded threat intelligence division. The MDR service, which is the Palo Alto Networks' second managed service to date, will in fact be delivered by the Unit 42 team.
Even though managed detection and response has become a crowded market, the company believes it is "uniquely positioned" to boost security for customers with its new MDR service, said Whitmore, senior vice president at Unit 42.— Kyle Alspach (email | twitter)
Equifax blamed a “coding issue” for a weeks-long period during which it issued inaccurate credit scores to lenders, potentially affecting loan decisions.Thoma Bravo bought another enterprise software company, this time snapping up Ping Identity for $2.8 billion.
How global ecommerce benefits American workers and the U.S. economy: Using economic multipliers published by the U.S. Bureau of Economic Analysis, NDP estimates that the ripple effect of this Alibaba-fueled consumption in 2020 supported more than 256,000 U.S. jobs and $21 billion in wages. These American sales to Chinese consumers also added $39 billion to U.S. GDP.
Thanks for reading — see you tomorrow!