Author Archives: Tim Starks

‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says

Posted on by

Nearly every country on the planet now has a program to exploit digital vulnerabilities, a top National Security Agency cyber official said Wednesday, and while most are focused on espionage, more are beginning to experiment with more aggressive techniques. Rob Joyce, director of cybersecurity at the NSA, said there’s a lot of focus on China, Iran, North Korea and Russia, but those countries, which he described as the “big four,” are not the only nations weaponizing technology. “Almost every nation in the world now has a cyber exploitation program. The vast majority of those are used for espionage and intelligence purposes,” Joyce said at the Aspen Cyber Summit. “There is interest in dabbling in offensive cyber and outcomes.” Even some smaller nations have proven to be advanced, Joyce said. It’s just that they’re usually more confined in how they pursue their national interests, by things like the amount of money […]

The post ‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says appeared first on CyberScoop.

Continue reading ‘Almost every nation’ now has cyber vulnerability exploitation program, NSA official says

NSA, CISA share guidelines for securing VPNs as hacking groups keep busy

Posted on by

Cautioning that foreign government-backed hackers are actively exploiting vulnerabilities in virtual private network devices, the National Security Agency and the Department of Homeland Security’s cyber wing on Tuesday published guidelines for securing VPNs. While the advice is broad, the NSA and DHS’ Cybersecurity and Infrastructure Security Agency specifically said it would help protect the Defense Department, national security systems and defense contractors against such advanced persistent threat groups, a term that typically refers to state-sponsored hacking groups. The NSA has specifically warned in the past about Chinese hackers exploiting VPN vulnerabilities, as has CISA, but the history of advanced groups seizing on VPN vulnerabilities is far broader and lengthier. “VPN servers are entry points into protected networks, making them attractive targets,” Rob Joyce, director of cybersecurity at the NSA, said on Twitter. “APT actors have and will exploit VPNs.” In one case, the FBI warned in May about hackers leveraging […]

The post NSA, CISA share guidelines for securing VPNs as hacking groups keep busy appeared first on CyberScoop.

Continue reading NSA, CISA share guidelines for securing VPNs as hacking groups keep busy

Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront

Posted on by

A coalition of four nations — Australia, India, Japan and the U.S. — has committed to promoting cybersecurity standards and practices as one of their chief goals, in one of several recent moves from countries widely viewed as a counter to China in cyberspace and elsewhere. The group, which calls itself the Quad, held its first in-person gathering on Friday. when President Joe Biden hosted Prime Minister Scott Morrison of Australia, Prime Minister Narendra Modi of India and Prime Minister Yoshihide Suga of Japan at the White House. “Today, we begin new cooperation in cyberspace and pledge to work together to combat cyber threats, promote resilience and secure our critical infrastructure,” the group said in a joint statement. The group will hold more meetings between its leaders and collaborate with industry on improving in areas like the development of secure software, and building up cybersecurity workforces, according to a fact […]

The post Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront appeared first on CyberScoop.

Continue reading Newly-formed international alliances vow to improve cybersecurity, in moves China sees as affront

EU takes aim at Russia over ‘Ghostwriter’ hacking campaign against politicians, government officials

Posted on by

The European Union formally blamed Russia on Friday, just ahead of this weekend’s German elections, for a hacking campaign targeting EU government officials and politicians. And the EU is threatening to take unspecified action. “The European Union will revert to this issue in upcoming meetings and consider taking further steps,” reads a statement from the high representative of the EU. Known as Ghostwriter, the campaign drawing the EU’s ire has previously taken aim at NATO and launched disinformation efforts as well, according to researchers who have tied its goals to Russian interests but not attributed it to the government. “The European Union and its Member States strongly denounce these malicious cyber activities, which all involved must put to an end immediately,” the EU statement reads. “We urge the Russian Federation to adhere to the norms of responsible state behaviour in cyberspace.” The EU says that Ghostwriter targets in its member […]

The post EU takes aim at Russia over ‘Ghostwriter’ hacking campaign against politicians, government officials appeared first on CyberScoop.

Continue reading EU takes aim at Russia over ‘Ghostwriter’ hacking campaign against politicians, government officials

Biden administration officials push Congress to shape breach reporting mandates

Posted on by

U.S. cybersecurity officials are seeking to put their stamp on cyber incident reporting legislation, wading into debates on Capitol Hill about questions like how swiftly companies must report attacks to federal agencies — and what happens if they don’t. The head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency testified at a Senate hearing Thursday in favor of requiring critical infrastructure owners and operators, federal contractors and agencies to report attacks to CISA within 24 hours of detection. There are three leading proposals in Congress, each with a different timeframe for reporting attacks. The leaders of the Senate Intelligence Committee favor a 24-hour deadline. A draft bill from leaders of the Senate Homeland Security and Governmental Affairs Committee would set the range at between 72 hours and seven days, as determined by CISA. And a draft from leading members of the House Homeland Security Committee proposes leaving […]

The post Biden administration officials push Congress to shape breach reporting mandates appeared first on CyberScoop.

Continue reading Biden administration officials push Congress to shape breach reporting mandates

Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability

Posted on by

ESET said it discovered the group, which has been active since 2019.

The post Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability appeared first on CyberScoop.

Continue reading Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability

Key lawmakers to CISA: Let us send you more money, power

Posted on by

The Department of Homeland Security’s cyber division, a key government agency charged with helping stop and respond to cyberattacks, might be getting ready for a bigger role in the spotlight.  One key House committee advanced legislation in July to give the Cybersecurity and Infrastructure Security Agency an extra $400 million. Then, another committee on Sept. 14 separately advanced its take on legislation that would provide an additional nearly $800 million to the agency, which has a $2 billion total budget in the current fiscal year. Those proposed funds come on top of another extra $650 million that Congress and President Joe Biden already provided to CISA in March through the American Rescue Plan focused on COVID-19 relief. And the recent moves on Capitol Hill to bolster CISA, an agency formally established only three years ago, aren’t limited to cash. Both chambers of Congress are contemplating legislation that would make CISA the […]

The post Key lawmakers to CISA: Let us send you more money, power appeared first on CyberScoop.

Continue reading Key lawmakers to CISA: Let us send you more money, power

Key lawmakers to CISA: Let us send you more money, power

Posted on by

The Department of Homeland Security’s cyber division, a key government agency charged with helping stop and respond to cyberattacks, might be getting ready for a bigger role in the spotlight.  One key House committee advanced legislation in July to give the Cybersecurity and Infrastructure Security Agency an extra $400 million. Then, another committee on Sept. 14 separately advanced its take on legislation that would provide an additional nearly $800 million to the agency, which has a $2 billion total budget in the current fiscal year. Those proposed funds come on top of another extra $650 million that Congress and President Joe Biden already provided to CISA in March through the American Rescue Plan focused on COVID-19 relief. And the recent moves on Capitol Hill to bolster CISA, an agency formally established only three years ago, aren’t limited to cash. Both chambers of Congress are contemplating legislation that would make CISA the […]

The post Key lawmakers to CISA: Let us send you more money, power appeared first on CyberScoop.

Continue reading Key lawmakers to CISA: Let us send you more money, power

Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain

Posted on by

The BlackMatter ransomware gang has struck an Iowa agricultural business, New Cooperative, and is demanding a $5.9 million ransom. Several security researchers first called attention to the hack on Monday, and the company confirmed to Bloomberg that it had been hit with a cyberattack and shut down its systems in response. It’s another big hit against the agriculture industry, following the May ransomware attack on JBS by REvil, a gang that researchers said has ties to BlackMatter. New Cooperative is a grain collective based out of Fort Dodge. In negotiations dated Sept. 19 and posted online, a person speaking on behalf of the company said the attack would cause severe problems in the food supply chain. “We are critical infrastructure – we [sic] intertwined with the food supply chain in the US,” they wrote. “If we are not able to recover very shortly, there is going to be a very […]

The post Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain appeared first on CyberScoop.

Continue reading Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain

Bitdefender releases REvil decryptor as ransomware gang shows signs of return

Posted on by

As law enforcement braces for the revival of the REvil ransomware gang, a cybersecurity firm on Thursday released a free decryption tool for early victims of the criminals. The decryptor, which Bitdefender developed in coordination with an unnamed law enforcement partner, will aid victims hit before July 13. The Romania-based company said it was still in the middle of an investigation with its partner, which agreed to release the decryptor before completing the joint inquiry to help as many victims as possible. Bitdefender has a long history of working with Europol to release tools that help victims of digital extortion sidestep the process of making a payment. “We believe new REvil attacks are imminent after the ransomware gang’s servers and supporting infrastructure recently came back online after a two month hiatus,” Bitdefender wrote in a blog post. According to another cybersecurity firm, Flashpoint, REvil is already fully back in business. […]

The post Bitdefender releases REvil decryptor as ransomware gang shows signs of return appeared first on CyberScoop.

Continue reading Bitdefender releases REvil decryptor as ransomware gang shows signs of return