Author Archives: Shannon Vavra

Reality Winner seeks clemency for leaking NSA report on Russian hacking attempts

Posted on by

Former National Security Agency contractor Reality Winner is asking President Donald Trump to grant her clemency after she was sent to prison for leaking government secrets about Russian hacking. Winner was sentenced in 2018 after she allegedly mailed classified information from the NSA to The Intercept that explained how Russian hackers sent spearphishing emails to a voting software supplier and local election officials prior to the 2016 elections. Winner pleaded guilty at the time, and was sentenced to more than five years, the longest-ever term imposed by a federal court in a case of leaked government information to the media. Winner and her lawyer, who has submitted a formal petition for commutation at the Department of Justice, are asking Trump to “do the right thing” and “forgive our truth tellers” in the midst of foreign attacks against the U.S. political processes. “Our country was attacked by a hostile foreign power,” Winner’s attorney, Alison Grinter, […]

The post Reality Winner seeks clemency for leaking NSA report on Russian hacking attempts appeared first on CyberScoop.

Continue reading Reality Winner seeks clemency for leaking NSA report on Russian hacking attempts

Pentagon, FBI, DHS to jointly expose a North Korean hacking effort

Posted on by

The Pentagon, FBI, and Department of Homeland Security plan to publicly identify a North Korean hacking campaign as part of a broad information sharing program intended to warn industry against adversarial hacking, CyberScoop has learned. The public disclosure is expected to include details about at least seven different malware samples linked with North Korean hacking efforts. The samples point to cyber-espionage activities carried out by an actor the U.S. refers to as Hidden Cobra, which officials have previously associated with the North Korean government. The files detailed use tools meant to steal data, create and delete files and capture screenshots, according to a person who has viewed the U.S. malware analysis report (MAR). The Department of Defense is expected to add details about the malware to the Virus Total malware repository Friday. The decision marks the first time the Pentagon’s Cyber Command will identify North Korean hacking efforts by name. The report, […]

The post Pentagon, FBI, DHS to jointly expose a North Korean hacking effort appeared first on CyberScoop.

Continue reading Pentagon, FBI, DHS to jointly expose a North Korean hacking effort

Class action lawsuit filed against two Puerto Rican hospitals for alleged ransomware attacks

Posted on by

A class action lawsuit was filed earlier this week in the U.S. District Court for the District of Puerto Rico against two hospitals for what plaintiffs are calling “reckless and negligent violation of patient privacy rights” in light of alleged ransomware attacks that hit the hospitals last year. The alleged ransomware attacks, which took place in February last year at the Pavía Hospital Santurce and Pavía Hospital Hato Rey hospitals, affected 305,737 people, according to Department of Health and Human Services records. The plaintiffs, both former patients of the hospitals, allege patients’ personal identifying information, including full names, addresses, dates of birth, gender, financial information, and social security numbers, were exposed as a result of the attacks. These records also constitute protected health information as designated by HIPAA. “These patients reasonably expect the highest level of protection for their private identifiable information, when giving highly sensitive information such as their Social Security […]

The post Class action lawsuit filed against two Puerto Rican hospitals for alleged ransomware attacks appeared first on CyberScoop.

Continue reading Class action lawsuit filed against two Puerto Rican hospitals for alleged ransomware attacks

Trump administration wants private sector to do more to counter foreign intelligence efforts

Posted on by

The Trump administration’s counterintelligence strategy, released Monday, aims for stronger collaboration between the intelligence community and the private sector on detecting and stopping foreign intelligence threats to U.S. entities. The plan, which President Donald Trump approved in early January, emphasizes a longstanding government argument that the private sector must do more to prevent foreign espionage. As state-sponsored hackers target more U.S. companies, corporate America should prioritize preparations to stifle similar attacks in the future, the director of the National Counterintelligence and Security Center, Bill Evanina, told reporters at a briefing Monday. “A hostile nation state attack on a private U.S. company … is a counterintelligence attack on our nation,” he said. The NCSC is part of the Office of the Director of National Intelligence. Earlier on Monday the Department of Justice announced charges against four members of the Chinese People’s Liberation Army for allegedly hacking into Equifax to steal information about roughly 147 million Americans. Prosecutors also alleged […]

The post Trump administration wants private sector to do more to counter foreign intelligence efforts appeared first on CyberScoop.

Continue reading Trump administration wants private sector to do more to counter foreign intelligence efforts

Obama administration ‘not well-postured’ to counter Russian election interference, Senate committee finds

Posted on by

The Senate Intelligence Committee has concluded that the Obama administration’s response to Russian election interference during the 2016 presidential election campaign was largely hamstrung by partisan concerns and a difficulty understanding the true scope of Russian capabilities and intentions, according to a new bipartisan report issued Thursday. The report broadly addresses information-sharing issues, why a delay in definitive attribution to Russia took place and fears about undermining Americans’ trust in election processes. It’s the latest installment of the Senate Intelligence Committee’s findings from its probe into Russia’s efforts, and comes after two prior reports on election security and Russia’s information operations. Siloed understanding of cyber issues The administration was caught off-guard by the concept of Russian cyber-operations pivoting from espionage to more disruptive measures, the report found. “Witnesses interviewed by the committee consistently said that Russian cyber activity was a well-known issue within the administration, however hardly any administration officials had […]

The post Obama administration ‘not well-postured’ to counter Russian election interference, Senate committee finds appeared first on CyberScoop.

Continue reading Obama administration ‘not well-postured’ to counter Russian election interference, Senate committee finds

500,000 victims pummeled in multi-stage BitBucket malware scheme

Posted on by

An ongoing campaign from an unidentified threat actor has been deploying seven different kinds of malware — including ransomware — at once against an estimated 500,000 targets over the past couple of months to steal as much money as possible, according to new research from Cybereason. The different kinds of malware deployed from just this one actor — which allows them to steal sensitive browser data, cookies, system information, two-factor authentication token information to bypass 2FA, and cryptocurrency from digital wallets — is “unprecedented,” Lior Rochberger, a security analyst at Cybereason, and Assaf Dahan, the head of threat research at Cybereason. The two released their findings on Wednesday. “The combination of so many different types of malware exfiltrating so many different types of data can leave organizations unworkable,” Rochberger and Dahan write. “This threat is able to compromise system security, violate user privacy, harm machine performance, and cause great damage to individuals and corporations […]

The post 500,000 victims pummeled in multi-stage BitBucket malware scheme appeared first on CyberScoop.

Continue reading 500,000 victims pummeled in multi-stage BitBucket malware scheme

The National Security Agency’s general counsel is leaving his position

Posted on by

Glenn Gerstell, the National Security Agency’s general counsel, is leaving the agency, CyberScoop has learned. “It was truly an honor to be able to serve this agency and play a part in keeping our nation safe. This has easily been the best job I have had,” Gerstell said in an email. “My earlier private sector legal career was fulfilling, but nothing compares to the satisfaction of public service, especially confronting some of the most critical challenges facing our country – terrorism, aggression by overseas authoritarian regimes and cyber maliciousness.” After nearly five years spent advising two NSA directors, former NSA Director Adm. Michael Rogers and current NSA Director Gen. Paul Nakasone, Gerstell will be a senior adviser at the Center for Strategic & International Studies (CSIS) starting next month. There, he will write on “the role of technology, coping with a rising China and privacy in the digital era,” he said in the […]

The post The National Security Agency’s general counsel is leaving his position appeared first on CyberScoop.

Continue reading The National Security Agency’s general counsel is leaving his position

DOD contractor Electronic Warfare Associates hit with Ryuk ransomware

Posted on by

Electronic Warfare Associates (EWA), a government contractor that works with the Department of Defense, Department of Justice, and Department of Homeland Security, has been hit with a ransomware attack, CyberScoop has learned. EWA’s CEO and president, Carl Guerreri, confirmed the infection in a Thursday interview with CyberScoop, but wouldn’t reveal further details. He declined to comment on how much of the company’s network was currently down, when the initial ransomware infection had taken place, what the initial infection vector was, or when EWA notified law enforcement. “I don’t want to give out any details for security reasons,” Guerreri told CyberScoop. “We’re coordinating with law enforcement.” The company was hit with Ryuk ransomware, according to security researchers who spoke with ZDNet, which first reported the infection. Guerreri doesn’t know how much money attackers are demanding, but said EWA has no plans to pay a ransom. “I had no intention of paying anything so I didn’t even […]

The post DOD contractor Electronic Warfare Associates hit with Ryuk ransomware appeared first on CyberScoop.

Continue reading DOD contractor Electronic Warfare Associates hit with Ryuk ransomware

Department of Interior grounding drone fleet over cybersecurity concerns

Posted on by

The secretary of the Interior issued an order Wednesday grounding all of the Department of the Interior’s non-emergency drones so the agency can assess potential cybersecurity concerns before operating the devices any further. “Drones for non-emergency operations will remain grounded while the Interior Department reviews the possibility of potential threats and ensures a secure, reliable and consistent drone policy that advances our mission while keeping America safe,” a Department of Interior (DOI) spokesperson said. The order, which will be temporary, “is intended to better ensure the cybersecurity and supply of American technology of unmanned aircraft systems,” according to the order. Part of the DOI’s concern is that information on American energy, transportation, and defense infrastructure collected by DOI drones “has the potential to be valuable to foreign entities, organizations, and governments,” the order says. While DOI grounded a fleet of approximately 800 Chinese-made drones last October, this order is intended to […]

The post Department of Interior grounding drone fleet over cybersecurity concerns appeared first on CyberScoop.

Continue reading Department of Interior grounding drone fleet over cybersecurity concerns

As adversaries get craftier, Marine Corps cyber official touts appeal of zero-trust security

Posted on by

As the Department of Defense tries to be more proactive about preventing hackers from gaining access to its networks, the Marine Corps is working to implement zero-trust security, a top Marine Corps cybersecurity official said Tuesday. Under the approach, a network never trusts users or devices automatically, and they must meet certain security standards, such as multi-factor authentication, before connecting. For military agencies, zero trust could help reframe how they think about digital adversaries, said Renata Spinks, the cyber technology officer for the Marine Corps Forces Cyberspace Command. “In some cases today we’re very reactive. A breach occurs, we get an alert, and then we do incident response. Looking at user credentials … configuration policies, and procedures” could get the Pentagon one step ahead of would-be attackers, Spinks said at the Zero Trust Security Summit presented by Duo Security and produced by CyberScoop and FedScoop The Department of Defense has already begun working on implementing this […]

The post As adversaries get craftier, Marine Corps cyber official touts appeal of zero-trust security appeared first on CyberScoop.

Continue reading As adversaries get craftier, Marine Corps cyber official touts appeal of zero-trust security