Author Archives: Shannon Vavra

Facebook takes down Russian-linked disinformation targeting Ukraine

Posted on by

In its latest effort to root out disinformation on its platform, Facebook announced it is taking down 97 pages, groups, and accounts emanating from Russia and targeting Ukraine that attempted to conceal who was behind them. Facebook’s head of cybersecurity policy Nathaniel Gleicher clarified that Facebook was taking them down because of their manipulative behavior and not due to the content they were posting. The groups, accounts, and pages posted primarily about political topics of local concern in Ukraine, such as the conflict in Eastern Ukraine, the conflict in Syria, Russian politics, and European politics, Gleicher said in a blog post. The actors used fake accounts to disseminate information and also worked to redirect users to an external site that posted on similar topics. In one case up to 34,000 users followed a page coordinating disinformation, and in another, up to 86,000 accounts joined one of the groups. Ben Nimmo, who […]

The post Facebook takes down Russian-linked disinformation targeting Ukraine appeared first on CyberScoop.

Continue reading Facebook takes down Russian-linked disinformation targeting Ukraine

It was ‘inevitable’ that bombs would fall in response to a cyberattack

Posted on by

Israel Defense Forces announced Sunday it had launched airstrikes on a building allegedly housing a number of Hamas soldiers that were preparing to launch a cyberattack against Israel. The IDF, which launched the airstrike jointly with the Israel Security Authority, did not detail the alleged cyberattack and other offensive capabilities Hamas was developing but it said it had neutralized the attack before launching the airstrikes. The incident marks the first time a government has publicly announced it has immediately responded to a cyberattack by launching a “kinetic attack,” a military term that describes the use of lethal force. Although this marks a first in cyberwarfare, Paul Rosenzweig, a former deputy assistant secretary for policy at the U.S. Department of Homeland Security, tells CyberScoop it’s not a surprising outcome. “We mistakenly tend to think that the cyber domain exists apart from the physical world, but it doesn’t,” Rosenzweig, a senior fellow at […]

The post It was ‘inevitable’ that bombs would fall in response to a cyberattack appeared first on CyberScoop.

Continue reading It was ‘inevitable’ that bombs would fall in response to a cyberattack

China making ‘rapid progress’ on potency of cyber-operations, Pentagon says

Posted on by

China’s cyber-theft and cyber-espionage operations are accelerating to the point that they can “degrade core U.S. operational and technological advantages,” according to a congressionally mandated assessment of the Chinese military the Pentagon issued Friday. Last year, for example, Chinese intelligence officers were indicted for allegedly conspiring to steal technological information on turbofan engines. China’s efforts to steal sensitive U.S. military-grade equipment more broadly targeted aviation and antisubmarine warfare technologies last year. “The threat and the challenge is persistent. The Chinese remain very aggressive in their use of cyber,” Assistant Secretary of Defense Randall G. Schriver said Friday during a press briefing on the report. China’s efforts to boost its technological prowess go beyond thefts and intrusions, the Pentagon said. Beijing also leverages its intelligence services and Chinese nationals’ access to technologies to try building up its military capabilities while checking adversaries’, the report notes. And although the Pentagon assesses that China believes its capabilities and personnel “lag […]

The post China making ‘rapid progress’ on potency of cyber-operations, Pentagon says appeared first on CyberScoop.

Continue reading China making ‘rapid progress’ on potency of cyber-operations, Pentagon says

Trump emphasizes federal cybersecurity workforce, education programs in new executive order

Posted on by

The White House is rolling out an executive order that is intended to bolster the nation’s cybersecurity workforce, senior administration officials told reporters on a call Thursday. The officials detailed a document that includes provisions geared toward the federal government’s employees, as well as education and career development initiatives for the U.S. workforce in general. The goal is to build a “superior cybersecurity workforce,” one official said. The White House wants to create a President’s Cybersecurity Cup competition that “will identify, challenge, and reward the government’s best personnel supporting cybersecurity and cyber excellence,” the officials said. Other elements include allowing cybersecurity employees to rotate among agencies, and using new cybersecurity aptitude tests as part of efforts to reskill federal workers. The employee-rotation idea already has bipartisan support on Capitol Hill, with Senate passage earlier this week of a bill that would put it into action. The Trump administration has embraced reskilling for awhile, too: A program to […]

The post Trump emphasizes federal cybersecurity workforce, education programs in new executive order appeared first on CyberScoop.

Continue reading Trump emphasizes federal cybersecurity workforce, education programs in new executive order

Dutch intelligence warns of escalating Russian, Chinese cyberattacks in the Netherlands

Posted on by

Russia and China have intensified their offensive cyber-espionage efforts in the Netherlands, the Dutch domestic intelligence service (AIVD) announced this week in its annual report of 2018. While Chinese cyber spies have sought to steal intellectual property from Dutch targets, the AIVD noted, Russian hackers and propagandists have worked for years to advance the Kremlin’s geopolitical interests by harassing watchdog and government agencies in the Netherlands. Thiese efforts come amid broader foreign influence and offensive cyber campaigns from Russia, China, and Iran that also target the U.S., which the Office of the Director of National Intelligence said are increasing. Russia has focused on everything from spreading disinformation on the downing of Malaysia Airlines Flight 17 — just as Dutch-led investigators pinpointed the attack on Russia — to attempting to hack into the chemical weapons watchdog, the Organization for the Prohibition of Chemical Weapons in 2018, as Russia was under fire for a chemical weapons attack […]

The post Dutch intelligence warns of escalating Russian, Chinese cyberattacks in the Netherlands appeared first on CyberScoop.

Continue reading Dutch intelligence warns of escalating Russian, Chinese cyberattacks in the Netherlands

NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year

Posted on by

The National Security Agency named the identities of Americans and U.S entities swept up in its foreign surveillance program approximately 75 percent more often last year than the year before, according to a new NSA transparency report. In reports to other federal agencies, the NSA provided the identities of 16,721 individuals or entities to agencies upon request last year, whereas in 2017 it unmasked 9,529. The year-over-year uptick comes as part of an effort to identify the victims of cyberattacks stemming from foreign intelligence agencies, said Alex Joel, chief of the Office of the Director of National Intelligence’s civil liberties, privacy, and transparency office, according to The Wall Street Journal. Although Director of National Intelligence Dan Coats has publicly warned Congress about an increase in malicious cyber activity from countries like China and Russia, Joel told CyberScoop it remains unclear if the spike in unmasking is directly related to a jump in foreign espionage. “I […]

The post NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year appeared first on CyberScoop.

Continue reading NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year

NSA’s Russian cyberthreat task force is now permanent

Posted on by

The task force the National Security Agency and U.S. Cyber Command created last year to thwart Russian influence and cyberattacks on the U.S. is now permanent, spokespeople from both agencies confirmed to CyberScoop. The “Russia Small Group” — whose existence NSA Director Paul Nakasone announced in July of last year, absent guidance from the White House on how to handle Russian cyberthreats — settles in as the White House, Congress and the Pentagon have taken steps to clarify how and when the military should conduct offensive operations in cyberspace. The NSA would not comment on the number of people on the task force, where it is based, or when the operation became permanent. One intelligence official told CyberScoop the group’s new permanent designation, under routine operations, likely marks a surge of incoming resources, just as in any military surge. “We intend to build on this foundation as we prepare with our interagency partners for a broader challenge in the upcoming […]

The post NSA’s Russian cyberthreat task force is now permanent appeared first on CyberScoop.

Continue reading NSA’s Russian cyberthreat task force is now permanent

National Security Council cyber chief: Criminals are closing the gap with nation-state hackers

Posted on by

Cybercriminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, the National Security Council’s senior director for cybersecurity policy said Thursday. “They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, who also holds the title of federal CISO, at the Security Through Innovation Summit presented by McAfee and produced by CyberScoop and FedScoop. Schneider told CyberScoop that he thinks the implants cybercriminals are using in their cyberattacks have been improving. “The actual sophistication of the tool … is better with criminals than we saw in the past.” Steve Grobman, the chief technology officer for McAfee, told CyberScoop that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools. “One of the things we’re seeing on the business-model side is cybercriminals are starting to use innovative processes like franchises — affiliate groups where a cybercriminal will develop technology [and] make it […]

The post National Security Council cyber chief: Criminals are closing the gap with nation-state hackers appeared first on CyberScoop.

Continue reading National Security Council cyber chief: Criminals are closing the gap with nation-state hackers

DNS hacks are attacks on critical infrastructure, senior U.S. diplomat says

Posted on by

Any nation-state behind recent hijackings of Domain Name System (DNS) records should, in theory, be held responsible under the latest cyberwarfare norms agreement made by 20 countries at the UN in 2015, says America’s top cyber diplomat. “One of the norms is disrupting physical infrastructure providing services to the public, and I think that fully encapsulates the internet’s DNS function,” Amb. Robert Strayer told CyberScoop Tuesday on the sidelines of the Atlantic Council’s International Conference on Cyber Engagement. The 2015 UN agreement, outlined in a Group of Government Experts (GGE), affirms that nation-states shouldn’t launch cyberattacks that intend to damage critical infrastructure in other countries. The DNS — which translates human-readable domain names of websites to their machine-readable versions — has a crucial role in directing internet traffic. But subsequent UN talks reportedly fell apart in 2017 over disagreements China and Russia had with the rest of the member states about whether further enhancements to the GGE document would impinge on their right to self-defense in […]

The post DNS hacks are attacks on critical infrastructure, senior U.S. diplomat says appeared first on CyberScoop.

Continue reading DNS hacks are attacks on critical infrastructure, senior U.S. diplomat says

U.S. Cyber Command has shifted its definition of success

Posted on by

U.S. Cyber Command is shifting the way it measures success from solely military outcomes to how the command enables other government agencies to defend against foreign offensive cyber threats. Brig. Gen. Timothy Haugh, who is in charge of Cyber Command’s Cyber National Mission Force, said on Tuesday at an event hosted by the Atlantic Council that success is “not necessarily [about] the department’s outcome,” but is instead about “how can we enable our international partners [and] our domestic partners in industry to be able to defend those things that are critical to our nation’s success.” Haugh said Cyber Command is doing its job right if agencies are taking their own actions: State Department issuing démarches, Department of Homeland Security releasing alerts, and Treasury Department announcing sanctions “based off of information that is derived from our operations.” In the past, Haugh said he believes that these outcomes may not have been considered as wins. […]

The post U.S. Cyber Command has shifted its definition of success appeared first on CyberScoop.

Continue reading U.S. Cyber Command has shifted its definition of success