Category Archives: Department of Justice

U.S. indicts two over SamSam ransomware attacks that hit Atlanta, other cities

Posted on by

The Department of Justice unsealed indictments Wednesday against two Iranian men for conducting ransomware attacks against more than 200 organizations inside the United States, including municipalities, government agencies and hospitals. Prosecutors say that Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, used SamSam ransomware to lock the victims’ systems and demand bitcoin in order to decrypt their data. Savandi and Masouri racked up more than $6 million in ransom payments and caused more than $30 million in damages, according to the indictment issued by a grand jury in New Jersey. SamSam’s damage has been a public ordeal. The indictment includes notable cases like the attacks on the city of Atlanta, the city of Newark, the Port of San Diego, the Colorado Department of Transportation, and others. Six of the victims were health care-related organizations, prosecutors said. “Many of the victims were public agencies with missions that involve saving lives and performing other critical […]

The post U.S. indicts two over SamSam ransomware attacks that hit Atlanta, other cities appeared first on Cyberscoop.

Continue reading U.S. indicts two over SamSam ransomware attacks that hit Atlanta, other cities

U.S. cybercrime-fighters enter agreements with Indonesia, Singapore

Posted on by

When U.S. officials return from international conferences this week they can be thankful for bolstered cybersecurity alliances with two Southeast Asian countries.   The government has struck separate deals with Indonesia and Singapore to strengthen bilateral cooperation on fighting international cybercrime. Deputy Attorney General Rod Rosenstein and Indonesia’s police chief on Monday reached an agreement to increase U.S. training of Indonesian law enforcement officials to combat cyberattacks such as ransomware and to better use digital forensics, according to Straits Times newspaper. The State Department meanwhile signed a declaration of intent with Singapore’s Cybersecurity Agency to increase training and the sharing of technical information, ZDNet reported. Both Singapore and Indonesia are members of the Association of Southeast Asian Nations (ASEAN), an intergovernmental organization made up of members that increasingly have been targeted by hackers, researchers warned this year. Singapore in July said it had been victimized in its largest-ever cyberattack, in which suspected nation-state […]

The post U.S. cybercrime-fighters enter agreements with Indonesia, Singapore appeared first on Cyberscoop.

Continue reading U.S. cybercrime-fighters enter agreements with Indonesia, Singapore

Russian APT activity is resurgent, researchers say

Posted on by

Cybersecurity researchers have detected new spearphishing and malicious-email campaigns associated with two Russian-government-linked hacking groups known for breaching the Democratic National Committee in 2016. One campaign spotted by Palo Alto Networks featured a wave of malicious documents targeting government organizations in Europe, North America, and an unnamed former Soviet state. The documents, which researchers intercepted in late October and early November, included a variant of the Zebrocy Trojan that sends screenshots of a victim’s network back to a command-and-control server. Unit 42, Palo Alto Networks’ intelligence team, tied the malicious-email campaign to the Sofacy Group, a Russian hacking outfit also known as APT28 and Fancy Bear, which has deployed Zebrocy. Meanwhile, FireEye researchers on Monday published details on a spearphishing offensive that had technical similarities with a 2016 campaign from the APT29 Russian hacking group. Western governments have attributed APT28 and APT29 to different parts of Russia’s intelligence services. The campaign tracked by FireEye sent malicious […]

The post Russian APT activity is resurgent, researchers say appeared first on Cyberscoop.

Continue reading Russian APT activity is resurgent, researchers say

U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals

Posted on by

The Department of Justice’s second-in-command has called on other countries to step up their efforts to extradite accused cybercriminals, warning that the U.S. will “expose” countries that “manipulate the extradition process.” “We will identify nations that routinely block the fair administration of justice and fail to act in good faith,” Deputy Attorney General Rod Rosenstein told a general assembly of Interpol, an international police organization, on Sunday. “In some instances, nations shield their citizens from the rule of law with schemes that waste resources, cause needless delay, thwart investigative efforts, and undermine justice,” Rosenstein said in his prepared remarks. The U.S. processes extraditions “without regard to the nationality of the offender, but that cooperation must be reciprocated,” Rosenstein said. Rosenstein cited the case of Aleksey Belan, a Russian national charged with helping compromise 500 million Yahoo email accounts in 2014. In 2012, Belan was charged in a separate hack of […]

The post U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals appeared first on Cyberscoop.

Continue reading U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals

Chinese economic espionage is target of new Justice Department initiative

Posted on by

Department of Justice officials say alleged Chinese economic espionage is “increasingly rapidly,” and they have established a high-level initiative dedicated to countering what they call a pervasive threat to U.S. national security. Led by Assistant Attorney General John Demers and staffed by senior DOJ officials, the new initiative will work to counter various forms of Chinese economic espionage, including the targeting of U.S. centers of ingenuity like universities, Attorney General Jeff Sessions said Thursday. The effort could lead the department to make recommendations to Congress for legislation to address the threat, he added. “Chinese economic espionage against the United States has been increasing and it has been increasing rapidly,” Sessions said at a press conference. “We are here today to say, ‘Enough is enough.’ We’re not going to take it anymore.” The Chinese government, Sessions said, was “notorious around the world” for intellectual property theft. Beijing has denied such allegations. The new DOJ […]

The post Chinese economic espionage is target of new Justice Department initiative appeared first on Cyberscoop.

Continue reading Chinese economic espionage is target of new Justice Department initiative

DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits

Posted on by

In unsealing charges Tuesday against 10 Chinese nationals, the Department of Justice showed its focus is on China’s civilian intelligence agency, which analysts say has become Beijing’s preferred arm for conducting economic espionage. The agency, the Ministry of State Security, is more professional and technical in its hacking operations than China’s People Liberation Army, according to CrowdStrike co-founder Dmitri Alperovitch. “We have seen [the MSS], over the years, break into [corporate] organizations,” Alperovitch said Tuesday at an event hosted by The New York Times. “They were always better technically than the PLA.” After a landmark 2015 agreement between the United States and China not to steal intellectual property, Chinese activity in that vein tapered off for about a year, according to Alperovitch. Now, he said, it is back in full force. “[W]e’re seeing, on a weekly basis, intrusions into U.S. and other Western companies from Chinese actors,” with the MSS […]

The post DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits appeared first on Cyberscoop.

Continue reading DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits

DOJ unseals charges against 10 Chinese nationals for hacking aerospace companies

Posted on by

The Department of Justice on Tuesday unsealed charges against 10 Chinese nationals, including intelligence officers and hackers, for a multi-year campaign to steal aerospace technology and other proprietary information from U.S. companies. Partly relying on a “team of hackers,” intelligence officers at a provincial arm of China’s Ministry of State Security (MSS) focused on stealing turbofan-engine technology used in European and U.S. commercial airliners, DOJ said in a statement. The alleged operation lasted from at least January 2010 to May 2015, the department said. The turbofan engine was a joint project between unnamed French aerospace manufacturer and a U.S.-based company, according to DOJ. The Chinese intelligence operation breached the networks of the French manufacturer, as well as those of companies based in Arizona, Massachusetts and Oregon, the department said. The indictment returned by a grand jury in the Southern District of California lays out the hackers’ alleged tradecraft in detail. “The hackers used a […]

The post DOJ unseals charges against 10 Chinese nationals for hacking aerospace companies appeared first on Cyberscoop.

Continue reading DOJ unseals charges against 10 Chinese nationals for hacking aerospace companies

Chinese spy extradited to U.S. on economic espionage charges

Posted on by

A Chinese intelligence official has been extradited to the United States to face charges of economic espionage, the Department of Justice announced Wednesday. Yanjun Xu, a Chinese Ministry of State Security (MSS) official, is accused of trying to steal trade secrets from multiple American aerospace and aviation companies. For more than four years, beginning in December 2013, Xu targeted leading aviation companies, including GE Aviation, according to DOJ. He paid experts working at these companies to travel to China “under the guise of asking them to deliver a university presentation,” the department said. Xu, who is also known as Zhang Hui or Qu Hui, was arrested in Belgium in April, and extradited to the United States on Tuesday, DOJ said. He will face trial in a federal court in Cincinnati. Analysts and U.S. officials say the Xu case is further evidence that, after an apparent lull following a 2015 U.S.-China agreement […]

The post Chinese spy extradited to U.S. on economic espionage charges appeared first on Cyberscoop.

Continue reading Chinese spy extradited to U.S. on economic espionage charges

DOJ official: Whether they’re extradited or not, indicting foreign hackers is important

Posted on by

Even if foreign government hackers never see the inside of a U.S. courtroom, bringing criminal charges against them is still a key prong in American deterrence policy, a top Department of Justice official said Thursday. “Imagine a world … in which there are no criminal charges” and the private sector is left to levy the allegations themselves, Deputy Assistant Attorney General Adam Hickey said at the CyberNext conference in Washington, D.C. “What message does that send to a foreign hacker or the government he works for?” In a series of cases in which nation-state hackers charged by DOJ remain at large, “all of those charges served a greater purpose” beyond apprehending the alleged perpetrators, Hickey said. The indictments have enabled other U.S. responses such as sanctions as well as joining with allies to call out state-sponsored hacking, he said. Hickey spoke hours after the DOJ announced criminal charges against seven Russian military intelligence officers […]

The post DOJ official: Whether they’re extradited or not, indicting foreign hackers is important appeared first on Cyberscoop.

Continue reading DOJ official: Whether they’re extradited or not, indicting foreign hackers is important