Sean Lyngaas – Page 80 – WindowsTechs.com

Ransomware infects hospitals in Ohio, West Virginia

Posted on November 27, 2018 by Sean Lyngaas

Ransomware has infected two hospitals in Ohio and West Virginia, a spokeswoman said Monday. A ransomware attack affected the Ohio Valley Medical Center and East Ohio Regional Hospital, Karen Janiszewski, spokeswoman for parent company Ohio Valley Health Services & Education Corp., confirmed in an email to CyberScoop. The attack Friday prevented the two hospitals, which together have 340 beds, from receiving patients via ambulance through at least part of Thanksgiving weekend, Ohio’s The Times Leader reported. No patient data was compromised and the hospitals could accept walk-in patients, according to the paper. The two hospitals are “the area’s only comprehensive behavioral and mental health services and board certified emergency services on both sides of the Ohio River,” which separates Ohio and West Virginia, according to their website. This attack is only the latest to strike U.S. medical facilities. Health care organizations have been on the frontlines of recent ransomware infections, with nearly a quarter of the 67 SamSam ransomware […]

The post Ransomware infects hospitals in Ohio, West Virginia appeared first on Cyberscoop.

Continue reading Ransomware infects hospitals in Ohio, West Virginia→

Russian APT activity is resurgent, researchers say

Posted on November 20, 2018 by Sean Lyngaas

Cybersecurity researchers have detected new spearphishing and malicious-email campaigns associated with two Russian-government-linked hacking groups known for breaching the Democratic National Committee in 2016. One campaign spotted by Palo Alto Networks featured a wave of malicious documents targeting government organizations in Europe, North America, and an unnamed former Soviet state. The documents, which researchers intercepted in late October and early November, included a variant of the Zebrocy Trojan that sends screenshots of a victim’s network back to a command-and-control server. Unit 42, Palo Alto Networks’ intelligence team, tied the malicious-email campaign to the Sofacy Group, a Russian hacking outfit also known as APT28 and Fancy Bear, which has deployed Zebrocy. Meanwhile, FireEye researchers on Monday published details on a spearphishing offensive that had technical similarities with a 2016 campaign from the APT29 Russian hacking group. Western governments have attributed APT28 and APT29 to different parts of Russia’s intelligence services. The campaign tracked by FireEye sent malicious […]

The post Russian APT activity is resurgent, researchers say appeared first on Cyberscoop.

Continue reading Russian APT activity is resurgent, researchers say→

U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals

Posted on November 19, 2018 by Sean Lyngaas

The Department of Justice’s second-in-command has called on other countries to step up their efforts to extradite accused cybercriminals, warning that the U.S. will “expose” countries that “manipulate the extradition process.” “We will identify nations that routinely block the fair administration of justice and fail to act in good faith,” Deputy Attorney General Rod Rosenstein told a general assembly of Interpol, an international police organization, on Sunday. “In some instances, nations shield their citizens from the rule of law with schemes that waste resources, cause needless delay, thwart investigative efforts, and undermine justice,” Rosenstein said in his prepared remarks. The U.S. processes extraditions “without regard to the nationality of the offender, but that cooperation must be reciprocated,” Rosenstein said. Rosenstein cited the case of Aleksey Belan, a Russian national charged with helping compromise 500 million Yahoo email accounts in 2014. In 2012, Belan was charged in a separate hack of […]

The post U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals appeared first on Cyberscoop.

Continue reading U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals→

Mock grid, real threats: DARPA borrows an island for a cyberattack drill

Posted on November 16, 2018 by Sean Lyngaas

Over the last 120 years, Plum Island, a forbidding swath of sand off Long Island, has been at the edge of U.S national security. The island housed gun batteries during the Spanish-American War, a torpedo storage facility during the First World War, and in recent decades it has been the government’s home for studying animal-borne diseases. In the first week of November, the military found yet another way for Plum Island to serve as a guinea pig. This time, though, it was for a decidedly 21st-century threat: cyberattacks that could hamstring the power grid. The fictional scenario saw contractors with the Pentagon’s R&D arm — the Defense Advanced Research Projects Agency (DARPA) — team up with engineers from prominent utilities to try to restore power that had been out for weeks following a hypothetical cyberattack. Their tall task: use a generator to gradually restart the power system, substation by substation — a process known as “black start” — all […]

The post Mock grid, real threats: DARPA borrows an island for a cyberattack drill appeared first on Cyberscoop.

Continue reading Mock grid, real threats: DARPA borrows an island for a cyberattack drill→

Pentagon, DHS agree to framework for joint cyberdefense

Posted on November 14, 2018 by Sean Lyngaas

The departments of Defense and Homeland Security have agreed to a framework that more clearly articulates the agencies’ roles and responsibilities in defending U.S. networks from advanced cyberthreats, officials told lawmakers Wednesday. A joint memo recently signed by Defense Secretary James Mattis and Homeland Security Secretary Kirstjen Nielsen “is a major step forward in fostering closer cooperation and marks a sea change in the level of collaboration between our departments,” Kenneth Rapuano, an assistant secretary of Defense, said at House Armed Services subcommittee hearing. Under the agreement, the departments will jointly prioritize a list of civilian assets that are critical to the U.S. military’s “ability to fight and win wars and project power,” and work to protect them, said Jeanette Manfra, DHS’s top cybersecurity official. That will shape a common understanding of threats at the agencies, which in turn can help the private and public sectors defend their networks, she added. DHS will […]

The post Pentagon, DHS agree to framework for joint cyberdefense appeared first on Cyberscoop.

Continue reading Pentagon, DHS agree to framework for joint cyberdefense→

Dragos to open Saudi Arabia office, announces new funding round

Posted on November 14, 2018 by Sean Lyngaas

Industrial cybersecurity company Dragos plans to open an office in Saudi Arabia next year to allow the company to more quickly respond to cyberthreats to energy infrastructure in the Middle East, Dragos CEO Robert M. Lee told CyberScoop. From the 2012 Shamoon attack on a state-owned oil company, to the infamous Trisis malware that caused a Saudi petrochemical plant to shut down in 2017, the Kingdom has been the scene of high-profile cyberattacks on industrial facilities. “A large reason for us to build the office there in Riyadh simply boils down to that’s where threats are,” Lee said. “And identifying those [threats] and learning from them makes our software, makes our approach better for all of our global customers.” The Saudi office will mark a major expansion for the Maryland-based company that Lee, a former Air Force and National Security Agency cybersecurity official, founded in 2013. Dragos on Wednesday also announced […]

The post Dragos to open Saudi Arabia office, announces new funding round appeared first on Cyberscoop.

Continue reading Dragos to open Saudi Arabia office, announces new funding round→

How the U.S. might respond if China launched a full-scale cyber attack

Posted on November 13, 2018 by Sean Lyngaas

The U.S. financial and energy sectors are no strangers to foreign government hackers, from Iranian denial-of-service attacks on American banks to Russian reconnaissance of industrial control systems. Less familiar territory, however, is how companies would work with the U.S. government to respond to a cross-sector cyberattack during a geopolitical crisis. About 20 private executives and ex-government officials gathered last month in Washington, D.C. to take a stab at that question. A tabletop exercise hosted by the Foundation for Defense of Democracies (FDD), a think tank, hashed out what companies and federal agencies might ask of each other in the 72 hours after a disruptive series of computer intrusions. The fictional scenario involved a confrontation between the United States and China in the Taiwan Strait, which was followed by a cascading cyberattack on multiple U.S. critical infrastructure sectors. The former defense and law enforcement officials in the room discussed with their private-sector counterparts – executives […]

The post How the U.S. might respond if China launched a full-scale cyber attack appeared first on Cyberscoop.

Continue reading How the U.S. might respond if China launched a full-scale cyber attack→

U.S. tech giants back French call for global cooperation in cyberspace

Posted on November 12, 2018 by Sean Lyngaas

A multifaceted framework for lessening aggression in global cyberspace was unveiled by the French government on Monday, drawing support from tech giants and digital rights groups. Announced on the 100-year anniversary of the end of World War I, The Paris Call for Trust and Security in Cyberspace condemns “malicious cyber activities in peacetime,” affirms the applicability of international law to nation-state behavior in cyberspace, and aims to keep private companies from hacking back. The document pledges to strengthen the ability of government and private-sector organizations to combat interference in electoral processes through malicious cyber activities. Like the U.S. 2016 presidential election, France’s 2017 presidential election was reportedly the target of Russian hack-and-leak operations. Previous cyber norms initiatives have been confined to governments or industry, but the Paris Call aims to be the first multi-stakeholder initiative backed by governments, industry, academia, and civil society, according to Klara Jordan, head of the Atlantic […]

The post U.S. tech giants back French call for global cooperation in cyberspace appeared first on Cyberscoop.

Continue reading U.S. tech giants back French call for global cooperation in cyberspace→

Symantec researchers dissect North Korean malware used in ATM attacks

Posted on November 8, 2018 by Sean Lyngaas

As the North Korean government has felt the bite of international sanctions, its hackers have reportedly carried out damaging raids on financial institutions to raise cash. Few operations capture that naked ambition more clearly than a scheme that has reportedly stolen tens of millions of dollars from ATMs in Africa and Asia. On Thursday, researchers from cybersecurity company Symantec detailed how the malware used in the ATM scheme intercepts fraudulent withdrawal requests and sends messages approving those withdrawals. The Lazarus Group, a broad set of North Korean hackers, is responsible for the so-called FastCash operation, according to Symantec. “FASTCash illustrates that Lazarus possesses an in-depth knowledge of banking systems and transaction processing protocols and has the expertise to leverage that knowledge in order to steal large sums from vulnerable banks,” Symantec researchers wrote in a blog post. The scheme has triggered simultaneous withdrawals from ATMs in 23 countries this year […]

The post Symantec researchers dissect North Korean malware used in ATM attacks appeared first on Cyberscoop.

Continue reading Symantec researchers dissect North Korean malware used in ATM attacks→

A quarter of Twitter support for Arizona, Florida candidates is phony: research

Posted on November 6, 2018 by Sean Lyngaas

About a quarter of support expressed on Twitter for political candidates in Arizona and Florida has been generated by “influence agents” ranging from bots to paid mouthpieces, according to a new study, showing the increasingly artificial political conversation in battleground states on the eve of the midterms. “There are at least thousands of cases of politicians, journalists and thought leaders responding to, and even endorsing, influence agents,” said APCO Worldwide and Morpheus Cyber Security, the companies that produced the research. The researchers used an analytics platform to study the Twitter traffic patterns of every major primary candidate for governor, the House of Representatives, and Senate in Arizona and Florida. The results show how an injection of artificial voices can significantly alter the political discourse on Twitter. “Not all influence operations peddle fake news using digital bots, and here we see a case of faking political support, rather than news,” Morpheus […]

The post A quarter of Twitter support for Arizona, Florida candidates is phony: research appeared first on Cyberscoop.

Continue reading A quarter of Twitter support for Arizona, Florida candidates is phony: research→