Shannon Vavra – Page 23 – WindowsTechs.com

How COVID-19 changed Cyber Command’s ‘Cyber Flag’ exercise

Posted on June 25, 2020 by Shannon Vavra

This year when U.S. Cyber Command convened with allied countries to test how they would collectively defend against a cyber-operation targeting allied networks, the units came together for what appeared to be a straightforward simulation of an attack against a European airbase. The worldwide coronavirus pandemic made the simulation less than straightforward. For the first time ever, participants conducted the exercise from home, according to U.S. military cyber commanders involved in the exercise. The annual simulation, which simulated an attack that impacted both information technology (IT) and operational technology (OT), took place on a new platform, the Persistent Cyber Training Environment (PCTE). “The impact of COVID-19 is pretty clear and it’s been a challenge for us. But it didn’t pause the action that’s been going on in cyberspace,” U.S. Coast Guard Rear Admiral John Mauger, the director of Cyber Command exercises and training, told reporters Wednesday. “Within Cyber Command we couldn’t stop […]

The post How COVID-19 changed Cyber Command’s ‘Cyber Flag’ exercise appeared first on CyberScoop.

Continue reading How COVID-19 changed Cyber Command’s ‘Cyber Flag’ exercise→

Hackers are still running coronavirus-related campaigns, CrowdStrike warns

Posted on June 24, 2020 by Shannon Vavra

Although many municipalities around the world have begun to ease up on stay-at-home orders, hackers are still running spearphishing and disinformation campaigns taking advantage of the pandemic. Adam Meyers, CrowdStrike’s Vice President of Intelligence, says nation-state and criminal spearphishing campaigns that leverage COVID-19 themed lures are still on the rise. “We’ve been seeing an increase of … behavior of social engineering where they’re impersonating things like the WHO, CDC, HHS, hospitals, healthcare [entities], and even insurance companies to entice people to click links or to click on on phishing [and] open files,” Meyers said Wednesday while speaking at the virtual CrowdStrike’s Fal.Con for Public Sector Conference, produced by FedScoop and CyberScoop. “This is an increasing problem and it demonstrates that the threat actors have found an unprecedented level of awareness around COVID-19…and they’re taking advantage of that and they’re capitalizing on it.” Hackers working for China, Russia, Iran, North Korea, Pakistan, […]

The post Hackers are still running coronavirus-related campaigns, CrowdStrike warns appeared first on CyberScoop.

Continue reading Hackers are still running coronavirus-related campaigns, CrowdStrike warns→

Ransomware operators now threatening to publish stolen data in extortion demands

Posted on June 24, 2020 by Shannon Vavra

Ransomware attackers typically encrypt files with the promise of decryption if victims make good on hefty ransom demands. But the status quo among ransomware operators has been shaken in the last several months, and they’re now beginning to move away from just demanding ransoms from victims. They’re also running hack-and-leak operations, according to CrowdStrike. “[A] trend that we’re starting to see in the last couple of months is that when victims don’t pay the ransom … threat actors have actually been threatening to disclose their sensitive files. So they’re actually exfiltrating data from the victim and threatening to disclose it,” CrowdStrike vice president of intelligence Adam Meyers said Wednesday while speaking at the virtual CrowdStrike’s Fal.Con for Public Sector Conference, produced by FedScoop and CyberScoop. In at least one case, attackers auctioned stolen data to the highest bidder on a custom-built website, Meyers said. “This is an escalation in the ransomware operations where they’re now moving […]

The post Ransomware operators now threatening to publish stolen data in extortion demands appeared first on CyberScoop.

Continue reading Ransomware operators now threatening to publish stolen data in extortion demands→

Moroccan journalist targeted by NSO Group spyware, Amnesty International says

Posted on June 22, 2020 by Shannon Vavra

Amnesty International said Sunday its security team found evidence of abuse on a Moroccan journalist’s cell phone that can be tied back to spyware developed by NSO Group. The journalist, Omar Radi, was targeted by surveillance software capable of tracking texts, calls, emails, camera, and more — just days after NSO Group, the Israeli surveillance software company, announced it would stop its products from being used to perpetuate human rights abuses, according to Amnesty International. Although the attackers behind the targeting are unconfirmed, Amnesty says evidence indicates the Moroccan government is behind the surveillance. NSO Group has repeatedly said it only sells its technology to governments. The targeting of Radi came at a time when he was being repeatedly harassed by the Moroccan government between January 2019 and January 2020. Radi was targeted by a series of network injection attacks, which allowed attackers to intercept and manipulate targets’ internet traffic, Amnesty International said. […]

The post Moroccan journalist targeted by NSO Group spyware, Amnesty International says appeared first on CyberScoop.

Continue reading Moroccan journalist targeted by NSO Group spyware, Amnesty International says→

Here’s what John Bolton had to say about cybersecurity policy in his new book

Posted on June 22, 2020 by Shannon Vavra

In his new book, former national security adviser John Bolton says that squabbling amongst Trump administration officials hobbled the White House’s efforts to issue new policies that shaped the U.S. government’s offensive and defense cyber-operations. The book, “The Room Where It Happened: A White House Memoir,” which CyberScoop obtained, provides an insider’s view of the U.S. government’s largely secretive approach to revamping cyber policy in the last two years. Aside from cyber-operations, Bolton paints President Donald Trump as preoccupied and angered by cybersecurity-related issues, as well as all too willing to use hacking to prop up his political goals in negotiations with China and Ukraine. “We needed to do two things: first, we needed a Trump Administration cyber strategy, and second, we needed to scrap the Obama-era [offensive cyber-operations] rules and replace them with a more agile, expeditious decision-making structure,” Bolton writes of his time negotiating new policies with national security and intelligence officials in 2018. […]

The post Here’s what John Bolton had to say about cybersecurity policy in his new book appeared first on CyberScoop.

Continue reading Here’s what John Bolton had to say about cybersecurity policy in his new book→

The NSA is piloting a secure DNS service for the defense industrial base

Posted on June 18, 2020 by Shannon Vavra

In an effort to better protect the U.S. defense industrial base from malware-based threats, the National Security Agency has launched a pilot program on securing Domain Name System use for U.S. defense contractors. The NSA’s cybersecurity directorate has been working on the the pilot, called secure DNS, for six weeks, the directorate’s chief, Anne Neuberger, said during a virtual event Thursday. “Our analysis highlighted that using secure DNS would reduce the ability for 92% of malware attacks … from a command and control perspective, deploying malware on a given network,” Neuberger said. DNS, is the protocol by which IP addresses are translated to access specific websites with their more familiar domain names and URLs. Attackers have long exploited DNS to deliver malware to targets or run credential-stealing campaigns, according to security researchers and the Department of Homeland Security. Since the NSA Cybersecurity Directorate was established last fall, shoring up the cybersecurity of […]

The post The NSA is piloting a secure DNS service for the defense industrial base appeared first on CyberScoop.

Continue reading The NSA is piloting a secure DNS service for the defense industrial base→

Bolton book could cause ‘irreparable damage’ to U.S. signals intelligence, NSA Director says

Posted on June 18, 2020 by Shannon Vavra

John Bolton’s tell-all on his time serving as President Donald Trump’s national security adviser could reveal classified information and damage U.S. signals intelligence collection if published, the National Security Agency Director, Gen. Paul Nakasone, said Wednesday. “At the request of the National Security Council legal adviser I have reviewed a limited portion of [Bolton]’s draft manuscript, and have identified classified information in that portion of the manuscript,” Nakasone said in a signed affidavit. “Compromise of this information could result in the permanent loss of a valuable SIGINT [signals intelligence] source and cause irreparable damage to the U.S. SIGINT system.” Nakasone’s assessment of Bolton’s book was filed Wednesday in U.S. District Court in Washington alongside an emergency Department of Justice filing seeking to block the release of Bolton’s book. The Trump administration sued Bolton on Tuesday in an attempt to delay the memoir’s publication, alleging that his book contained classified information and that […]

The post Bolton book could cause ‘irreparable damage’ to U.S. signals intelligence, NSA Director says appeared first on CyberScoop.

Continue reading Bolton book could cause ‘irreparable damage’ to U.S. signals intelligence, NSA Director says→

Federal agencies recommend blocking Hong Kong-US undersea cable over national security concerns

Posted on June 18, 2020 by Shannon Vavra

The Departments of Defense, Justice, and Homeland Security urged U.S. regulators to block an application for an undersea cable connection between Hong Kong and the U.S. over concerns that it could expose sensitive communications to the Chinese government. The federal agencies, known as Team Telecom or the Telecom Committee, on Wednesday recommended the Federal Communications Commission deny the Pacific Light Cable Network (PLCN) undersea cable connection between the U.S. and Hong Kong amid concerns surrounding the Chinese government-linked ownership of the PLCN. A significant investor in the PLCN, Pacific Light Data Co. Ltd., is a subsidiary of the fourth largest telecommunications services provider in China, Dr. Peng Telecom & Media Group Co. Ltd., according to the Justice Department. U.S. intelligence officials have maintained that Chinese intelligence laws can make it compulsory for companies in China to comply with Beijing’s intelligence requests. “The Committee’s recommendation was based on … Dr. Peng Group’s relationship with [People’s Republic of China] […]

The post Federal agencies recommend blocking Hong Kong-US undersea cable over national security concerns appeared first on CyberScoop.

Continue reading Federal agencies recommend blocking Hong Kong-US undersea cable over national security concerns→

In reversal, Zoom says all users will have access to end-to-end encryption

Posted on June 17, 2020 by Shannon Vavra

Zoom has decided it will be able to offer end-to-end encryption to both free and paid users after all, reversing a recent decision that would have limited the feature to paid users, company founder Eric S. Yuan announced Wednesday. “Since releasing the draft design of Zoom’s end-to-end encryption (E2EE) on May 22, we have engaged with civil liberties organizations, our CISO council, child safety advocates, encryption experts, government representatives, our own users, and others to gather their feedback on this feature. We have also explored new technologies to enable us to offer E2EE to all tiers of users,” Yuan writes in a company blog. In order to gain access to end-to-end encryption, users will have to provide additional information, such as verifying their cell phone number through a text message, Yuan said. Yuan previously said that the earlier decision was rooted in the idea that Zoom should be able to share information with law […]

The post In reversal, Zoom says all users will have access to end-to-end encryption appeared first on CyberScoop.

Continue reading In reversal, Zoom says all users will have access to end-to-end encryption→

Research shows human rights activists in India were targeted with spyware, including NSO’s Pegasus

Posted on June 15, 2020 by Shannon Vavra

Human rights activists in India were targeted by a coordinated spyware campaign from January to October of 2019, according to research published Monday by Amnesty International and the University of Toronto’s Citizen Lab. Nine activists in total were targeted, eight of which have been calling for the release of 11 people jailed during protests related to the violent uprising in Bhima Koregaon, India in 2018. The targets were sent spearphishing emails with malicious links and files that, if clicked, would infect the victims’ computers with spyware capable of tracking their communications. Three of the activists were targeted by Pegasus, a notorious spyware program developed by Israeli surveillance software firm NSO Group, according to Amnesty and Citizen Lab. Human rights defenders in India have been victimized by spyware in the past. But the research shows that surveillance software has been leveraged multiple times against activists linked to the Bhima Koregaon activists. One […]

The post Research shows human rights activists in India were targeted with spyware, including NSO’s Pegasus appeared first on CyberScoop.

Continue reading Research shows human rights activists in India were targeted with spyware, including NSO’s Pegasus→