Category Archives: intelligence

Amid ongoing geopolitical tension, researchers find Pakistani hacking operation aimed at India

Posted on by

As well-crafted hacking tools become more ubiquitous, long simmering rivalries between developing nations take on a new dimension: cyber espionage runs rampant. Research released Thursday by Talos Security, Cisco’s internal cybersecurity unit, describes how a long running computer spying campaign against India was likely controlled by operators in Pakistan. Researchers highlighted a stealthy remote access trojan, dubbed “GravityRAT,” that’s been repetitively used to target Indian organizations since at least 2016. During that timeframe, the author of GravityRAT added new features and changed certain capabilities to make it more difficult to detect. This also included making the malware multilingual, so that whenever it was packaged inside a phishing email it had a better chance at tricking people who speak Chinese, Italian, French, German or Spanish. India’s computer emergency response team (CERT) previously published an advisory about GravityRAT, which suggests it targeted multiple Indian entities, according to Talos. The Indian CERT, however, only […]

The post Amid ongoing geopolitical tension, researchers find Pakistani hacking operation aimed at India appeared first on Cyberscoop.

Continue reading Amid ongoing geopolitical tension, researchers find Pakistani hacking operation aimed at India

The NSA now officially has a new chief

Posted on by

Gen. Paul Nakasone, an experienced military leader with a unique background in cyber-operations and intelligence gathering, has been approved to take over the National Security Agency and U.S. Cyber Command. The Senate confirmed Nakasone, who currently leads Army Cyber Command, by voice vote Tuesday morning. The promotion was expected for months and faced little opposition, but like most things in the Senate, it took some time to schedule. President Donald Trump nominated Nakasone for the job on Feb. 13. The previous NSA chief, Adm. Michael Rogers, is expected to officially retire soon after having served for four years at the top of the spy agency. During his tenure, the NSA attempted a massive reorganization effort known as “NSA21,” which combined certain components of the NSA’s defensive and offensive cyber teams for the first time. The current hierarchy, approved by Congress, prescribes that the leader of NSA is also simultaneously the head of U.S. Cyber Command, a still-nascent cyberwarfare […]

The post The NSA now officially has a new chief appeared first on Cyberscoop.

Continue reading The NSA now officially has a new chief

Hamas-linked spyware targeting Palestinians removed from Google Play store

Posted on by

A hacking group which analysts believe is linked to Hamas successfully placed highly targeted surveillanceware in the Google Play Store in order to spy on Palestinian targets, according to new research from the mobile security firm Lookout. The newly identified malware, known as Desert Scorpion, was deployed against over 100 individuals of interest in Palestine. A similar 2017 campaign from the same “highly active” group, dubbed APT-C-23.  The group has been linked to Hamas’s political rivals as well as government employees, security services and university students. Desert Scorpion has been tied to a 2017 campaign, known as Frozen Cell, by reuse of the same social media profiles to promote the malware as well as infrastructure using similar IP blocks. APT-C-23 has been active since at least 2015 when U.S. cybersecurity firms Palo Alto Networks and ThreatConnect identified a campaign by the group targeting the United States, Israel, Palestinian Territories and Egypt. The malware allows its users to steal data from […]

The post Hamas-linked spyware targeting Palestinians removed from Google Play store appeared first on Cyberscoop.

Continue reading Hamas-linked spyware targeting Palestinians removed from Google Play store

Ukrainian accused in cybercrime wave is considering trial in U.S., lawyer says

Posted on by

A lawyer for an alleged player in one of the largest hacking schemes in history says he is talking with the Department of Justice about the possibility of bringing his client to the U.S. to stand trial. Mikhail Rytikov can’t leave his home country of Ukraine because he would risk becoming the latest Eastern European snatched up by Western law enforcement and charged in cybercrimes. The 30-year-old, who lives in Odessa on the coast of the Black Sea, allegedly participated in criminal schemes by running a profitable “bulletproof hosting” business — servers that police supposedly can’t block or access — known as AbdAllah. Ukraine doesn’t extradite its own citizens, so Rytikov is theoretically safe as long as he stays close to home. But he vehemently denies any wrongdoing, and apparently wants to set the record straight. His lawyer in the U.S., Arkady Bukh, told CyberScoop he is negotiating with the Department of Justice about the possibility of standing trial in […]

The post Ukrainian accused in cybercrime wave is considering trial in U.S., lawyer says appeared first on Cyberscoop.

Continue reading Ukrainian accused in cybercrime wave is considering trial in U.S., lawyer says

GCHQ head says U.K. engaged in cyberwarfare against ISIS

Posted on by

The director of GCHQ revealed in a speech on Thursday that Britain’s top signals intelligence agency had conducted a proactive cyber campaign against ISIS, touting the notion of using hacking tools to counter violent extremism. Speaking at the CYBERUK conference in Manchester, England, GCHQ Director Jeremy Fleming said that the agency worked with the U.K. Ministry of Defense to develop and deploy the country’s cyber weapons. “Much of this is too sensitive to talk about, but I can tell you that GCHQ, in partnership with the Ministry of Defense, has conducted a major offensive cyber-campaign against Daesh,” Fleming said, using the terror group’s Arabic acronym. Fleming said the attack was the first time the U.K. “systematically and persistently degraded an adversary’s online efforts as part of a wider military campaign.” “They [ISIS] understand the value of strategic communications, the power of social media, of messaging apps to radicalize and scare,” […]

The post GCHQ head says U.K. engaged in cyberwarfare against ISIS appeared first on Cyberscoop.

Continue reading GCHQ head says U.K. engaged in cyberwarfare against ISIS

DHS says unauthorized Stingrays could be in D.C. area

Posted on by

The Department of Homeland Security has acknowledged the presence of what appear to be unauthorized  mobile surveillance devices in the Washington, D.C. area and elsewhere in the United States that could be exploited by foreign spies to track and intercept phone calls. The devices, often referred to as Stingrays after a popular model made by Harris Corp., imitate a cell tower to capture caller location and other associated data. While they have been used by U.S. law enforcement for years, their use for foreign espionage in the U.S. has been a source of speculation. In a March 26 letter to Sen. Ron Wyden, D-Ore., obtained by CyberScoop and other news outlets, DHS’s National Protection and Programs Directorate said the department has observed “anomalous activity” in or near the nation’s capital that “appears to be consistent” with such surveillance devices, which are also called international mobile subscriber identity (IMSI) catchers. The NPPD has not validated or attributed […]

The post DHS says unauthorized Stingrays could be in D.C. area appeared first on Cyberscoop.

Continue reading DHS says unauthorized Stingrays could be in D.C. area

Has Your Security Intelligence Education Prepared You for the Tests to Come?

Posted on by

The case for breaking down silos and taking an interdisciplinary approach to intelligence In 1983, Dr. Howard Gardner, a well-known psychologist and professor at Harvard, developed his theory of multiple intelligences. Gardner argued that the traditio… Continue reading Has Your Security Intelligence Education Prepared You for the Tests to Come?

U.S. Charges 9 Iranians With Hacking Universities to Steal Research Data

Posted on by

The United States Department of Justice has announced criminal charges and sanctions against 9 Iranians involved in hacking universities, tech companies, and government organisations worldwide to steal scientific research resources and academic papers…. Continue reading U.S. Charges 9 Iranians With Hacking Universities to Steal Research Data

Chinese hacking group resurfaces to spy on U.S. maritime firms

Posted on by

Researchers say they’ve noticed an uptick in Chinese hacking activity aimed at a mix of U.S. maritime, engineering and defense companies, some of which are commonly linked to the South China Sea territory dispute, according to cybersecurity firm FireEye. The findings reveal how one previously idle and nondescript Chinese hacking group is now returning to the fold: a new cyber-espionage operation has been found collecting confidential information which is relevant to the interests of the ruling Communist Party of China (CPC). It comes after news reports surfaced that the Japan Maritime Self-Defense Force was able to easily detect a Chinese nuclear submarine in January while it circled around the disputed islands. That incident resulted in an international controversy. The CPC has been outspoken in recent years about advancing the country’s naval forces as part of a broader push to modernize the military, foreign policy experts say. Dubbed “TEMP.Periscope” by FireEye […]

The post Chinese hacking group resurfaces to spy on U.S. maritime firms appeared first on Cyberscoop.

Continue reading Chinese hacking group resurfaces to spy on U.S. maritime firms