deterrence – Page 3 – WindowsTechs.com

How the U.S. might respond if China launched a full-scale cyber attack

Posted on November 13, 2018 by Sean Lyngaas

The U.S. financial and energy sectors are no strangers to foreign government hackers, from Iranian denial-of-service attacks on American banks to Russian reconnaissance of industrial control systems. Less familiar territory, however, is how companies would work with the U.S. government to respond to a cross-sector cyberattack during a geopolitical crisis. About 20 private executives and ex-government officials gathered last month in Washington, D.C. to take a stab at that question. A tabletop exercise hosted by the Foundation for Defense of Democracies (FDD), a think tank, hashed out what companies and federal agencies might ask of each other in the 72 hours after a disruptive series of computer intrusions. The fictional scenario involved a confrontation between the United States and China in the Taiwan Strait, which was followed by a cascading cyberattack on multiple U.S. critical infrastructure sectors. The former defense and law enforcement officials in the room discussed with their private-sector counterparts – executives […]

The post How the U.S. might respond if China launched a full-scale cyber attack appeared first on Cyberscoop.

Continue reading How the U.S. might respond if China launched a full-scale cyber attack→

Symantec researchers dissect North Korean malware used in ATM attacks

Posted on November 8, 2018 by Sean Lyngaas

As the North Korean government has felt the bite of international sanctions, its hackers have reportedly carried out damaging raids on financial institutions to raise cash. Few operations capture that naked ambition more clearly than a scheme that has reportedly stolen tens of millions of dollars from ATMs in Africa and Asia. On Thursday, researchers from cybersecurity company Symantec detailed how the malware used in the ATM scheme intercepts fraudulent withdrawal requests and sends messages approving those withdrawals. The Lazarus Group, a broad set of North Korean hackers, is responsible for the so-called FastCash operation, according to Symantec. “FASTCash illustrates that Lazarus possesses an in-depth knowledge of banking systems and transaction processing protocols and has the expertise to leverage that knowledge in order to steal large sums from vulnerable banks,” Symantec researchers wrote in a blog post. The scheme has triggered simultaneous withdrawals from ATMs in 23 countries this year […]

The post Symantec researchers dissect North Korean malware used in ATM attacks appeared first on Cyberscoop.

Continue reading Symantec researchers dissect North Korean malware used in ATM attacks→

Chinese economic espionage is target of new Justice Department initiative

Posted on November 1, 2018 by Sean Lyngaas

Department of Justice officials say alleged Chinese economic espionage is “increasingly rapidly,” and they have established a high-level initiative dedicated to countering what they call a pervasive threat to U.S. national security. Led by Assistant Attorney General John Demers and staffed by senior DOJ officials, the new initiative will work to counter various forms of Chinese economic espionage, including the targeting of U.S. centers of ingenuity like universities, Attorney General Jeff Sessions said Thursday. The effort could lead the department to make recommendations to Congress for legislation to address the threat, he added. “Chinese economic espionage against the United States has been increasing and it has been increasing rapidly,” Sessions said at a press conference. “We are here today to say, ‘Enough is enough.’ We’re not going to take it anymore.” The Chinese government, Sessions said, was “notorious around the world” for intellectual property theft. Beijing has denied such allegations. The new DOJ […]

The post Chinese economic espionage is target of new Justice Department initiative appeared first on Cyberscoop.

Continue reading Chinese economic espionage is target of new Justice Department initiative→

DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits

Posted on November 1, 2018 by Sean Lyngaas

In unsealing charges Tuesday against 10 Chinese nationals, the Department of Justice showed its focus is on China’s civilian intelligence agency, which analysts say has become Beijing’s preferred arm for conducting economic espionage. The agency, the Ministry of State Security, is more professional and technical in its hacking operations than China’s People Liberation Army, according to CrowdStrike co-founder Dmitri Alperovitch. “We have seen [the MSS], over the years, break into [corporate] organizations,” Alperovitch said Tuesday at an event hosted by The New York Times. “They were always better technically than the PLA.” After a landmark 2015 agreement between the United States and China not to steal intellectual property, Chinese activity in that vein tapered off for about a year, according to Alperovitch. Now, he said, it is back in full force. “[W]e’re seeing, on a weekly basis, intrusions into U.S. and other Western companies from Chinese actors,” with the MSS […]

The post DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits appeared first on Cyberscoop.

Continue reading DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits→

FBI to private industry: Attribution won’t deter North Korean hacking

Posted on October 26, 2018 by Sean Lyngaas

The FBI has told American companies that North Korean government hackers will continue to target financial institutions worldwide despite the U.S. government’s public attribution of such activity to Pyongyang. The targeting “will continue unabated, regardless of the U.S. government public attribution of North Korea,” the FBI’s cyber division said in an industry advisory dated Oct. 25 and obtained by CyberScoop. “North Korean cyber activities remain a concern based on its historical patterns of behavior,” the notice says. In conceding that attribution will not change North Korea’s calculus in cyberspace, the FBI is reiterating what is widely recognized in the cybersecurity industry: that Kim Jong Un’s regime is too brazen to care about being called out for its hacking. In September, the DOJ announced charges against North Korean spy Park Jin Hyok for his alleged role in the destructive 2014 cyberattack against Sony Pictures Entertainment and the 2017 WannaCry ransomware attack. […]

The post FBI to private industry: Attribution won’t deter North Korean hacking appeared first on Cyberscoop.

Continue reading FBI to private industry: Attribution won’t deter North Korean hacking→

Ex-DHS official on PPD-20 repeal: Consider potential blowback to private sector

Posted on October 18, 2018 by Sean Lyngaas

The U.S. government’s new and reportedly more muscular approach to conducting offensive cyber-operations must carefully consider the potential blowback of such actions to the private sector, a former senior Department of Homeland Security official has warned. “DHS needs to be part of the discussion around the cost-benefit analysis to bring the private sector point of view because we know the private sector often bears the brunt of the retaliation that comes in the wake of more aggressive activity,” Suzanne Spaulding said Wednesday at the Atlantic Council. Asked what public indication there would that those concerns are being addressed, Spaulding, who served as a DHS undersecretary under President Barack Obama, said the answer lies in the private sector. Private companies will have a sense of “whether their equities were adequately considered” before a U.S. government decision to conduct offensive operations, Spaulding said during a panel discussion. “And my guess is they’ll […]

The post Ex-DHS official on PPD-20 repeal: Consider potential blowback to private sector appeared first on Cyberscoop.

Continue reading Ex-DHS official on PPD-20 repeal: Consider potential blowback to private sector→

Chinese spy extradited to U.S. on economic espionage charges

Posted on October 10, 2018 by Sean Lyngaas

A Chinese intelligence official has been extradited to the United States to face charges of economic espionage, the Department of Justice announced Wednesday. Yanjun Xu, a Chinese Ministry of State Security (MSS) official, is accused of trying to steal trade secrets from multiple American aerospace and aviation companies. For more than four years, beginning in December 2013, Xu targeted leading aviation companies, including GE Aviation, according to DOJ. He paid experts working at these companies to travel to China “under the guise of asking them to deliver a university presentation,” the department said. Xu, who is also known as Zhang Hui or Qu Hui, was arrested in Belgium in April, and extradited to the United States on Tuesday, DOJ said. He will face trial in a federal court in Cincinnati. Analysts and U.S. officials say the Xu case is further evidence that, after an apparent lull following a 2015 U.S.-China agreement […]

The post Chinese spy extradited to U.S. on economic espionage charges appeared first on Cyberscoop.

Continue reading Chinese spy extradited to U.S. on economic espionage charges→

DOJ official: Whether they’re extradited or not, indicting foreign hackers is important

Posted on October 5, 2018 by Sean Lyngaas

Even if foreign government hackers never see the inside of a U.S. courtroom, bringing criminal charges against them is still a key prong in American deterrence policy, a top Department of Justice official said Thursday. “Imagine a world … in which there are no criminal charges” and the private sector is left to levy the allegations themselves, Deputy Assistant Attorney General Adam Hickey said at the CyberNext conference in Washington, D.C. “What message does that send to a foreign hacker or the government he works for?” In a series of cases in which nation-state hackers charged by DOJ remain at large, “all of those charges served a greater purpose” beyond apprehending the alleged perpetrators, Hickey said. The indictments have enabled other U.S. responses such as sanctions as well as joining with allies to call out state-sponsored hacking, he said. Hickey spoke hours after the DOJ announced criminal charges against seven Russian military intelligence officers […]

The post DOJ official: Whether they’re extradited or not, indicting foreign hackers is important appeared first on Cyberscoop.

Continue reading DOJ official: Whether they’re extradited or not, indicting foreign hackers is important→

Justice Department charges 7 Russian intelligence officers

Posted on October 4, 2018 by Sean Lyngaas

The Department of Justice on Thursday announced criminal charges against seven Russian military officers for a wide-ranging hacking operation against sporting and anti-doping agencies in the United States, Canada, and Europe. Russian athletes were barred from representing their country at the 2018 Winter Olympics over alleged doping, and the indictment accuses the members of the GRU, Russia’s intelligence directorate, of using cyber-operations to obtain private health data on athletes at anti-doping agencies and then publicly leaking the data. Russian operatives dumped the private medical information of more than 250 athletes on social and traditional media toward that end, according to John Demers, assistant attorney general for national security. “All of this was done to undermine those organizations’ efforts to ensure the integrity of the Olympic and other games,” Demers said Thursday in announcing the charges. The indictment also accuses GRU hackers of targeting the Netherlands-based Organization for the Prohibition of […]

The post Justice Department charges 7 Russian intelligence officers appeared first on Cyberscoop.

Continue reading Justice Department charges 7 Russian intelligence officers→

White House announces federal cyber strategy, vows to go on offensive

Posted on September 20, 2018 by Sean Lyngaas

The White House announced a new national cybersecurity strategy Thursday in an effort raise federal network defenses and more aggressively deter foreign adversaries from threatening U.S. interests. “We’re going to do a lot of things offensively and I think our adversaries need to know that,” White House national security adviser John Bolton told reporters. Defensive measures are central to the document, but Bolton’s call with reporters emphasized offense. “We will identify, counter, disrupt, degrade, and deter behavior in cyberspace that is destabilizing and contrary to national interests, while preserving the United States’ overmatch in and through cyberspace,” Bolton said. The strategy is a template through which federal agencies can carry out their own cybersecurity mandates, according to Bolton. “I’m satisfied that this allows us the comprehensive look at strategy across the entire government,” he said. “Each agency knows its lane and is pursuing it vigorously. That’s true in the unclassified world; it’s […]

The post White House announces federal cyber strategy, vows to go on offensive appeared first on Cyberscoop.

Continue reading White House announces federal cyber strategy, vows to go on offensive→