Category Archives: attribution

The latest attempt by the State Department to set behavior norms

Posted on by

Following lawmakers’ calls for the Trump administration to lay out a clear cyber deterrence strategy, the State Department has proposed developing a broader set of consequences that the government can impose on adversaries to ward off cyberattacks. The unclassified version of the State Department’s deterrence recommendations, published Thursday, calls for the U.S. to work with allies to inflict “swift, costly, and transparent consequences” on foreign governments that use “significant” malicious cyber activity to harm U.S. interests. To do that, the U.S. government needs to clearly and publicly outline the malicious activity it seeks to deter, according to the State Department report, which was required by a 2017 White House executive order. The document doesn’t go into detail on deterrence tools, but U.S. officials have said that sanctions, indictments, publicly attributing attacks, and covert offensive operations are all on the table. Dating back to the Obama administration, lawmakers have urged the executive branch to delineate a […]

The post The latest attempt by the State Department to set behavior norms appeared first on Cyberscoop.

Continue reading The latest attempt by the State Department to set behavior norms

U.K. attorney general: Allies must collaborate on attribution of international cyberattacks

Posted on by

Britain’s top prosecutor says that countries need to work together to determine the identity of attackers behind cross-border cyberattacks. In a Wednesday speech at the Royal Institute of International Affairs, a British think tank, U.K. Attorney General Jeremy Wright made the case that the world needs to do more to make sure that international law is enforced when it comes to cybercrime. To that end, he argued that the U.K. and its allies should make attribution a priority. “Cyberspace is not – and must never be – a lawless world. It is the U.K.’s view that when states and individuals engage in hostile cyber-operations, they are governed by law just like activities in any other domain,” Wright said. “The question is not whether or not international law applies, but rather how it applies and whether our current understanding is sufficient.” In his speech, Wright went at length to legally justify […]

The post U.K. attorney general: Allies must collaborate on attribution of international cyberattacks appeared first on Cyberscoop.

Continue reading U.K. attorney general: Allies must collaborate on attribution of international cyberattacks

Lawmakers call for action following revelations that APT28 posed as ISIS online

Posted on by

The world got a fresh reminder Tuesday of the difficulties associated with assigning blame for hacking – and of the consequences when a case of mistaken identity takes hold. New evidence reinforces the notion that a group dubbed the CyberCaliphate, which sent death threats to the wives of U.S. military personnel in 2015 under the banner of the Islamic State, is actually an infamous Russian-government-linked hacking group accused of meddling in the 2016 U.S. presidential election, the Associated Press reported. Activity from the CyberCaliphate coincided with attempts by the Russian group, known as APT28 or Fancy Bear, to breach the womens’ email accounts, according to the Associated Press. The episode brings to life established links between the CyberCaliphate and APT28 in a way that no cybersecurity research did. The hacking victims were led to believe that jihadists, and not state-backed Russians, were breaching their accounts and leaving threatening messages. Amy […]

The post Lawmakers call for action following revelations that APT28 posed as ISIS online appeared first on Cyberscoop.

Continue reading Lawmakers call for action following revelations that APT28 posed as ISIS online

Understanding the Relationship Between AI and Cybersecurity

Posted on by

While some observers fear a Skynet-esque future of malicious, self-aware machines, Dudu Mimran envisions a world in which AI and cybersecurity work together to keep emerging threats in check.

The post Understanding the Relationship Between AI and Cybersecurity appeared first on Security Intelligence.

Continue reading Understanding the Relationship Between AI and Cybersecurity

Russians Hacked the Olympics

Posted on by

Two weeks ago, I blogged about the myriad of hacking threats against the Olympics. Last week, the Washington Post reported that Russia hacked the Olympics network and tried to cast the blame on North Korea. Of course, the evidence is classified, so there’s no way to verify this claim. And while the article speculates that the hacks were a retaliation… Continue reading Russians Hacked the Olympics

Ukraine blames infamous Russian hackers for ‘BadRabbit’ ransomware attack

Posted on by

A group of hackers believed to be associated with Russia’s Main Intelligence Directorate (GRU), better known as APT28 or Fancy Bear, was responsible for last week’s international ransomware attack dubbed “BadRabbit,” according to Ukraine’s top law enforcement agency, the Security Service of Ukraine (SBU). In a letter sent to CyberScoop on Wednesday, SBU officials laid blame on APT28 for launching the massive, coordinated attack that disrupted business operations for hundreds of organizations based in Ukraine and Russia. Victims included multiple Russian news outlets, government organizations in both countries and Ukrainian transportation services. An official with Ukraine’s state cyber police announced Thursday, as part of an interview with Reuters, that the hackers behind BadRabbit intended for the ransomware to effectively act as a smokescreen while they simultaneously sent highly targeted phishing emails to several organizations. The phishing emails were designed to gain access to “financial and confidential information.” The state cyber police did not […]

The post Ukraine blames infamous Russian hackers for ‘BadRabbit’ ransomware attack appeared first on Cyberscoop.

Continue reading Ukraine blames infamous Russian hackers for ‘BadRabbit’ ransomware attack

Early evidence suggests ties between Russian hackers and ‘BadRabbit’ attack

Posted on by

A software toolkit used in an expansive cyberattack that affected hundreds of organizations across Eastern Europe Tuesday has been linked to a hacking group known as BlackEnergy APT or Telebots, security researchers tell CyberScoop. This threat actor was also responsible for a similar attack dubbed “NotPetya” which largely affected Ukraine and was designed to wipe data from computers rather than collect ransoms when it was executed in June. Experts say BlackEnergy APT acts in the interests of the Kremlin. In the past, the group has repeatedly attacked Ukrainian organizations, including the country’s critical infrastructure sector. The latest variant of ransomware flooding across Europe is named “BadRabbit.” It requires that victims infected with the malware send bitcoin to an anonymous digital wallet in order to unlock their systems — until payment is received, affected computers remain largely unusable. “It appears that the two [ransomware] attacks are connected,” said Costin Raiu, director of the Global Research […]

The post Early evidence suggests ties between Russian hackers and ‘BadRabbit’ attack appeared first on Cyberscoop.

Continue reading Early evidence suggests ties between Russian hackers and ‘BadRabbit’ attack

All this EternalPetya stuff makes me WannaCry

Posted on by

Get more background on the EternalPetya ransomware. Learn about its origin, attribution, decryption, and the methods of infection and propagation.
Categories:
Cybercrime
Malware
Tags: attributiondecryptionDoublePulsarEternalBlueEternalPetyaEternalRom… Continue reading All this EternalPetya stuff makes me WannaCry