Category Archives: Cyber Command

Lawmakers throw cold water on splitting Cyber Command from NSA

Posted on by

Although Pentagon officials have suggested in recent days that the nation’s offensive cyber arm should split away from the National Security Agency, Cyber Command is a long way from being ready to stand on its own, according to a bipartisan group of lawmakers. The proposal, which some DOD officials have been entertaining in the last several days, would separate out the command from the Department of Defense’s foreign signals intelligence agency, which it has been co-located with for 10 years in order to help it find its footing. Both the NSA and Cyber Command are currently run by the same leader, Gen. Paul Nakasone, and some critics say the Trump administration has been interested in separating the two in order to carve out a leadership spot for a political ally at the helm of the NSA before his time in the Oval Office expires, according to The Washington Post. But […]

The post Lawmakers throw cold water on splitting Cyber Command from NSA appeared first on CyberScoop.

Continue reading Lawmakers throw cold water on splitting Cyber Command from NSA

A look inside Congress’ biggest cyber bill ever

Posted on by

Congress this week is slated to pass what just might be the most significant cybersecurity legislation ever. This year’s annual defense policy bill, known as the National Defense Authorization Act (NDAA), is loaded with provisions that would reshape the federal bureaucracy on cybersecurity. It would create a national cyber director in the White House and strengthen the Department of Homeland Security’s Cybersecurity and Information Security Agency (CISA), among other changes. “I believe it’s safe to say that this is the most important piece of cybersecurity legislation ever passed” should the final bill advance this week, said Sen. Angus King, I-Maine, who co-chaired the Cyberspace Solarium Commission that produced many of the proposals in the legislation. Mark Montgomery, executive director of the commission, called it “the most substantive” cyber legislation Congress will have passed. Others agree. “I think that’s true, 100%,” said Jonathan Reiber, a former Defense Department cybersecurity official during […]

The post A look inside Congress’ biggest cyber bill ever appeared first on CyberScoop.

Continue reading A look inside Congress’ biggest cyber bill ever

Congress set to establish White House national cyber director, enact other Solarium Commission recommendations

Posted on by

Congress is on the verge of creating a Senate-confirmed national cyber director within the White House who would advise the president on cybersecurity and coordinate the federal government’s related work. And supporters say it would improve on a White House czar position that President Donald Trump controversially eliminated: In addition to Senate confirmation, it would be housed outside of, rather than under, the National Security Council. Multiple sources familiar with negotiations on an annual must-pass defense policy bill say that the final agreement will include the national cyber director position. And it will largely reflect a proposal by the Cyberspace Solarium Commission, which earlier this year put together a comprehensive report that made sweeping recommendations. The Trump White House had opposed the creation of the position. It’s not the only major recommendation from the Solarium Commission that was included in the legislation, either, according to those sources. It would grant the Department of Homeland Security the power to […]

The post Congress set to establish White House national cyber director, enact other Solarium Commission recommendations appeared first on CyberScoop.

Continue reading Congress set to establish White House national cyber director, enact other Solarium Commission recommendations

Cyber Command deployed personnel to Estonia to protect elections against Russian threat

Posted on by

Personnel from the U.S. Department of Defense’s Cyber Command deployed to Estonia in recent months as part of a broader effort to protect U.S. elections against foreign hacking, American and Estonian officials announced Thursday. The mission allowed personnel from U.S. Cyber Command and Estonia’s Defense Forces Cyber Command to collaborate on hunting for malicious hacking efforts on critical networks from adversaries, officials said. Estonia in particular could help the U.S. glean intelligence about Russian cyber-operations, as it has borne the brunt of Russian hacking in the past. Montenegro, a perennial target of Russian hacking, has also worked with Cyber Command on similar missions, known as “Hunt Forward” missions, to protect the 2020 presidential elections against foreign hacking. As the thinking goes, Cyber Command can run these kinds of operations to help protect a foreign ally against intrusions conducted by shared adversaries, while also obtaining information that could help protect U.S. […]

The post Cyber Command deployed personnel to Estonia to protect elections against Russian threat appeared first on CyberScoop.

Continue reading Cyber Command deployed personnel to Estonia to protect elections against Russian threat

It’s hard to keep a big botnet down: TrickBot sputters back toward full health

Posted on by

Mounting evidence suggests that TrickBot, the vast botnet that both U.S. Cyber Command and a Microsoft-led coalition sought to disable around the 2020 elections, is on the mend and evolving. The separate campaigns featured Microsoft going to court to disable IP addresses associated with TrickBot command and control servers, as Cyber Command’s operation also targeted command and control servers.  Hints of its rebound began in late October, shortly after signs of success in the bids to dismantle the TrickBot network of zombie computers. While Cyber Command and Microsoft always billed their assaults as a disruption rather than a full takedown, the TrickBot comeback is proof that it’s difficult to kill a botnet outright. Botnets are dangerous because they can be used to conduct a range of harmful activities, like distributed denial of service attacks that overwhelm a site with traffic or ransomware attacks, the latter of which were a major issue of concern for U.S. national security […]

The post It’s hard to keep a big botnet down: TrickBot sputters back toward full health appeared first on CyberScoop.

Continue reading It’s hard to keep a big botnet down: TrickBot sputters back toward full health

TrickBot really is on the run after Microsoft, Cyber Command disruption

Posted on by

After some initial doubts, Tuesday brought encouraging signs that a multi-front attempt to dismantle the massive TrickBot botnet in advance of Election Day has taken root, perhaps thanks to an extra push. In recent weeks, a Pentagon hacking division and a coalition of organizations led by Microsoft took aim at TrickBot, one of of the world’s largest armies of zombie computers. Fears that attackers could use the botnet to deploy ransomware and disrupt the 2020 election motivated the takedown bids. Microsoft said on Tuesday that, as of the start of this week, it had disabled 120 out of 128 command-and-control servers the company identified as part of TrickBot’s infrastructure, good for a 94% takedown rate. Nearly 60 of the 128 sprung up as cybercriminals sought to fortify its infrastructure, after which Microsoft said it shut down all but one. “To be clear, these numbers will change regularly as we expect action we’ve already […]

The post TrickBot really is on the run after Microsoft, Cyber Command disruption appeared first on CyberScoop.

Continue reading TrickBot really is on the run after Microsoft, Cyber Command disruption

U.S. Army Says it Nuked Trickbot, but Microsoft and Chums Claim Credit

Posted on by

In the dog-days of last week, a shadowy group of secret sources in U.S. Cyber Command whispered to reporters that they’d disrupted a huge, ransomware-spewing botnet.
The post U.S. Army Says it Nuked Trickbot, but Microsoft and Chums Claim Credit appea… Continue reading U.S. Army Says it Nuked Trickbot, but Microsoft and Chums Claim Credit

Chinese hackers suspected in cyber-espionage operation against Russia, India

Posted on by

Chinese government-linked hackers are suspected to be behind an ongoing global cyber-espionage campaign that U.S. officials are actively tracking, CyberScoop has learned. Malicious software used in the campaign, which the departments of Defense and Homeland Security have dubbed “SlothfulMedia,” is linked with “high confidence” to the Chinese government, according to one U.S. government official. Another U.S. government source said the hackers are suspected of having ties to Beijing, while a third government official described the group as operating a concerted hacking campaign based in China. Each person spoke with CyberScoop on the condition of anonymity because they were not authorized to speak to the media. The advisory is part of a broader effort to expose foreign hacking, including from China, to help protect American companies, two of the U.S. officials said. “This was a high-value disclosure because it demonstrates China’s targeting of Russian targets,” said one U.S. government source. The revelation comes after U.S. Cyber Command, the Pentagon’s […]

The post Chinese hackers suspected in cyber-espionage operation against Russia, India appeared first on CyberScoop.

Continue reading Chinese hackers suspected in cyber-espionage operation against Russia, India

Bolton: Russia, China ‘undoubtedly’ interfering in 2020 U.S. elections

Posted on by

Russia and China are “undoubtedly” working to interfere in the 2020 presidential election in the U.S., Trump’s former national security adviser John Bolton said Tuesday. The comment, which Bolton shared in response to a question from CyberScoop about offensive cyber-operations, came days after the Office of the Director of National Intelligence shared publicly that a whole host of foreign governments, including Russia, China, and Iran, are trying to exert influence over the U.S. presidential election this year. Russia is working to “primarily denigrate former Vice President [Joe] Biden,” while China “prefers” that Trump “does not win reelection,” the U.S. intelligence shows, according to the ODNI. Iran has set its focus on spreading disinformation on social media and seeks to “undermine U.S. democratic institutions, President Trump, and to divide the country,” according to the ODNI. The U.S., however, can and should hit back in cyberspace in an effort to try to […]

The post Bolton: Russia, China ‘undoubtedly’ interfering in 2020 U.S. elections appeared first on CyberScoop.

Continue reading Bolton: Russia, China ‘undoubtedly’ interfering in 2020 U.S. elections

How COVID-19 changed Cyber Command’s ‘Cyber Flag’ exercise

Posted on by

This year when U.S. Cyber Command convened with allied countries to test how they would collectively defend against a cyber-operation targeting allied networks, the units came together for what appeared to be a straightforward simulation of an attack against a European airbase. The worldwide coronavirus pandemic made the simulation less than straightforward. For the first time ever, participants conducted the exercise from home, according to U.S. military cyber commanders involved in the exercise. The annual simulation, which simulated an attack that impacted both information technology (IT) and operational technology (OT), took place on a new platform, the Persistent Cyber Training Environment (PCTE). “The impact of COVID-19 is pretty clear and it’s been a challenge for us. But it didn’t pause the action that’s been going on in cyberspace,” U.S. Coast Guard Rear Admiral John Mauger, the director of Cyber Command exercises and training, told reporters Wednesday. “Within Cyber Command we couldn’t stop […]

The post How COVID-19 changed Cyber Command’s ‘Cyber Flag’ exercise appeared first on CyberScoop.

Continue reading How COVID-19 changed Cyber Command’s ‘Cyber Flag’ exercise