Cyber Command flags North Korean-linked hackers behind ongoing financial heists

The Department of Defense has once again called out North Korean hackers by exposing malware samples researchers say are linked to regime-backed financial heists, including past attacks on the interbank messaging system known as the Society for Worldwide Interbank Financial Telecommunication (SWIFT), CyberScoop has learned. Cyber Command assessed that the malware, which it posted to the information sharing platform VirusTotal, is being used in ongoing cyberattacks aimed at the financial sector. “These malware samples are currently used for fund generation and malicious cyber activities including remote access, beaconing, and malware command by malicious cyber actors,” the command said in a tweet. The command did not name victims or describe the magnitude of the scheme. It’s a rare statement from the Pentagon’s cyber-operations division on the intent and capabilities of adversary-linked malware in what appears to be an expansion of the command’s willingness and ability to discuss the intelligence behind its VirusTotal […]

The post Cyber Command flags North Korean-linked hackers behind ongoing financial heists appeared first on CyberScoop.

Continue reading Cyber Command flags North Korean-linked hackers behind ongoing financial heists

Why did Cyber Command back off its recent plans to call out North Korean hacking?

U.S. Cyber Command was on the verge of again publicly calling out North Korean hackers for targeting the financial sector in late September, but ultimately backed off the plan by early October, multiple sources familiar with the decision tell CyberScoop. The announcement was to be part of a Cyber Command effort to publicly share malware samples on VirusTotal, a web platform dedicated to tracking malware. Led by Cyber Command’s Cyber National Mission Force, those postings are intended to call out adversary-linked hacking in the hopes that it will deter groups from similar efforts in the future. It wasn’t clear why the decision was made to refrain from publicly posting malware samples this time around, despite the fact that Cyber Command has done so numerous times in recent months. It didn’t appear to be an issue of accuracy — the Pentagon outfit still decided to share private advisories with threat intelligence companies and the financial sector. A […]

The post Why did Cyber Command back off its recent plans to call out North Korean hacking? appeared first on CyberScoop.

Continue reading Why did Cyber Command back off its recent plans to call out North Korean hacking?

Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities

Ethical hackers have found nine “high severity” vulnerabilities and one “critical” vulnerability across Department of Defense proxies, virtual private networks, and virtual desktops through the “Hack the Proxy,” bug bounty program, the Department of Defense’s Defense Digital Service and HackerOne announced Monday. In addition to the high severity and critical vulnerabilities uncovered, “Hack the Proxy” found 21 “medium” or “low severity” vulnerabilities. Defense Digital Service and HackerOne spokespeople did not immediately return requests for comment on what kinds of vulnerabilities constitute as “high severity,” “critical,” or “medium/low severity.” The bug bounty program, sponsored by U.S. Cyber Command, zeroed in on finding vulnerabilities external to the Department of Defense Information Network that could enable foreign hackers to watch internal affairs at the Pentagon. This comes just a week after the National Security Agency issued an alert warning that multiple nation-state adversaries have been exploiting VPN vulnerabilities in Pulse Secure and Fortinet products, products which Chinese hackers known as “Manganese” or […]

The post Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities appeared first on CyberScoop.

Continue reading Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities

Former U.S. Army contractor sentenced to prison for destroying IT system

A federal contractor who worked on a U.S. Army IT system was sentenced to two years in prison on Friday for illegally accessing his employer’s network, stealing servers and proprietary information, and causing damage that resulted in more than $1 million in losses. Barrence Anthony, 40, worked for Federated IT, a federal contractor that provides IT services to government agencies. In this case, Federated IT provided services to the Office of the Army‘s Chaplain Corps, according to an affidavit obtained by CyberScoop. Federated IT was specifically working on building and managing a SharePoint instance for the corps hosted on Amazon Web Services. According to the affidavit, Anthony accessed the AWS instance on which the corps system was located after his employment was terminated on Dec. 8, 2016. Shortly thereafter, Anthony made backup versions of the system and moved the duplicates to his own AWS account. Later that night, Anthony logged back into […]

The post Former U.S. Army contractor sentenced to prison for destroying IT system appeared first on CyberScoop.

Continue reading Former U.S. Army contractor sentenced to prison for destroying IT system

Air Force unveils information warfare outfit amid U.S. effort to go on offense in cyberspace

After months of planning, the U.S. Air Force announced it is creating a new information warfare body, an official step that aims to bolster the military’s digital warfare capabilities. The Air Force announced this week it will create an information warfare command, which will combine the capabilities from the division now responsible for defending crucial networks, Air Forces Cyber, and the 25th Air Force, which oversees intelligence collection, surveillance, and reconnaissance. The new outfit will be known as the 16th Air Force, and led by Maj. Gen. Timothy Haugh, who formerly led the Cyber National Mission Force at Cyber Command, pending his confirmation. The update is one aspect in a series of efforts the Pentagon is undertaking to accelerate offensive operations after years of focusing primarily on defense. It also comes at a time when every other U.S. military service — the Army, Navy, Marine Corps, Coast Guard – also is considering upgrades to […]

The post Air Force unveils information warfare outfit amid U.S. effort to go on offense in cyberspace appeared first on CyberScoop.

Continue reading Air Force unveils information warfare outfit amid U.S. effort to go on offense in cyberspace

U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech

U.S. Secretary of Defense Mark Esper is calling on allies in the North Atlantic Treaty Organization to bar Chinese companies from developing 5G networks there, reiterating an American argument that largely has failed to convince European countries to blacklist telecommunication firms with ties to Beijing. Esper, in a speech Thursday at the Cybersecurity and Infrastructure Security Agency summit in Maryland, said “every Chinese company has the potential to be an accomplice in Beijing’s state-sponsored campaign to steal technology.” His remarks came amid a standoff between Washington and Beijing in which the Chinese telecom Huawei has become the subject of geopolitical scrutiny while it also lobbies nations around the world to help build 5G wireless networks. Esper in his speech warned NATO allies that using 5G networks developed by Chinese companies “jeopardizes military interoperability and intelligence sharing opportunities.” “The U.S. military does not fight alone,” he said. “Just like the other […]

The post U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech appeared first on CyberScoop.

Continue reading U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech

At DEF CON’s aviation village, the military is interested in more than just the hacks

The first-ever aviation “village” at the DEF CON security conference has an F-35 fighter jet simulator among its hacking targets, but that’s not the only reason the Defense Digital Service’s newly minted chief, Brett Goldstein, is hanging around this corner of the convention hall in Las Vegas. The agency sees it as a recruiting opportunity, too. “In this room and throughout the convention is some of the best security talent in the world,” Goldstein tells CyberScoop. “This is a win for me if I can spark the imagination of this community, get them to understand we want to collaborate with them, that the problem space is fascinating, and this is something they should think about.” Right now the DDS, which ran its first bug bounty program in 2016, has approximately 70 employees, some of which are civilians and some of which are active-duty military. But they rotate in and out approximately […]

The post At DEF CON’s aviation village, the military is interested in more than just the hacks appeared first on CyberScoop.

Continue reading At DEF CON’s aviation village, the military is interested in more than just the hacks

Trump’s Pentagon pick ‘confident’ in 2020 election security

Defense secretary nominee Mark Esper told the Senate Armed Services Committee on Tuesday that although there is still work to be done, he is confident in the security of the 2020 presidential elections. “We are more and more confident that the 2020 elections will be unfettered,” Esper said. “But we always will have a lot of work to do because people will always want to influence our elections.” The 2020 elections remain a target of state and non-state cyber actors, a senior intelligence official told reporters last month in a briefing. Esper, who has been serving as secretary of the U.S. Army since 2017, highlighted U.S. Cyber Command’s capabilities while discussing election security. Efforts made in the buildup to the 2018 midterm elections left the U.S. with an improved posture than years prior, he said. Some of the command’s efforts to defend the midterm elections in 2018 included deploying soldiers to […]

The post Trump’s Pentagon pick ‘confident’ in 2020 election security appeared first on CyberScoop.

Continue reading Trump’s Pentagon pick ‘confident’ in 2020 election security

Why Cyber Command’s latest warning is a win for the government’s information sharing efforts

When U.S. Cyber Command warned last week that a hacking group was using a Microsoft Outlook vulnerability previously leveraged by an Iran-linked malware campaign, it appeared to be signaling just how much the military knows about those operations. But the alert was significant in other ways: behind-the-scenes details uncovered by CyberScoop show that it is an example of how the U.S. government has built up its use of the information-sharing platform VirusTotal so the private sector gets more information sooner. Along with Cyber Command’s warning, which also was shared in a tweet, the Department of Homeland Security (DHS) released its own private warning to industry, CyberScoop has learned. The department’s traffic light protocol (TLP) alert covered the same threat that Cyber Command would eventually post to VirusTotal. In going public with the malicious files, Cyber Command appears to have revealed new information about how Iran-linked actors leveraged another malware family, known as Shamoon, as recently as 2017, according to Chronicle, which owns VirusTotal. Not only is it […]

The post Why Cyber Command’s latest warning is a win for the government’s information sharing efforts appeared first on CyberScoop.

Continue reading Why Cyber Command’s latest warning is a win for the government’s information sharing efforts

House’s defense bill looks to protect Pentagon’s tech supply chain

The cybersecurity proposals in the House Armed Services Committee’s draft of the national defense bill for fiscal 2020 include provisions that would create new directives on the Department of Defense’s tech acquisitions and supply chain. Chairman Adam Smith’s mark of the National Defense Authorization Act (NDAA), issued Monday, seeks to prevent the DOD from acquiring foreign telecommunications and video surveillance equipment from companies that could pose security risks to the Pentagon. The provision effectively would ban or suspend contractors and subcontractors from doing business with not just the Pentagon but also the entire U.S. government, too. Chinese-based companies Huawei and ZTE, both of which have been under intense scrutiny by the Trump administration, are not directly named in the provision. The measure appears to align with an executive order the White House issued just last month that seeks to bar U.S. companies from using telecommunications equipment made by foreign firms, with the concern that the gear […]

The post House’s defense bill looks to protect Pentagon’s tech supply chain appeared first on CyberScoop.

Continue reading House’s defense bill looks to protect Pentagon’s tech supply chain