At a glance.
- Czech Republic accuses China of attempted hacks.
- Most top CISA officials are losing their jobs.
- Iranian pleads guilty to participation in Baltimore ransomware attack.
Czech Republic accuses China of attempted hacks.
The Czech Republic has attributed a cyberespionage campaign targeting its Ministry of Foreign Affairs to China's APT31, the Record reports. The Czech government stated, "Following the national attribution process, the Government of the Czech Republic has identified the People´s Republic of China as being responsible for malicious cyber campaign targeting one of the unclassified networks of the Czech Ministry of Foreign Affairs. The malicious activity, which lasted from 2022 and affected an institution designated as Czech critical infrastructure, was perpetrated by the cyberespionage actor APT31 that is publicly associated with the Ministry of State Security."
The country's foreign affairs minister Jan Lipavsky has summoned the Chinese ambassador to communicate that "such hostile activities have a damaging impact on our bilateral relations."
Most top CISA officials are losing their jobs.
Nearly all senior officials at the US Cybersecurity and Infrastructure Security Agency (CISA) will be let go by the end of the month, Cybersecurity Dive reports. The agency's deputy director, Madhu Gottumukkala, informed employees in an email that the leaders of five of CISA's six operational divisions and six of its ten regional offices will have lost their jobs by May 30th.
Bridget Bean, the agency's executive director, said in a statement, "CISA is doubling down and fulfilling its statutory mission to secure the nation’s critical infrastructure and strengthen our collective cyber defense. We were created to be the cybersecurity agency for the nation, and we have the right team in place to fulfill that mission and ensure that we are prepared for a range of cyber threats from our adversaries."
The widespread cuts have raised concern among some CISA employees, however. One anonymous employee told Cybersecurity Dive, "With [this] significant number of senior departures, several of which are leaders who have been here since the days of US-CERT, there’s a lot of anxiety around when the cuts and departures will finally stop and we can move forward as an agency."
Iranian pleads guilty to participation in Baltimore ransomware attack.
A 37-year-old Iranian national, Sina Gholinejad, has pleaded guilty to using the Robbinhood ransomware to target US cities, including launching a 2019 attack against Baltimore that cost the city more than $19 million. The Justice Department says Gholinejad and his co-conspirators were also responsible for an attack on Greenville, North Carolina.
Gholinejad was detained in North Carolina earlier this year. He's facing a maximum penalty of 30 years in prison, with a sentencing scheduled in August.
