Author Archives: Ryan Johnston

Former CIA head: health care industry must quickly confront cybersecurity issues

Posted on by

Cybersecurity within the health care sector will only become a more dire issue for politicians and doctors alike as connected technology continues to expand, a panel of experts speaking at the Bipartisan Policy Center agreed Wednesday. Former acting CIA Director Michael Morrell and former Homeland Security Secretary Michael Chertoff pointed to the rapid integration of smart technology into U.S. health care system since 2008, and they noted the sector’s exposure to ransomware, data theft and disruption of connected devices. Devices such as network-connected pacemakers are vulnerable to hackers in three ways, Morrell said: through a vulnerable internet-connected network; by infiltration of the supply chain from manufacturers to hospitals; or through insider manipulation at health care facilities. The insider threat is the most direct and therefore more potentially devastating one, he said. Expanding the conversation, he said cybersecurity across all sectors “is the second-biggest threat facing the U.S. after international terrorism, and it’s the fastest-growing […]

The post Former CIA head: health care industry must quickly confront cybersecurity issues appeared first on Cyberscoop.

Continue reading Former CIA head: health care industry must quickly confront cybersecurity issues

U.K. confirms use of offensive cyberweapons against ISIS

Posted on by

U.K. Defense Secretary Sir Michael Fallon said Tuesday that his country is regularly and successfully utilizing offensive cyberweapons within Iraq and other areas under control of the Islamic State. “I can confirm that we are now using offensive cyber routinely in the war against Daesh, not only in Iraq but also in the campaign to liberate Raqqa and other towns on the Euphrates,” Fallon said, using the Arabic phrase for ISIS. “Offensive cyber there is already beginning to have a major effect on degrading Daesh’s capabilities.” The U.K. isn’t the only country to use offensive cyberweapons against the Islamic State, but Fallon’s comments suggest it might be having more success than others. The U.S. has struggled to tailor its arsenal of cyberweaponry to fight ISIS, which notoriously utilizes social media to recruit while remaining overall less technically advanced than its enemies. Social media also creates legal gray areas for U.S. agencies, potentially slowing offensive operations. […]

The post U.K. confirms use of offensive cyberweapons against ISIS appeared first on Cyberscoop.

Continue reading U.K. confirms use of offensive cyberweapons against ISIS

Report: Obama admin planted cyber ‘bombs’ inside Russian infrastructure

Posted on by

The Obama Administration reportedly planted cyber weapons within Russian infrastructure in 2016 to use in response to potential threats made by the Kremlin, according to the Washington Post. Through collaboration with members of the NSA, CIA and U.S. Cyber Command, according to the Washington Post, Obama gave his signature to a covert cyber operation designed “to be triggered remotely as part of retaliatory cyber-strike in the face of Russian aggression, whether an attack on a power grid or interference in a future presidential race.” The cyber weapons were “the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow,” but the project, including the “time sensitive” weapons, were never fully completed under Obama and the option for potential retaliation now rests with President Donald Trump. The Obama administration publicly announced a set of sanctions in December 2016 aimed at cracking […]

The post Report: Obama admin planted cyber ‘bombs’ inside Russian infrastructure appeared first on Cyberscoop.

Continue reading Report: Obama admin planted cyber ‘bombs’ inside Russian infrastructure

Google to governments; update your international data laws

Posted on by

Alphabet Inc.’s Google emphasized their desire for a reform of ECPA and international data access laws Thursday, asking U.S. and foreign lawmakers to take another look at the current International data access laws governing the digital evidence acquisition process. Speaking at the Heritage Foundation, Google’s Senior Vice President and General Counsel Kent Walker affirmed Google’s belief that a new legal framework for cloud data was necessary for both governments and corporations alike in a speech titled “Digital Security and Due Process: Modernizing Cross-Border Surveillance Law for the Cloud Era.” Speaking on Google’s behalf, Walker focused his speech and responses on the “untenable” position Google was in to adequately support domestic and foreign digital evidence requests with respect to upholding privacy rights, due process and human rights worldwide. “Existing laws governing digital evidence just haven’t kept up with these technological changes, and often they simply don’t work. They don’t allow for Democratic […]

The post Google to governments; update your international data laws appeared first on Cyberscoop.

Continue reading Google to governments; update your international data laws

200 million registered voters exposed due to open AWS repository

Posted on by

A misconfigured database containing sensitive personal information of 198 million American voters was left exposed to the internet for 12 days by a Republican data analysis firm, the largest known data exposure of its kind. According to UpGuard Cyber Risk Analyst Chris Vickery, republican contractors Deep Root Analytics, TargetPoint consulting, Inc. and Data Trust stored the data on a public cloud owned by Deep Root Analytics. The names, dates of birth, home addresses, phone numbers, and voter registration details of nearly all of America’s registered voters were exposed, including “modeled” data of voter ethnicities and religions. The enormous amount of political data, compiled by the RNC and contracting firms after Mitt Romney’s loss in the 2012 presidential election, held around 9.5 billion data points of three out of five americans, grading the 198 million registered voters on political leanings across forty-eight categories using algorithmic modeling. Vickery discovered the Amazon Web Services S3 […]

The post 200 million registered voters exposed due to open AWS repository appeared first on Cyberscoop.

Continue reading 200 million registered voters exposed due to open AWS repository

Before joining Trump’s White House, Michael Flynn advised cybersecurity firms

Posted on by

Prior to his short-lived term as National Security Advisor to U.S. President Donald Trump, Lt. Gen. Michael Flynn assisted private sector firms in building their connections with governments around the world. Flynn offered consultation services and guidance while serving on either the Advisory Council or Board of Directors for at least four private sector cybersecurity firms, including Palo Alto Networks, GreenZone Systems, which is now Saife, Halo Privacy and OSY Technologies, an organization connected to Israeli cyberarms dealer NSO Group. Flynn, according to his Public Financial Disclosure Form, held at least 11 positions among various companies in the private sector within 12 months of January 22, 2017, the eventual date of his appointment as Trump’s National Security Advisor. Flynn terminated his positions at nearly all of these companies in late 2016 when Trump nominated him as National Security Advisor, according to disclosure forms. The only two positions he stayed on […]

The post Before joining Trump’s White House, Michael Flynn advised cybersecurity firms appeared first on Cyberscoop.

Continue reading Before joining Trump’s White House, Michael Flynn advised cybersecurity firms

Hackers are just doing their patriotic duty, according to Putin

Posted on by

Russian President Vladimir Putin assured senior editors of leading international news agencies on Thursday that the Russian state has never taken part in hacking, according to the Associated Press. “Hackers are free people, just like artists who wake up in the morning in a good mood and start painting,” Putin said. “The hackers are the same, they would wake up, read about something going on in interstate relations and if they have patriotic leanings, they may try to add their contribution to the fight against those who speak badly about Russia.” Putin offered an explanation for recent cyberattacks of apparent Russian origins, proposing that falsified digital evidence may have been used in the past to smear Moscow. “I can imagine that some do it deliberately, staging a chain of attacks in such a way as to cast Russia as the origin of such an attack,” Putin said. “Modern technologies allow […]

The post Hackers are just doing their patriotic duty, according to Putin appeared first on Cyberscoop.

Continue reading Hackers are just doing their patriotic duty, according to Putin

Disney CEO: Hackers demanding ransom for stolen movie

Posted on by

The Walt Disney Company is the latest high-profile target in a string of devastating extortion-based attacks worldwide, as CEO Bob Iger recently told ABC employees that unidentified hackers are demanding ransom for an unreleased movie they claim to have stolen from the entertainment titan. According to the Hollywood Reporter, the company has said it will not pay, and also declined to name the film that was stolen. The hackers have threatened to release the film’s first five minutes if they are not paid a large sum in bitcoin, and then release the rest of the movie in 20-minute chunks if the ransom remains unpaid. Disney is currently working with federal investigators but said it will wait for hackers to show evidence they have a copy of the movie before acting. Disney could not be reached for further comment. The company has multiple movies set to be released in the coming months, […]

The post Disney CEO: Hackers demanding ransom for stolen movie appeared first on Cyberscoop.

Continue reading Disney CEO: Hackers demanding ransom for stolen movie