Latest news with #Gundert
The Hindu
2 days ago
- General
- The Hindu
Hermann Gundert Award presented
K. Jayakumar, former Chief Secretary and former Vice-Chancellor of Thunchath Ezhuthachan Malayalam University, said German missionary and linguist Hermann Gundert did not reject local beliefs, but rather explained the scientific principles behind them. Speaking about Gundert's social contributions at a seminar organised by the Hermann Gundert Educational Foundation at the Chavara Cultural Centre in Kozhikode on Friday (June 13, 2025), Mr. Jayakumar said the linguist had been a bridge between Eastern and Western knowledge systems. 'Be like Gundert; be intellectually free; be curious,' he added. Mr. Jayakumar also presented the Hermann Gundert Award, instituted by the foundation, to writer Vallikavu Mohandas for his book Missionaries' Kerala (Missionarykalude Keralam). The foundation's vice-chairman Chacko Kalamparambil presided over the session.
Axios
08-04-2025
- Business
- Axios
Tariffs could jumpstart Beijing's global spying efforts, executive warns
Escalating U.S.-China trade tensions are likely to fuel a surge in Beijing-backed cyber espionage, a top security executive warns. Why it matters: U.S. companies and government agencies were already grappling with an unprecedented wave of hacking activity linked to the Chinese government. New tariff threats could intensify that pressure. Driving the news: President Trump threatened on Monday to impose an additional 50% tariff on Chinese goods starting Friday. The warning followed Beijing's move to implement its own 34% retaliatory tariff. "All talks with China concerning their requested meetings with us will be terminated until such time as the tariffs are removed," Trump said. Threat level: The escalation gives Chinese operatives a stronger incentive to gather intelligence from U.S. politicians and global companies about how seriously to take the tariff threats, Levi Gundert, chief security and intelligence officer at Recorded Future, told Axios. "There will be a premium put on very timely information that helps them navigate this new era," he said. The volume of China-backed espionage targeting U.S. entities is already at record levels. Gundert said Beijing will likely also intensify efforts against governments and companies in other countries that are also negotiating new tariff deals with Trump. Between the lines: Spying on sensitive political and economic discussions has long been a core objective of Chinese cyber operations. Gaining insights into tariff talks would fall squarely within Beijing's typical spying domains, Gundert said.
WIRED
13-02-2025
- WIRED
China's Salt Typhoon Spies Are Still Hacking Telecoms—Now by Exploiting Cisco Routers
Feb 13, 2025 12:00 AM Despite high-profile attention and even US sanctions, the group hasn't stopped or even slowed its operation, including the breach of two more US telecoms. A server room at the Cisco Systems Poland headquarters in Krakow, Poland. Photograph:When the Chinese hacker group known as Salt Typhoon was revealed last fall to have deeply penetrated major US telecommunications companies—ultimately breaching no fewer than nine of the phone carriers and accessing Americans' texts and calls in real time—that hacking campaign was treated as a four-alarm fire by the US government. Yet even after those hackers' high-profile exposure, they've continued their spree of breaking into telecom networks worldwide, including more in the US. Researchers at cybersecurity firm Recorded Future on Wednesday night revealed in a report that they've seen Salt Typhoon breach five telecoms and internet service providers around the world, as well as more than a dozen universities from Utah to Vietnam, all between December and January. The telecoms include one US internet service provider and telecom firm and another US-based subsidiary of a UK telecom, according to the company's analysts, though they declined to name those victims to WIRED. 'They're super active, and they continue to be super active,' says Levi Gundert, who leads Recorded Future's research team known as Insikt Group. 'I think there's just a general under-appreciation for how aggressive they are being in turning telecommunications networks into Swiss cheese.' To carry out this latest campaign of intrusions, Salt Typhoon—which Recorded Future tracks under its own name, RedMike, rather than the Typhoon handle created by Microsoft—has targeted the internet-exposed web interfaces of Cisco's IOS software, which runs on the networking giant's routers and switches. The hackers exploited two different vulnerabilities in those devices' code, one of which grants initial access, and another that provides root privileges, giving the hackers full control of an often powerful piece of equipment with access to a victim's network. 'Any time you're embedded in communication networks on infrastructure like routers, you have the keys to the kingdom in what you're able to access and observe and exfiltrate,' Gundert says. Recorded Future found more than 12,000 Cisco devices whose web interfaces were exposed online, and says that the hackers targeted more than a thousand of those devices installed in networks worldwide. Of those, they appear to have focused on a smaller subset of telecoms and university networks whose Cisco devices they successfully exploited. For those selected targets, Salt Typhoon configured the hacked Cisco devices to connect to the hackers' own command-and-control servers via generic routing encapsulation, or GRE tunnels—a protocol used to set up private communications channels—then used those connections to maintain their access and steal data. When WIRED reached out to Cisco for comment, the company pointed to a security advisory it published about vulnerabilities in the web interface of its IOS software in 2023. 'We continue to strongly urge customers to follow recommendations outlined in the advisory and upgrade to the available fixed software release,' a spokesperson wrote in a statement. Hacking network appliances as entry points to target victims—often by exploiting known vulnerabilities that device owners have failed to patch—has become standard operating procedure for Salt Typhoon and other Chinese hacking groups. That's in part because those network devices lack many of the security controls and monitoring software that's been extended to more traditional computing devices like servers and PCs. Recorded Future notes in its report that sophisticated Chinese espionage teams have targeted those vulnerable network appliances as a primary intrusion technique for at least five years. That Salt Typhoon continues to carry out business as usual is nonetheless notable, Recorded Future's analysts say. The group's activities have been exposed in the media, in government reports and announcements issued by the FCC, CISA, and the White House, even in sanctions issued by the US Treasury. But that hasn't caused the hackers to change course. On January 17, Treasury sanctioned Sichuan Juxinhe Network Technology, a cybersecurity firm allegedly linked to Salt Typhoon's operations. And yet, Gundert says, Recorded Future hasn't seen any cessation or slowdown of the hackers' activities even since that date. 'That's the disappointing part about this,' says Gundert. 'Even with all the attention, we haven't observed any real change in the volume or velocity of attacks, even in the same target demographic of telecommunications.' After Salt Typhoon's hacking campaign targeting US telecom networks came to light last fall, then FBI director Christopher Wray described the phone company breaches as China's 'most significant cyber-espionage campaign in history.' The intrusions, which in some cases exploited the wiretap mechanisms built into telecoms for law enforcement use, prompted CISA and FBI officials to go so far as to recommend that Americans use end-to-end encrypted communication apps like Signal and WhatsApp to avoid leaving their texts and calls vulnerable to China's real-time spying. In this latest rash of intrusions, Recorded Future says it's seen the Chinese hackers break into not only the US internet service provider and telecommunications firm and a US affiliate of a UK telecom, but also telecoms in South Africa and Thailand and an internet service provider in Italy, though it declined to name any of those victims. It's also seen the group target a broader range of universities around the world for apparent espionage, including in Argentina, Bangladesh, Indonesia, Malaysia, Mexico, Netherland, Thailand, Vietnam, and the US—including the University of California, California State, Utah Tech, and Loyola University. Recorded Future says it was able to gain visibility into those intrusions by identifying command-and-control infrastructure used by Salt Typhoon, though it didn't further explain its methodology. The company's analysts note that there may well be other parts of the group's hacking campaign—and other victims—that it hasn't discovered. 'They've only gotten more bold,' says Jon Condra, another Recorded Future analyst. 'I strongly suspect it's much larger than what we've seen.'
