DOJ didn’t ask for Russia’s help tracking down Colonial Pipeline hackers, senior official says

The U.S. Justice Department did not ask Russian law enforcement for help in tracking down the perpetrators of the Colonial Pipeline ransomware attack because Moscow’s history of harboring cybercriminals essentially makes it a waste of time, according to a senior department official. “I think we’ve reached the stage, today, where there’s very little point in doing so,” said John Demers, the assistant attorney general for national security. “We have made those requests in the past.” The Russian government is “not just tolerating this,” Demers said at CyberTalks, presented by CyberScoop. “They’re actively getting in the way of U.S. law enforcement efforts to combat this type of hacking,” he added, referring to previous Russian efforts to block U.S. requests to extradite accused hackers from other countries. The remarks were pre-recorded on June 3. The Justice Department did not answer follow-up questions about possible Russian cooperation in the weeks since. The Russian […]

The post DOJ didn’t ask for Russia’s help tracking down Colonial Pipeline hackers, senior official says appeared first on CyberScoop.

Continue reading DOJ didn’t ask for Russia’s help tracking down Colonial Pipeline hackers, senior official says

NSA cyber director explains why US missed suspected Russian espionage operation

When Russia’s Foreign Intelligence Service staged a sweeping espionage campaign targeting hundreds of U.S. companies and federal government agencies last year, it was a private sector cybersecurity firm that first uncovered the operation, not the U.S. government. Lawmakers have asked in recent weeks why the U.S. intelligence community appears to have gaps in its visibility into foreign hacking, and whether the National Security Agency needs new surveillance authorities. But the NSA’s cybersecurity director, Rob Joyce, suggested that that may not be the best solution. “Inside the U.S. you would expect us to have the best tools and capabilities, but instead what we’re finding — in General Nakasone’s words — is we don’t even see the dots, let alone connect the dots,” Joyce said at CyberTalks, a summit presented by CyberScoop. The NSA Cybersecurity Directorate, which Joyce leads, is responsible for preventing and eradicating threats from foreign hackers targeting U.S. entities. […]

The post NSA cyber director explains why US missed suspected Russian espionage operation appeared first on CyberScoop.

Continue reading NSA cyber director explains why US missed suspected Russian espionage operation

‘That horse has left the barn’: Secret Service official says ransom payments have fueled hacking sprees

After the multimillion-dollar extortions of Colonial Pipeline and meat processor JBS, a Secret Service official is urging organizations not to pay off hackers and underscoring that more victims need to come forward in order to help U.S. officials get a handle on the problem. “We’re in this boat we’re in now because over the last several years, people have paid the ransom,” Stephen Nix, assistant to the Special Agent in Charge at the U.S. Secret Service, said at CyberTalks, a summit presented by CyberScoop. “This is the monetization of security flaws. That’s what we’re looking at. That horse has left the barn.” Nix asked ransomware victims to tell law enforcement agencies details such as the cryptocurrency wallet, or account, used by the attackers in order to track them down. “I think it’s a very small number of cases we actually hear about,” he added. “If we don’t hear about it, […]

The post ‘That horse has left the barn’: Secret Service official says ransom payments have fueled hacking sprees appeared first on CyberScoop.

Continue reading ‘That horse has left the barn’: Secret Service official says ransom payments have fueled hacking sprees

How FireEye attributed the SolarWinds hacking campaign to Russian spies

Careful data collection, specific keyword searches and the type of breach were factors that FireEye used to determine that Kremlin-sponsored hackers were behind one of the largest cyber-espionage operations in recent years. The first revelations about what would come to be known as the SolarWinds campaign — in which spies exploited the federal contractor to breach nine U.S. government agencies and roughly 100 companies — occurred in early December 2020, when FireEye announced that hackers had stolen its security testing tools. The Milpitas-based company discovered that SolarWinds software was affected during the course of its own investigation, sparking examinations throughout U.S. national security circles that remain ongoing. “We learned it’s fair game to hack the supply chain,” FireEye CEO Kevin Mandia said Tuesday during CyberTalks, a summit presented by CyberScoop. While scrambling to understand the scope of the breach, FireEye investigators observed that hackers had searched for specific keywords, an […]

The post How FireEye attributed the SolarWinds hacking campaign to Russian spies appeared first on CyberScoop.

Continue reading How FireEye attributed the SolarWinds hacking campaign to Russian spies

How recent disinformation campaigns tied to Russia, Pakistan blended fake engagement with real life

Influence operations aren’t just about spreading fake news. International governments and corporate public relations firms also are using inauthentic social media behavior to boost attention around real-world events that fit into foreign policy goals, a panel of experts said Tuesday at CyberTalks, a summit presented by CyberScoop. The propaganda campaigns are increasingly layered, with a number of examples that have relied on contract workers who may not have realized they were involved in an astroturfing effort. In May, Facebook removed 30 pages, six groups, 83 accounts and 49 Instagram profiles that were linked to Yevgeny Prigozhin, a Russian oligarch who had distributed food baskets to impoverished communities in Sudan. The amplification of pro-Russia content appeared to be designed to improve the populations’ impression of Prigozhin, and thus the Kremlin, at a time when Russia is trying to keep Russian warships stationed at Port Sudan on the Red Sea, according to […]

The post How recent disinformation campaigns tied to Russia, Pakistan blended fake engagement with real life appeared first on CyberScoop.

Continue reading How recent disinformation campaigns tied to Russia, Pakistan blended fake engagement with real life

Federal CISO forecasts one of toughest tasks in sweeping Biden cyber executive order

At 34 pages, President Joe Biden’s May executive order on cybersecurity is lengthier than many such White House directives. It’s going to keep federal agencies busy for a long time implementing a host of protective measures, but one might prove a heavier burden, according to Federal Chief Information Security Officer Chris DeRusha. The executive order establishes cybersecurity event log requirements for agencies, meant to improve the government’s ability to investigate and clean-up attacks. “To do monitoring and understand what activity is occurring or has occurred on your network, that’s a huge multi-year exercise that each agency’s going to have to undertake,” DeRusha said during an interview that aired Tuesday as part of CyberTalks, a summit presented by CyberScoop. But it’s a very important part of the order, he said. “When you think about it it’s really a key pillar of … cyber hygiene,” said DeRusha. Under the order, the Homeland […]

The post Federal CISO forecasts one of toughest tasks in sweeping Biden cyber executive order appeared first on CyberScoop.

Continue reading Federal CISO forecasts one of toughest tasks in sweeping Biden cyber executive order