Christopher Krebs – Page 2 – WindowsTechs.com

As China tensions mount, U.S. officials outline efforts to combat economic espionage

Posted on December 12, 2018 by Sean Lyngaas

In congressional testimony Wednesday, U.S. officials described the vast scope of alleged Chinese theft of American intellectual property and outlined ongoing efforts to counter such threats amid a dispute with Beijing. From 2011 to 2018, more than 90 percent of Justice Department cases claiming economic espionage by a state or for its benefit involved China, Assistant Attorney General John Demers said at a Senate Judiciary Committee hearing. “The [Chinese] playbook is simple: rob, replicate, and replace,” Demers said, describing Beijing’s alleged efforts to build technology-rich companies through stolen American know-how. China is “the most severe counterintelligence threat facing our country today,” said Bill Priestap, assistant director of the FBI’s Counterintelligence Division. The hearing comes at a fraught time for U.S.-China relations on technology, trade, and cybersecurity issues. Secretary of State Mike Pompeo alleged during an interview Wednesday with Fox News that China is responsible for a data breach at Marriott that exposed personal […]

The post As China tensions mount, U.S. officials outline efforts to combat economic espionage appeared first on CyberScoop.

Continue reading As China tensions mount, U.S. officials outline efforts to combat economic espionage→

DHS’s top cyber office is about to get a name that reflects its mission

Posted on October 4, 2018 by Zaid Shoorbajee

The point office on cybersecurity in the Department of Homeland Security is on track for a rebrand. The Senate on Wednesday passed the Cybersecurity and Infrastructure Security Agency Act, which would both codify the office into law and give it a more relevant name. Under the bill, DHS’s National Protection and Programs Directorate (NPPD) would become the Cybersecurity and Infrastructure Security Agency (CISA). DHS established the NPPD in 2007; the legislation is essentially Congress’ official seal of approval. The House is expected to hold a final vote soon, sending the bill to President Donald Trump. NPPD leads the U.S. government’s efforts to secure federal networks and critical infrastructure. The office has also been spearheading the federal government’s election security efforts since the threats that became apparent in 2016. The office coordinates with state and local election offices on information sharing and cybersecurity best practices. “It is ridiculous that DHS needs an act of […]

The post DHS’s top cyber office is about to get a name that reflects its mission appeared first on Cyberscoop.

Continue reading DHS’s top cyber office is about to get a name that reflects its mission→

Two Democratic campaigns hit with DDoS attacks in recent months

Posted on July 9, 2018 by Chris Bing

Hackers have launched distributed denial-of-service attacks against at least two municipal-level Democratic campaigns in 2018, according to two people familiar with the matter. These incidents, which occurred as the campaigns were focused on primary elections, were publicly unknown prior to this report. The malicious cyber-activity did not appear random, sources told CyberScoop. The attacks hit specific campaign websites at important moments, including during online fundraising periods. In another case, a website was hit while a candidate was receiving good publicity after a public speaking event. The sources, who spoke on condition of anonymity to discuss privately held information, say that news of the incidents has already reached the Democrats’ largest campaigning bodies, the Democratic National Committee (DNC) and Democratic Congressional Campaign Committee (DCCC). Sources said they were told about the attacks by campaign officials and not cybersecurity experts, leaving a gap in their understanding of the events. Raffi Krikorian, the […]

The post Two Democratic campaigns hit with DDoS attacks in recent months appeared first on Cyberscoop.

Continue reading Two Democratic campaigns hit with DDoS attacks in recent months→

Krebs: Companies need ‘military-grade’ investments to defend against foreign government hackers

Posted on June 27, 2018 by Sean Lyngaas

Last year was a “seminal year” for nation-state-backed cyberattacks from American adversaries, a top Department of Homeland Security official said Wednesday, adding that companies may need U.S. government support to cope with such advanced threats. “We’ve known for years that there are primarily four nation-state actors that are most active in the cybersecurity space, but push really came to shove” in 2017, Christopher Krebs said Wednesday, referring to China, Iran, North Korea, and Russia. American companies can handle most cyberthreats through their own security investments, but a “military-grade level of investment” is needed to cope with nation-state hackers, Krebs, DHS’s top infrastructure security official, said at a conference in Washington, D.C. Experts say it is very difficult for a company of any size to cope with advanced and well-resourced hackers, but DHS is trying to make the fight less lopsided by providing companies with threat intelligence and risk assessments. Further, basic practices like […]

The post Krebs: Companies need ‘military-grade’ investments to defend against foreign government hackers appeared first on Cyberscoop.

Continue reading Krebs: Companies need ‘military-grade’ investments to defend against foreign government hackers→

Krebs: NPPD must use threat intel better

Posted on June 13, 2018 by Sean Lyngaas

The agency inside the Department of Homeland Security charged with protecting critical infrastructure needs to get better at assessing cyber risk rather than chasing threats, according to a top DHS official. “We have a threat intelligence problem…because we obsess about the threat,” Christopher Krebs said Wednesday at the Cybersecurity Leadership Forum presented by Forcepoint and produced by CyberScoop and FedScoop. “We’re running this way and that way, hunting down every little piece of threat intelligence and reacting without a lot of context.” As an example, Krebs pointed to the Illinois voter registration system that Russian hackers breached ahead of the 2016 presidential election.Even if the hackers had been able to delete voter files, Krebs said, voters would still have been able to cast their ballots by having their registration verified through other records, meaning the risk was manageable. Putting the risk, or lack thereof, of cyberthreats into context is a big task […]

The post Krebs: NPPD must use threat intel better appeared first on Cyberscoop.

Continue reading Krebs: NPPD must use threat intel better→

DHS: ‘Nefarious actors’ could be exploiting SS7 flaw

Posted on June 1, 2018 by Sean Lyngaas

The Department of Homeland Security has received reports that “nefarious actors” may be exploiting cellular communications vulnerabilities to spy on Americans, according to Chris Krebs, a senior DHS official. Cybersecurity experts have warned that longstanding vulnerabilities in the telephony protocol known as Signaling System No. 7 (SS7) could allow spying on callers and interception of their data. Krebs revealed the possible exploitation of SS7 in a May 22 letter to Sen. Ron Wyden, D-Ore., that also said DHS had “received reports from third parties about the unauthorized use” of mobile surveillance devices. The devices in question, known as Stingrays or IMSI catchers, imitate a cell tower to capture caller location and other associated data. They have been used by U.S. law enforcement for years, but their use for foreign espionage and hacking in the U.S. has been a source of speculation. From January to November 2017, DHS deployed sensors in Washington, […]

The post DHS: ‘Nefarious actors’ could be exploiting SS7 flaw appeared first on Cyberscoop.

Continue reading DHS: ‘Nefarious actors’ could be exploiting SS7 flaw→

Sen. Wyden blocks Krebs nomination over Stingray demands

Posted on May 11, 2018 by Sean Lyngaas

Democratic Sen. Ron Wyden has blocked Christopher Krebs’s nomination to be undersecretary for the Department of Homeland Security’s National Protection and Programs Directorate until the department is more forthcoming about its detection of unauthorized mobile surveillance devices, commonly known as Stingrays, in the United States. In a congressional notice Thursday, Wyden said he was objecting to Senate floor consideration of the nomination until the department makes public a presentation it gave to federal employees on Stingrays in February. “That presentation included important information that I believe the American people have a right to know,” the Oregon senator wrote. Krebs is currently NPPD’s acting head. A Department of Homeland Security spokesperson declined to comment on Wyden’s move. In a March letter to Wyden, Krebs acknowledged the presence of apparently unauthorized mobile surveillance devices in the Washington, D.C., area and elsewhere in the country that could be exploited by foreign spies to track and […]

The post Sen. Wyden blocks Krebs nomination over Stingray demands appeared first on Cyberscoop.

Continue reading Sen. Wyden blocks Krebs nomination over Stingray demands→

Senator questions DHS about surveillance technology used in U.S. by foreign spies

Posted on November 27, 2017 by Zaid Shoorbajee

Sen. Ron Wyden, D-Ore., is requesting information from the Department of Homeland Security concerning the use of foreign cell phone surveillance devices in the U.S., according a letter posted Monday to the Senator’s website. Wyden’s inquiry specifically looks at issues surrounding the use of IMSI catchers, also known as international mobile subscriber identity collectors. An IMSI catcher is an inexpensive spying tool that can essentially act as a fake cell phone tower to intercept calls, text messages and other location information that normally emits from mobile phones. The letter, dated Nov. 17, asks Christopher Krebs, an acting DHS undersecretary, if the agency is aware of foreign-operated IMSI catchers in the Washington, D.C. area or in other major cities. “I am very concerned by this threat and urge the Department of Homeland Security (DHS) to improve its efforts to detect such activity,” Wyden writes. “Foreign government surveillance of senior American political and […]

The post Senator questions DHS about surveillance technology used in U.S. by foreign spies appeared first on Cyberscoop.

Continue reading Senator questions DHS about surveillance technology used in U.S. by foreign spies→

DHS cybersecurity mission facing real challenges

Posted on October 3, 2017 by CyberScoop Staff

As the Department of Homeland Security’s cybersecurity responsibilities continue to expand, the agency is beginning to show signs that it may not have the resources to keep up. Although the department has made significant progress on programs designed to defend federal networks from malware, many key cyber leadership positions remain unfilled, the hiring process for new cyber talent is dangerously slow and the enterprise cybersecurity strategy that was due in March is now six months late with no estimate of when it will be complete. “I understand the Trump administration did not fill leadership positions relevant to the DHS cybersecurity strategy with any real sense of urgency, and ongoing vacancies may be contributing to the delays. But the strategy is six months overdue and that is not acceptable,” said Rep. Cedric Richmond, D-La., during a House Homeland Security Subcommittee hearing Tuesday. The hearing continued a drumbeat of Congressional criticism during […]

The post DHS cybersecurity mission facing real challenges appeared first on Cyberscoop.

Continue reading DHS cybersecurity mission facing real challenges→