david hogue – WindowsTechs.com

NSA technical director: Iran-linked operations are about espionage, not destruction

Posted on June 22, 2019 by Shannon Vavra

Even as geopolitical tensions spike between Iran and the U.S. following an Iranian takedown of a U.S. drone, Iran-linked cyber-operations continue to focus on espionage and not necessarily destructive activities, a senior U.S. intelligence official says. David Hogue, the technical director for the National Security Agency’s Threat Operations Center, tells CyberScoop Iranian-linked hacking groups are focused on traditional intelligence gathering. “I think they’re trying to get more insights onto what U.S. policymakers are either knowledgeable of or think of them,” Hogue said in an interview with CyberScoop on Friday. The past year has enflamed geopolitical tensions between Iran and the U.S. following the Trump administration’s withdrawal from the Iran nuclear deal. In April, the Trump administration took the unprecedented step of declaring a branch of Iran’s military to be a terrorist organization. Just last week, the administration blamed Tehran for attacks on two oil tankers in the Gulf of Oman. The Pentagon subsequently announced increased […]

The post NSA technical director: Iran-linked operations are about espionage, not destruction appeared first on CyberScoop.

Continue reading NSA technical director: Iran-linked operations are about espionage, not destruction→

The NSA is experimenting with machine learning concepts its workforce will trust

Posted on June 21, 2019 by Shannon Vavra

As the U.S. National Security Agency incorporates machine learning and artificial intelligence into its defensive cyber operations, officials are weighing whether cyber operators will have confidence in the algorithms underpinning those emerging technologies. NSA operators want to say, “is my AI or ML system explainable?” Neal Ziring, NSA’s Technical Director for Capabilities, told CyberScoop Thursday. “Contexts where the AI is recommending an action is where that will be most important.” The intelligence agency still is exploring how machine learning, an automated method of data analysis, might be used to detect threats and protect new Internet of Things technology. Given the amount of information that agency employees need to sort through, machine learning could help prioritize tasks and decrease the amount of time employees spend on triage. The NSA aims to use machine learning and artificial intelligence, in which computers make their own decisions, to more efficiently stop threats, and eventually leverage those tools in offensive operations. But, if NSA workers don’t trust the […]

The post The NSA is experimenting with machine learning concepts its workforce will trust appeared first on CyberScoop.

Continue reading The NSA is experimenting with machine learning concepts its workforce will trust→

Congress to take another stab at hack back legislation

Posted on June 13, 2019 by Shannon Vavra

The concept of “hacking back” — which has often been referred to as “the worst idea in cybersecurity” — has resurfaced again in Washington. Rep. Tom Graves, R-Ga., is reintroducing a bill Thursday that would allow companies to go outside of their own networks to identify their attackers and possibly disrupt their activities. While Graves has made previous attempts to legalize the practice, “hacking back” would currently be a violation of the Computer Fraud and Abuse Act. The CFAA, enacted in 1986, makes it illegal to access computers without authorization. Graves told CyberScoop the bill is necessary in part because companies are left without recourse when they are attacked. “Where do they turn — can they call 911? What do they do?” Graves said. “They have nowhere to turn.” The incentive to pass this bill, Graves says, also stems in part from the fact that there are no guidelines right now for companies that […]

The post Congress to take another stab at hack back legislation appeared first on CyberScoop.

Continue reading Congress to take another stab at hack back legislation→

Cyber Command’s latest VirusTotal upload has been linked to an active attack

Posted on May 21, 2019 by Shannon Vavra

The malware sample that U.S. Cyber Command uploaded to VirusTotal last week is still involved in active attacks, multiple security researchers tell CyberScoop. Researchers from Kaspersky Lab and ZoneAlarm, a software security company run by Check Point Technologies, tell CyberScoop they have linked the malware with APT28, the same hacking group that breached the Democratic National Committee during the 2016 election cycle. A variant of the malware is being used in ongoing attacks, hitting targets as recently this month. The targets include Central Asian nations, as well as diplomatic and foreign affairs organizations, Kaspersky Lab’s principal security researcher Kurt Baumgartner tells CyberScoop. While ZoneAlarm can’t confirm the targets the attack is focused on, the company detected the specific malware hash in an active attack in the Czech Republic last week, Lotem Finkelsteen, ZoneAlarm’s Threat Intelligence Group Manager, tells CyberScoop. “Although we cannot confirm such an attack, Finkelsteen said, referring to the […]

The post Cyber Command’s latest VirusTotal upload has been linked to an active attack appeared first on CyberScoop.

Continue reading Cyber Command’s latest VirusTotal upload has been linked to an active attack→

National Security Council cyber chief: Criminals are closing the gap with nation-state hackers

Posted on April 25, 2019 by Shannon Vavra

Cybercriminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, the National Security Council’s senior director for cybersecurity policy said Thursday. “They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, who also holds the title of federal CISO, at the Security Through Innovation Summit presented by McAfee and produced by CyberScoop and FedScoop. Schneider told CyberScoop that he thinks the implants cybercriminals are using in their cyberattacks have been improving. “The actual sophistication of the tool … is better with criminals than we saw in the past.” Steve Grobman, the chief technology officer for McAfee, told CyberScoop that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools. “One of the things we’re seeing on the business-model side is cybercriminals are starting to use innovative processes like franchises — affiliate groups where a cybercriminal will develop technology [and] make it […]

The post National Security Council cyber chief: Criminals are closing the gap with nation-state hackers appeared first on CyberScoop.

Continue reading National Security Council cyber chief: Criminals are closing the gap with nation-state hackers→