Justice Department charges 7 Russian intelligence officers

The Department of Justice on Thursday announced criminal charges against seven Russian military officers for a wide-ranging hacking operation against sporting and anti-doping agencies in the United States, Canada, and Europe. Russian athletes were barred from representing their country at the 2018 Winter Olympics over alleged doping, and the indictment accuses the members of the GRU, Russia’s intelligence directorate, of using cyber-operations to obtain private health data on athletes at anti-doping agencies and then publicly leaking the data. Russian operatives dumped the private medical information of more than 250 athletes on social and traditional media toward that end, according to John Demers, assistant attorney general for national security. “All of this was done to undermine those organizations’ efforts to ensure the integrity of the Olympic and other games,” Demers said Thursday in announcing the charges. The indictment also accuses GRU hackers of targeting the Netherlands-based Organization for the Prohibition of […]

The post Justice Department charges 7 Russian intelligence officers appeared first on Cyberscoop.

Continue reading Justice Department charges 7 Russian intelligence officers

FireEye unmasks a new North Korean threat group

There is a distinct and aggressive group of hackers bent on financing the North Korean regime and responsible for millions of dollars in bank heists in recent years, according to research from cybersecurity company FireEye. The group, dubbed APT38, is distinct from other Pyongyang-linked hackers because of its overriding financial motivation — as opposed to pure espionage — and persistent targeting of banks worldwide, FireEye researchers said. “This is an active … threat against financial institutions all around the world,” Sandra Joyce, FireEye’s vice president of global intelligence, said at a press briefing. The group was responsible for some of the more high-profile attacks on financial institutions in the last few years, the researchers said, including the $81 million heist of the Bangladesh’s central bank in February 2016, and an attack on a Taiwanese bank in October 2017. North Korean hackers had already been publicly linked with these attacks, but the […]

The post FireEye unmasks a new North Korean threat group appeared first on Cyberscoop.

Continue reading FireEye unmasks a new North Korean threat group

Nielsen: DHS to quicken bad actor alerts in run-up to Election Day

The Department of Homeland Security will be much faster to alert state officials if their computer networks are being probed by hackers this election season than the department was in 2016, DHS Secretary Kirstjen Nielsen said Tuesday. It took roughly a year for DHS to notify officials in 21 states that their IT systems had been scanned by Russian hackers during the 2016 presidential campaign. But a combination of network sensors, incident response teams, and closer relationships with state and local officials means DHS can react much more quickly to threats during the 2018 midterms, according to Nielsen. “Now we know who to call,” she said at a conference hosted by The Washington Post, referring to state and local officials. “Now we have everybody on speed dial.” This year, the department will have a “situational awareness room” ready to monitor developments at DHS’s National Cybersecurity and Communications Integration Center, Nielsen […]

The post Nielsen: DHS to quicken bad actor alerts in run-up to Election Day appeared first on Cyberscoop.

Continue reading Nielsen: DHS to quicken bad actor alerts in run-up to Election Day

Rep. Speier: Congress needs a hack demo to understand election vulnerabilities

Lawmakers still need a hands-on demonstration of voting equipment vulnerabilities to fully grasp the urgency of election security, according to Rep. Jackie Speier, D-Calif. “I think that if we can fashion some kind of an interactive experience for members to watch… then we’ve got their attention,” Speier, a member of the intelligence committee, said in an interview. “We need that moment and we need that equipment, and we need that hack. And so once we can do that and do it in a way that the average luddite can understand, then we’ll be golden.” DEF CON, the hacking conference where researchers pick apart voting machines, provides that kind of visual demonstration. But Speier appeared to be the only lawmaker in attendance last week as the organizers of the DEF CON Voting Village presented their findings on Capitol Hill. (Some congressional staff did attend.) Election security vaulted into the spotlight on […]

The post Rep. Speier: Congress needs a hack demo to understand election vulnerabilities appeared first on Cyberscoop.

Continue reading Rep. Speier: Congress needs a hack demo to understand election vulnerabilities

U.S. looks to restart talks on global cyber norms

Fresh off the release of its national cybersecurity strategy, the Trump administration gauged interest at the United Nations in restarting talks on global cybersecurity norms. The negotiations, which collapsed last year amid reported acrimony among the U.S., Russia and others, aim to set limits on government-backed hacking at a time when offensive operations are abundant. At a meeting Friday with representatives of more than 20 countries, Deputy Secretary of State John J. Sullivan raised the prospect of restarting the norms dialogue at the U.N. Group of Governmental Experts (GGE), according to a State Department statement.  Sullivan told reporters the department hopes to reconvene the GGE “to define norms of behavior that states will abide by and, if they don’t, to impose consequences.” “[N]onbinding norms of responsible behavior during peacetime provides important guidance to states, and we’re looking to develop those,” Sullivan said, echoing language in the administration’s new cyber strategy. Furthermore, he […]

The post U.S. looks to restart talks on global cyber norms appeared first on Cyberscoop.

Continue reading U.S. looks to restart talks on global cyber norms

DEF CON founder says there’s a ‘civil war’ at voting vendors over security

There is a “civil war’ going on at big U.S. voting-equipment vendors between employees who want to proactively address security vulnerabilities and those who stubbornly oppose doing that, according to DEF CON founder Jeff Moss. “Half the company wants to deny that there’s any problem and to do things on their own timescale and basically soldier on,” Moss said Thursday, while the other half typically includes “younger engineers who think this is a great opportunity to make a change” in how the company approaches cybersecurity. He spoke on Capitol Hill at the rollout of the DEF CON Voting Village report, which highlighted a decade-old vulnerability in a ballot-counting machine used in more than half the states. Moss, a cybersecurity expert and outside adviser to the Department of Homeland Security, told CyberScoop that the opposing impulses at voting-equipment vendors could force some engineers to leave the companies. Engineers who have reached […]

The post DEF CON founder says there’s a ‘civil war’ at voting vendors over security appeared first on Cyberscoop.

Continue reading DEF CON founder says there’s a ‘civil war’ at voting vendors over security

DEF CON report finds decade-old flaw in widely used ballot-counting machine

A voting tabulator used to count ballots in more than half the states has a decade-old flaw that leaves it vulnerable to hacking, according to a report published Thursday by security researchers. The M650 machine, made by top voting-equipment vendor Election Systems and Software, could be compromised using a flawed software-updating procedure to infect it with malicious code, according to the report from the Voting Village at DEF CON, a renowned annual hacking conference. “It is very doubtful that the operators of M650s all over the U.S. are aware” of the need to combat the updating procedure by reformatting a ZIP disk, the report states. The M650 vulnerability was revealed in a 2007 report by the Ohio secretary of state’s office, pointing to a long lag time in patching some voting gear. “[D]isclosing vulnerabilities does not seem to be enough to get them fixed, even years later,” the DEF CON […]

The post DEF CON report finds decade-old flaw in widely used ballot-counting machine appeared first on Cyberscoop.

Continue reading DEF CON report finds decade-old flaw in widely used ballot-counting machine

VPNFilter now has ‘even greater capabilities,’ research shows

VPNFilter, the malware framework that co-opted half a million routers into a botnet earlier this year, has “even greater capabilities” than previously documented, new research shows. Talos, Cisco’s threat intelligence unit, said it recently found seven more VPNFilter modules that “add significant functionality to the malware,” whose botnet loomed over Ukraine ahead of a key soccer match in late May as well as an important public holiday in that country. Among the newly discovered capabilities of VPNFilter are the ability to exploit endpoint devices via compromised network gear, plus “data filtering and multiple encrypted tunneling capabilities to mask command and control and data exfiltration traffic,” Talos researcher Edmund Brumaghin wrote in a blog post Wednesday. The VPNFilter-enabled botnet had the ability to “brick” or disable thousands of devices, so researchers and U.S. law enforcement urgently sought to raise awareness of and mitigate the threat. The same week that Talos exposed VPNFilter, […]

The post VPNFilter now has ‘even greater capabilities,’ research shows appeared first on Cyberscoop.

Continue reading VPNFilter now has ‘even greater capabilities,’ research shows

DHS drone data left vulnerable, audit finds

While the Department of Homeland Security has looked to step up its use of drones to patrol the U.S.-Mexico border, lax security policies have left the collected data vulnerable to hackers and insider threats, a new audit finds. IT systems used by the Customs and Border Protection to share drone-gathered data are “at increased risk of compromise by trusted insiders and external sources” because of security shortcomings, a DHS inspector general report states. “Continuous monitoring to facilitate effective security incident handling, reporting, and remediation was lacking, while system maintenance and oversight of contractor personnel were inconsistent,” the report says. The IG investigation comes as DHS has sought more advanced drone technology to surveil border areas. In July 2016, for example, the department asked industry for proposals for small and easily deployable commercial drones. And in missions along the Texas-Mexico border over three years, a Predator B drone helped CBP personnel seize more […]

The post DHS drone data left vulnerable, audit finds appeared first on Cyberscoop.

Continue reading DHS drone data left vulnerable, audit finds

In this election security drill, Massachusetts cops battle hackers to protect the vote

With just weeks until the midterm elections, police in Massachusetts gathered last Thursday to practice responding to cyberattacks from an adversary bent on disrupting the democratic process. The simulation, hosted at the Boston headquarters of network security company Cybereason, pitted a police team that included former Boston Police Commissioner Ed Davis against a red team portraying hackers looking to exacerbate political divisions. The tabletop drill was a strategic duel, with the red team trying to suppress the vote and the cops mobilizing resources in response. The aim of the exercise was to show state and municipal authorities the type of coordinated and clever cyberattacks on critical infrastructure that are possible, according to Cybereason’s Ross Rustici, who helped devise the exercise. Davis said that point hit home. “I think it was an eye-opening experience for everyone who was there,” he told CyberScoop, adding: “People left that exercise with the sober realization that […]

The post In this election security drill, Massachusetts cops battle hackers to protect the vote appeared first on Cyberscoop.

Continue reading In this election security drill, Massachusetts cops battle hackers to protect the vote