Chris Bing – Page 34 – WindowsTechs.com

Here’s how the FBI’s most wanted cybercriminal hacks his targets

Posted on March 20, 2017 by Chris Bing

The FBI’s most wanted cybercriminal — who was indicted by the Justice Department for helping Russian intelligence break into Yahoo’s digital infrastructure — has repeatedly taken advantage of self-inflicted security mistakes made by private companies in order to compromise targets, according to Chris McNab, co-founder of AlphaSOC. FBI agents told reporters Wednesday that the 2014 Yahoo breach possibly began with 29-year-old Latvian native Alexsey Belan sending a routine phishing email sent to a “semi-privileged” employee. It appears that the attacker was able to progressively gain access to new systems after entering the company’s network via a malicious attachment. As a former employee of NCC Group, McNab responded to a data breach in 2012 that Belan was also allegedly behind. McNab wrote about Belan’s hacking tactics, techniques and procedures, which he discovered during that investigation in a blog post published Monday. McNab’s article provides some rare insight into how Belan, also known as […]

The post Here’s how the FBI’s most wanted cybercriminal hacks his targets appeared first on Cyberscoop.

Continue reading Here’s how the FBI’s most wanted cybercriminal hacks his targets→

Former NSA hackers: Yahoo indictments won’t slow down Russian cyberattacks

Posted on March 17, 2017 by Chris Bing

Newly unveiled indictments against a group of hackers working for Russian intelligence will do little to deter future cyberattacks against the U.S., former NSA analysts and government lawyers tell CyberScoop. Under the Obama administration, the Justice Department’s National Security Division pioneered a cybersecurity strategy of deterrence through indictments and criminal prosecutions. Over the last several years, in the aftermath of multiple high-profile data breaches, however, this approach of “naming and shaming” has garnered significant criticism for its lack of clear, deliverable results, experts say. “The [Yahoo] indictment calls into question whether past ‘name and shame’ indictments of international cybercriminals have had any deterrent effect,” said Edward McAndrew, a former federal cybercrime prosecutor in the U.S. Attorney’s Offices for the Eastern District of Virginia and for the District of Delaware, via email. “Indictments of this type only have deterrent effect if the defendants end up in a US prison — and for longer […]

The post Former NSA hackers: Yahoo indictments won’t slow down Russian cyberattacks appeared first on Cyberscoop.

Continue reading Former NSA hackers: Yahoo indictments won’t slow down Russian cyberattacks→

Russian agents allegedly hired this cyber-mercenary to hack Google and Yahoo

Posted on March 16, 2017 by Chris Bing

Karim Baratov, a 22-year-old Canadian born in Kazakhstan, is one of four alleged hackers named in a federal indictment for helping Russian intelligence officials break into numerous Yahoo and Google email accounts. Unlike the other suspects, however, Baratov appears to have worked as a sort of cyber-mercenary. Charging documents say he received thousands of dollars from the Federal Security Service, or FSB, to compromise targets. Baratov, known cybercriminal Aleksey Belan and FSB agents Dmitry Dokuchaev and Igor Sushchin are accused of breaching Yahoo multiple times between 2014 and late 2016. The suspects allegedly used their access to the platform to enrich themselves and spy on business executives, journalists and foreign government officials. The Justice Department said Wednesday in its indictment that Baratov was consistently paid for his hacking services by Dmitry Dokuchaev, a credit card fraudster turned spy, under the order of his superior, Igor Sushchin, a senior FSB officer who was arrested […]

The post Russian agents allegedly hired this cyber-mercenary to hack Google and Yahoo appeared first on Cyberscoop.

Continue reading Russian agents allegedly hired this cyber-mercenary to hack Google and Yahoo→

Trump budget: FBI would get an extra $61M to fight cybercrime and break encryption

Posted on March 16, 2017 by Chris Bing

President Donald Trump’s budget blueprint for the federal government proposes a $61 million increase for the FBI and Justice Department in fiscal 2018 to better track terrorist communications and combat cybercriminals. “The FBI would devote resources toward its world-class cadre of special agents and intelligence analysts, as well as invest $61 million more to fight terrorism and combat foreign intelligence and cyber threats and address public safety and national security risks that result from malicious actors’ use of encrypted products and services,” the blueprint states. The FBI is one of the few agencies that would see significant increases under the budget, which emphasizes national security and law enforcement. The Environmental Protection Agency and State Department, for example, would see drastic cuts. Trump’s proposed plan is designed to effectively increase the FBI’s overall funding by a total of $249 million, or 3 percent, above the current 2017 budget. Beyond cyber operations, a majority of the […]

The post Trump budget: FBI would get an extra $61M to fight cybercrime and break encryption appeared first on Cyberscoop.

Continue reading Trump budget: FBI would get an extra $61M to fight cybercrime and break encryption→

Top Women in Cybersecurity: Kimber Dowsett

Posted on March 16, 2017 by Chris Bing

Kimber Dowsett, Security Architect, 18F During a class graduation for Apple’s recently launched “Genius” training program in 2005, former Apple CEO Steve Jobs approached one of the few female graduates with a smile and handshake. Jobs expressed his delight at seeing a female in the typically male-heavy class. Today, 12 years later, and while Silicon Valley continues to struggle with diversity issues, that same graduate is one of the cybersecurity community’s best known engineers. Kimber Dowsett is a security architect for 18F, a specialized technology division within the General Services Administration, or GSA, that’s been called the U.S. government’s startup. 18F is a unique organization in that its employees often work directly with a myriad of different government agencies; meaning that they come in contact with numerous computer networks. Dowsett has worked over the past year to defend 18F from hackers and to make sure that if the organization were […]

The post Top Women in Cybersecurity: Kimber Dowsett appeared first on Cyberscoop.

Continue reading Top Women in Cybersecurity: Kimber Dowsett→

Leaked CIA documents show just how complicated computer warfare really is

Posted on March 15, 2017 by Chris Bing

Providing context to the CIA documents published last week by WikiLeaks has proven challenging because of the prevalence of codenames, unfamiliar acronyms and other unique jargon in the material. But with the help of a former U.S. intelligence official, CyberScoop has been able to identify an internal conversation evident in the leaked documents that shows employees of the spy agency discussing how to remotely disrupt a video player likely being used by a terrorist. An author identified only as “User #71468” in one apparent internal CIA discussion forum published by WikiLeaks describes the use of an old hacking tool to “trash somebody’s files.” The author’s post is classified “SECRET//NOFORN,” meaning secret and not for review by foreign nationals. User #71468’s comment reads: “We were trashing data. It was awesome. We were even overwriting files opened for exclusive write by using direct writes to the physical drive (XP only folks, Vista […]

The post Leaked CIA documents show just how complicated computer warfare really is appeared first on Cyberscoop.

Continue reading Leaked CIA documents show just how complicated computer warfare really is→

Armies of pro-Trump Twitter bots are now promoting WikiLeaks’ CIA dump

Posted on March 14, 2017 by Chris Bing

An army of pre-programmed Twitter accounts — many of which are actively associated with online campaigns to post pro-Donald Trump content — are now actively promoting a cache of leaked CIA files published last week by WikiLeaks, according to new research. About 32,000 unique Twitter accounts — more commonly known as “bots” — tweeted more than 170,000 times using the #Vault7 hashtag on March 8, the day the leaked information was made public. The #CIAHacking hashtag was also used in another 3,800 tweets authored by 2,600 bot accounts. The network was identified by social media researcher Vlad Shevtsov, who used a software tool to analyze upwards of 44 million tweets; looking for “multiple synchronous operations” to identify “automatic control of an artificial audience.” He described his methodology in greater detail in a blog post written earlier this month. Many of the same bots creating tweets around Vault 7 can also […]

The post Armies of pro-Trump Twitter bots are now promoting WikiLeaks’ CIA dump appeared first on Cyberscoop.

Continue reading Armies of pro-Trump Twitter bots are now promoting WikiLeaks’ CIA dump→

Some companies listed in CIA leak have yet to receive assistance from WikiLeaks

Posted on March 13, 2017 by Chris Bing

After publishing a trove of internal CIA documents, WikiLeaks founder Julian Assange announced last week that his organization will exclusively share the computer code for hacking tools owned by the spy agency with targeted technology firms identified in the leaked documents. As of late Monday, however, a significant number of affected companies told CyberScoop that WikiLeaks had yet to contact them. Assange’s pledge to offer assistance to these businesses, including household names like Microsoft, Google and Cisco, comes after WikiLeaks revealed that an unnamed defense contractor had provided nearly 9,000 documents from a digital library belonging to the CIA’s Engineering Development Group — an office reportedly tasked with developing computer espionage capabilities. More than 15 major technology vendors are mentioned in the leaked documents published last Tuesday. In some cases, an internal description for a private sector company’s technology also carries a discussion about how to compromise a product for […]

The post Some companies listed in CIA leak have yet to receive assistance from WikiLeaks appeared first on Cyberscoop.

Continue reading Some companies listed in CIA leak have yet to receive assistance from WikiLeaks→

Congressman says proposed ‘hacking back’ bill is gaining traction

Posted on March 10, 2017 by Chris Bing

A bill recently proposed by Rep. Tom Graves, R-Ga., that would allow companies victimized by hackers to take “active cyber defense measures,” is now gaining bipartisan support, according to the congressman. Graves told CyberScoop he has received “positive feedback for the concept from both Republican and Democrat members” and “significant interest from the public, business community and academic researchers.” Interest in the bill, Graves explained, reflects a “growing recognition that current federal law doesn’t provide an adequate deterrence for criminal hacking.” “With less than 1 percent of criminal hackers being prosecuted, there is a growing consensus that we need to determine a better way to impose costs to deter their behavior. Self-defense is one method of imposing a higher cost,” Graves said. The proposed bill, named the “Active Cyber Defense Certainty Act,” is currently a discussion draft. Graves’ office continues to receive feedback from industry, think tanks, academia and other members of […]

The post Congressman says proposed ‘hacking back’ bill is gaining traction appeared first on Cyberscoop.

Continue reading Congressman says proposed ‘hacking back’ bill is gaining traction→