Author Archives: Chris Bing

Congress’ new spending bill includes $100M to counter Russian information operations

Posted on by

At least $100 million in funding specifically to counter Russian information operations will be available under a newly unveiled spending bill to keep the U.S. government running until the end of September. Dubbed the “Countering Russian Influence Fund,” the new initiative is designed to provide support to “civil society organizations and other entities” based in Europe, Eurasia and Central Asia. The inclusion of the provision comes just one day after President Trump once again downplayed the impact of Russian information operations on the 2016 presidential election during a nationally televised interview with CBS News. The Office of the Director of National Intelligence published a historic, declassified report in January accusing Russian intelligence services of hacking into the Democratic National Committee and email mailbox of top political strategist John Podesta in an effort to leak confidential messages that would discredit Democratic candidate Hillary Clinton. Congress must send the spending bill to Trump for his signature […]

The post Congress’ new spending bill includes $100M to counter Russian information operations appeared first on Cyberscoop.

Continue reading Congress’ new spending bill includes $100M to counter Russian information operations

U.S. warns of ’emerging’ global cyber-espionage campaign by Chinese hackers

Posted on by

An “emerging” international cyber-espionage campaign by a group with suspected ties to the Chinese government is affecting a growing number of companies globally, according to a warning from the U.S. government. Cybersecurity researchers and intelligence analysts have been tracking the hacker group known as APT10 or MenuPass Group since at least 2009. In the past, the group has targeted construction, engineering, aerospace and telecom companies as well as government agencies in the U.S., Europe and Japan. APT10’s past activity suggests it acts in “support of Chinese national security goals, including acquiring valuable military and intelligence information as well as the theft of confidential business data to support Chinese corporations,” according to cybersecurity firm FireEye, which has extensively monitored and studied the group. The U.S. National Cybersecurity and Communications Integration Center continues to review APT10’s recent activity and said it is working with victims “across different sectors,” according to a U.S. Computer […]

The post U.S. warns of ’emerging’ global cyber-espionage campaign by Chinese hackers appeared first on Cyberscoop.

Continue reading U.S. warns of ’emerging’ global cyber-espionage campaign by Chinese hackers

Facebook admits ‘fake news’ is a problem, pledges to curb ‘information operations’

Posted on by

More than six months after its founder first claimed that digital propaganda on social media had no discernible impact on the U.S. presidential election, Facebook publicly acknowledged such threats Thursday and announced plans to counter disinformation campaigns evident on the global social network. In a 13-page report released Thursday, Facebook outlined a series of sophisticated, well-funded and expansive campaigns it identified as being undertaken by governments and other organizations to spread misleading and sometimes false narratives to accomplish specific geopolitical goals. Facebook found that perpetrators often leveraged a complex network of fake accounts and amplification techniques to proliferate distinctive, time-sensitive messages to target audiences. The Office of the Director of National Intelligence, or ODNI, published a historic, declassified report in January accusing Russian intelligence services of hacking into the Democratic National Committee and using damaging internal documents to specifically discredit democratic presidential candidate Hillary Clinton. Leaked communications were widely circulated on social […]

The post Facebook admits ‘fake news’ is a problem, pledges to curb ‘information operations’ appeared first on Cyberscoop.

Continue reading Facebook admits ‘fake news’ is a problem, pledges to curb ‘information operations’

Facebook admits ‘fake news’ is a problem, pledges to curb ‘information operations’

Posted on by

More than six months after its founder first claimed that digital propaganda on social media had no discernible impact on the U.S. presidential election, Facebook publicly acknowledged such threats Thursday and announced plans to counter disinformation campaigns evident on the global social network. In a 13-page report released Thursday, Facebook outlined a series of sophisticated, well-funded and expansive campaigns it identified as being undertaken by governments and other organizations to spread misleading and sometimes false narratives to accomplish specific geopolitical goals. Facebook found that perpetrators often leveraged a complex network of fake accounts and amplification techniques to proliferate distinctive, time-sensitive messages to target audiences. The Office of the Director of National Intelligence, or ODNI, published a historic, declassified report in January accusing Russian intelligence services of hacking into the Democratic National Committee and using damaging internal documents to specifically discredit democratic presidential candidate Hillary Clinton. Leaked communications were widely circulated on social […]

The post Facebook admits ‘fake news’ is a problem, pledges to curb ‘information operations’ appeared first on Cyberscoop.

Continue reading Facebook admits ‘fake news’ is a problem, pledges to curb ‘information operations’

Manufacturing companies got wrecked by cyber-spies last year, Verizon report says

Posted on by

Cyber-spies backed by nation-states were behind a majority of data breaches experienced by manufacturing companies in 2016, according to Verizon’s newly published 2017 Data Breach Investigations Report. Verizon identified 620 data breach incidents in the manufacturing sector last year — of which 94 percent could be defined as “espionage” driven and attributable to “state-affiliated” actors. Roughly 91 percent of material stolen in these breaches had been categorized as “secret,” relating to proprietary information owned solely by the victim. Cybersecurity experts say hackers largely target the manufacturing industry in order to steal trade secrets, business plans and valuable intellectual property. Verizon defines cyber-espionage as incidents that include “unauthorized network or system access linked to state-affiliated actors and/or exhibiting the motive of espionage.” “When you make stuff, there is always someone else who wants to make it better, or at least cheaper. A great way to make something cheaper is to let […]

The post Manufacturing companies got wrecked by cyber-spies last year, Verizon report says appeared first on Cyberscoop.

Continue reading Manufacturing companies got wrecked by cyber-spies last year, Verizon report says

Basic phishing emails are so effective that most hackers don’t use exploit kits anymore

Posted on by

Hackers overwhelmingly prefer to target email accounts as their entry point into organizations now, and it’s causing a massive drop in exploit kit usage, according to new research conducted by Symantec. The findings underscore a significant and recent transformation in the way that attackers generally seek to compromise systems; a trend that’s greatly accelerated over the last 12 months, Symantec found. “Malicious activity from exploit kits dropped by 60 percent in 2016, with our research indicating that attackers are now favoring email as a primary infection vector,” Symantec’s 2017 Internet Security Threat Report reads. “[Conversely,] email malware rates increased in 2016, from 1 in 220 emails to 1 in 131 emails” — a statistic largely driven by bot nets dispensing ransomware, said Bill Wright, director of government affairs for Symantec. The change has resulted in a reliance on what Symantec calls “living off the land” tactics. This translates into hackers […]

The post Basic phishing emails are so effective that most hackers don’t use exploit kits anymore appeared first on Cyberscoop.

Continue reading Basic phishing emails are so effective that most hackers don’t use exploit kits anymore

Russian hackers heavily targeted news outlet in days before U.S. election, researchers say

Posted on by

Hackers working for the Russian government sent a barrage of targeted phishing emails between 2014 and 2016 to employees of major news outlets, and they focused particularly on Al Jazeera in the days before and shortly following the U.S. presidential election, according to new research by cybersecurity firm Trend Micro. It’s unclear exactly why the elite team of hackers — known as APT-28, Fancy Bear or Pawn Storm — focused so heavily on the Qatar-based, state-funded global broadcaster during that short window. Like other news agencies targeted over the longer two-year span, including the New York Times and Buzzfeed, the award-winning outlet covered the election in detail and dedicated a section of its website to election-night coverage. Trend Micro’s Forward-looking Threat Research, or FTR, team said staff at Al Jazeera were repeatedly sent phishing emails with deceptive links, including “account-aljazeera.net” and “sset-aljazeera.net.” The subject line for some emails sent by the hacking […]

The post Russian hackers heavily targeted news outlet in days before U.S. election, researchers say appeared first on Cyberscoop.

Continue reading Russian hackers heavily targeted news outlet in days before U.S. election, researchers say

Russia’s reliance on cybercriminals has a ‘silver lining,’ says top DOJ lawyer

Posted on by

A top Justice Department official says there is a “silver lining” in the fact that Russia’s Federal Security Service was reliant on a pair of alleged cybercriminals to hack into Yahoo and collect information. Two contractors with cybercrime connections were among four individuals indicted in March by the Justice Department in a massive data breach that occurred at Yahoo in 2014. The other two were officers from FSB, which is one of Russia’s top intelligence agencies. Such a “blended threat” can create openings for investigators, said Adam Hickey, deputy assistant attorney general for the National Security Division. “It’s an advantage to us because those are individuals that are more willing to travel, they are more likely to be less op-sec savvy in certain respects compared to an intelligence officer and that matters because apprehending them can … give us that human intelligence into the state-sponsored hacking,” Hickey said. “That can be very, very valuable in […]

The post Russia’s reliance on cybercriminals has a ‘silver lining,’ says top DOJ lawyer appeared first on Cyberscoop.

Continue reading Russia’s reliance on cybercriminals has a ‘silver lining,’ says top DOJ lawyer

Interpol identifies 9,000 computers in Asia owned by hackers, used to launch ransomware

Posted on by

Nearly 9,000 computer servers based in southeast Asia are infected with or currently dispensing malware, according to a newly unveiled Interpol-led operation heavily supported by multiple private sector cybersecurity firms and domestic law enforcement agencies. Hundreds of compromised websites popularly used in Southeast Asia — including regional government portals — also were identified as under the control of hackers, Interpol announced Monday. The news underscores an increasingly international effort between national law enforcement agencies and the broader digital defense industry to collaborate on cybercrime fighting operations. An assistant attorney general for the Justice Department’s Criminal Division, Leslie Caldwell, said last year that the FBI would need to rely on foreign help to stop hackers in the future. “Sharing intelligence was the basis of the success of this operation, and such cooperation is vital for long term effectiveness in managing cooperation networks for both future operations and day to day activity […]

The post Interpol identifies 9,000 computers in Asia owned by hackers, used to launch ransomware appeared first on Cyberscoop.

Continue reading Interpol identifies 9,000 computers in Asia owned by hackers, used to launch ransomware

That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say

Posted on by

Thousands of Microsoft Windows machines worldwide are infected with an NSA-developed backdoor that hackers installed by reusing leaked executable code from an outdated hacking toolkit belonging to the spy agency, multiple security researchers tell CyberScoop. The mysterious Shadow Brokers group published a package of internal NSA documents last week, containing among other things the computer code for a series of exploits, implants and other hacking tools. In the days since the leak first became public, hackers have mulled over the trove and begun reverse-engineering and recycling some of the capabilities, CyberScoop previously reported. One of these hacking tools, a backdoor implant codenamed DOUBLEPULSAR — which is used to run malicious code on an already compromised box — has already been installed on 30,000 to 50,000 hosts, according to Phobos Group founder Dan Tentler. Other researchers have also engineered different detection scripts to quickly scan the internet for infected computers. John Matherly, […]

The post That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say appeared first on Cyberscoop.

Continue reading That was fast: Thousands of computers now compromised with leaked NSA tools, researchers say