chris krebs – Page 3 – WindowsTechs.com

Volunteer cybersecurity pros say they’ve stymied hacks against health care organizations

Posted on April 21, 2020 by Sean Lyngaas

A volunteer group of cybersecurity professionals formed to protect computer networks during the coronavirus pandemic says it has helped dismantle nearly 3,000 malicious internet domains and identified more than a 2,000 software vulnerabilities in health care institutions around the world. “The threats are coming in like a firehose; as fast as we can take things down, there are new [threats] there,” said Marc Rogers, who is an executive with cybersecurity company Okta and one of the founders of the volunteer group. Known as the Cyber Threat Intelligence (CTI) League, the group’s membership has soared from a few dozen since its founding last month to some 1,400 people in 76 countries today. Security specialists from technology giants like Microsoft are members, and the group says it has formed close connections with law enforcement agencies. Their services are in high demand as health care organizations strain to deal with COVID-19, which has killed more […]

The post Volunteer cybersecurity pros say they’ve stymied hacks against health care organizations appeared first on CyberScoop.

Continue reading Volunteer cybersecurity pros say they’ve stymied hacks against health care organizations→

Super Tuesday gives feds and states a test run for securing November vote

Posted on March 4, 2020 by Sean Lyngaas

Federal and state officials were up late Tuesday monitoring for threats from hackers and trolls to the biggest primary day of the 2020 election season. A watch floor at the Department of Homeland Security kept election administrators across the country plugged into threat data coming in from the intelligence community. While there were some notable technical glitches in the voting process, nothing malicious came to pass. Bleary-eyed officials can go back to work Wednesday with a sigh of relief but also some lessons learned on how to protect the November presidential vote, which U.S. officials have repeatedly warned will draw foreign interference attempts. “We had well over 100 state and local officials in the room with us exchanging information with us throughout the day,” a senior official at the Department of Homeland Security’s cybersecurity division said on a 9 p.m. Eastern call with reporters. “[There are] ways that we can improve […]

The post Super Tuesday gives feds and states a test run for securing November vote appeared first on CyberScoop.

Continue reading Super Tuesday gives feds and states a test run for securing November vote→

Russian interference in 2016 election allowed for better information sharing, top DHS cyber official says

Posted on February 25, 2020 by Shannon Vavra

There was a time when the National Security Agency and the Department of Homeland Security primarily kept to themselves when it came to information sharing. That time is in the past. Two top government cybersecurity officials — Director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, and Anne Neuberger, the director of the NSA’s Cybersecurity Directorate — said Monday that information sharing and collaboration on cybersecurity issues has dramatically improved in recent years. “I really honestly think four-to-five years ago having a CISA … or NSA person sitting next to each other talking about how great things are — you would think you were in a really bizarre time,” Krebs said while speaking at San Francisco CyberTalks, an event produced by CyberScoop. “I don’t think we really had as close a partnership as it could have been.” Why has the relationship improved? Krebs said he attributes the bolstered collaboration between […]

The post Russian interference in 2016 election allowed for better information sharing, top DHS cyber official says appeared first on CyberScoop.

Continue reading Russian interference in 2016 election allowed for better information sharing, top DHS cyber official says→

As Iowa caucuses loom, states drill with feds to protect 2020 elections

Posted on January 31, 2020 by Sean Lyngaas

With the Iowa caucuses just days away, state election officials from around the country gathered this week in Washington, D.C., to drill for cyberattacks, study ransomware and learn how to work with ethical hackers. The level of collaboration was unthinkable four years ago, when Russia-backed hackers and trolls interfered to the electoral process. Then, it took many months for federal officials to notify states that their systems had been targeted, and states bristled at the Department of Homeland Security’s 2017 designation of election systems as critical infrastructure. Now, federal and state officials are mapping out how a foreign adversary might try to undermine the democratic process, and practicing how they would thwart those attacks. “We’re light years ahead today from where we were [in the aftermath of 2016]” Mac Warner, the secretary of state of West Virginia, said Thursday at the National Association of Secretaries of State conference. Warner said […]

The post As Iowa caucuses loom, states drill with feds to protect 2020 elections appeared first on CyberScoop.

Continue reading As Iowa caucuses loom, states drill with feds to protect 2020 elections→

DHS official briefs senators on state ransomware threats in classified meeting

Posted on December 4, 2019 by Sean Lyngaas

The head of the Department of Homeland Security’s cybersecurity division on Wednesday provided senators with a classified briefing on ransomware attacks, the latest indication of the threat the file-locking malware poses to state and local governments. Chris Krebs, director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), briefed the Senate Cybersecurity Caucus, a bipartisan group of lawmakers led by Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo. The newest member of the caucus, Sen. Maggie Hassan, D-N.H., confirmed the briefing in a statement. “From ransomware attacks on local hospitals to a hack of federal government records, cyberattacks pose a serious threat to our communities and national security,” Hassan said. In the last few years, poorly secured U.S. businesses, schools, and local governments have lost millions of dollars after ransomware infections. Over 100 public-sector ransomware attacks have been reported in 2019 alone, double the amount in 2018. This classified briefing followed an unprecedented, closed-door summit held by […]

The post DHS official briefs senators on state ransomware threats in classified meeting appeared first on CyberScoop.

Continue reading DHS official briefs senators on state ransomware threats in classified meeting→

NSA: ‘We know we need to do some work’ on declassifying threat intel

Posted on October 24, 2019 by Shannon Vavra

One of the National Security Agency’s newly minted Cybersecurity Directorate’s goals is quickly share information on adversarial threats with the private sector — but the process for doing that needs to be refined, the directorate’s leader said Thursday. “The process in place today is where we know we need to do some work,” Anne Neuberger said while speaking at CyberTalks, produced by CyberScoop. “When we find indications of a threat, we see planning to execute a particular operation, or we see the operation being executed. [But] because we learn about it in a classified way, we treat it as classified.” Part of the difficulty the NSA faces is adversaries often run operations and then discard their compromised infrastructure, making a protracted declassification process near useless since “indicators of compromise pretty much they have a ticking time clock for how useful they are,” Neuberger said. The new directorate, which started operations […]

The post NSA: ‘We know we need to do some work’ on declassifying threat intel appeared first on CyberScoop.

Continue reading NSA: ‘We know we need to do some work’ on declassifying threat intel→

Mistrust lingers between government, industry on cyber information sharing

Posted on October 24, 2019 by Jeff Stone

Sharing cybersecurity information between the government and private sector won’t do much good if neither side trusts the other. “Information sharing” for a generation has been proposed as a solution by executives in corporate America and agency leaders in Washington as a necessary step in helping both sides keep ahead of hackers. The quick, reliable transmission of threat data, attacker objectives and the latest techniques for stealing U.S. secrets should be a key component of how security teams in the public and private sectors protect their systems. In order for that to work, decision-makers need to understand the incentives that make sharing their own threat information worth the effort. More than six years after former National Security Agency contractor Edward Snowden started leaking documents detailing government espionage on U.S.-built technology, there’s still a lingering sense of unease between Washington and Silicon Valley, Matt Olsen, chief trust and security officer at […]

The post Mistrust lingers between government, industry on cyber information sharing appeared first on CyberScoop.

Continue reading Mistrust lingers between government, industry on cyber information sharing→

Feds plan to use SecureDrop as a vulnerability reporting portal

Posted on August 9, 2019 by Sean Lyngaas

The U.S. government is experimenting with a secure and anonymous portal for reporting software vulnerabilities to encourage closer collaboration with ethical hackers. The initiative is a recognition of the lingering reluctance that some security researchers have felt in flagging bugs for federal officials, despite a longstanding program run by the Department of Homeland Security. The project would use SecureDrop, the open-source software that some news organizations rely on for anonymous tips, to submit vulnerability information. It is aimed at the tinkerers and hackers who, out of fear – whether founded or not – of legal repercussions, do not report the bugs they find. “We don’t know how many people are withholding [vulnerabilities]….or monetizing because they have no other avenue” to report them, said Jeff Moss, a backer of the project and the founder of the DEF CON hacking conference, where the initiative was announced Friday. The plan is for DEF […]

The post Feds plan to use SecureDrop as a vulnerability reporting portal appeared first on CyberScoop.

Continue reading Feds plan to use SecureDrop as a vulnerability reporting portal→

From exploits to honeypots: How the security community is preparing for BlueKeep’s moment of truth

Posted on July 8, 2019 by Sean Lyngaas

Two years after the WannaCry ransomware wreaked havoc on the internet, security professionals are having a grim case of déjà-vu. They’ve tallied the internet-facing computers that aren’t patched for BlueKeep, a vulnerability in old Microsoft Windows operating systems, and wonder when that negligence will come home to roost. “I think everyone is in agreement that once exploits for this are public, it’s going to be bad,” Craig Williams, Cisco Talos’ director of outreach, told CyberScoop. The BlueKeep vulnerability is in Remote Desktop Services, a popular Windows program that grants remote access to computers for administrative purposes. By abusing that remote access, a hacker could delete data or install a new program on a system. “Every CISO right now should have a plan already written down to deal with BlueKeep once the exploit starts surfacing,” Williams said. Organizations need layered defenses so that any BlueKeep-based infection “doesn’t spread like wildfire behind what you […]

The post From exploits to honeypots: How the security community is preparing for BlueKeep’s moment of truth appeared first on CyberScoop.

Continue reading From exploits to honeypots: How the security community is preparing for BlueKeep’s moment of truth→

DHS assessment of foreign VPN apps finds security risk real, data lacking

Posted on May 28, 2019 by Sean Lyngaas

The risk posed by foreign-made virtual private network (VPN) applications must be accounted for — even if government device users have avoided such apps — because adversaries are interested in exploiting the software, according to a senior Department of Homeland Security official. “Open-source reporting indicates nation-state actors have demonstrated intent and capability to leverage VPN services and vulnerable users for malicious purposes,” Chris Krebs, director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), wrote in a May 22 letter to Sen. Ron Wyden, D-Ore., obtained by CyberScoop. There is no overarching U.S. policy preventing government mobile device users from downloading foreign VPN apps, according to Krebs. “Even with the implementation of technical solutions, if a U.S. government employee downloaded a foreign VPN application originating from an adversary nation, foreign exploitation of that data would be somewhat or highly likely,” Krebs wrote. “This exploitation could lead to loss of data integrity and confidentiality […]

The post DHS assessment of foreign VPN apps finds security risk real, data lacking appeared first on CyberScoop.

Continue reading DHS assessment of foreign VPN apps finds security risk real, data lacking→