DOJ didn’t ask for Russia’s help tracking down Colonial Pipeline hackers, senior official says

The U.S. Justice Department did not ask Russian law enforcement for help in tracking down the perpetrators of the Colonial Pipeline ransomware attack because Moscow’s history of harboring cybercriminals essentially makes it a waste of time, according to a senior department official. “I think we’ve reached the stage, today, where there’s very little point in doing so,” said John Demers, the assistant attorney general for national security. “We have made those requests in the past.” The Russian government is “not just tolerating this,” Demers said at CyberTalks, presented by CyberScoop. “They’re actively getting in the way of U.S. law enforcement efforts to combat this type of hacking,” he added, referring to previous Russian efforts to block U.S. requests to extradite accused hackers from other countries. The remarks were pre-recorded on June 3. The Justice Department did not answer follow-up questions about possible Russian cooperation in the weeks since. The Russian […]

The post DOJ didn’t ask for Russia’s help tracking down Colonial Pipeline hackers, senior official says appeared first on CyberScoop.

Continue reading DOJ didn’t ask for Russia’s help tracking down Colonial Pipeline hackers, senior official says

Veteran Justice official who oversaw cybercrime cases to step down

The Justice Department official who leads the division that prosecutes state-linked and criminal hackers is resigning by the end of June, a department spokesman said Monday. John Demers will step down after more than three years as assistant attorney general for national security, during which time the department brought multiple charges against alleged Russian and Chinese spies for hacking. Mark Lesko, the acting U.S. attorney for the Eastern District of New York, will likely serve as Demers’ temporary replacement, department spokesman Marc Raimondi said. Demers’ departure, which the Associated Press first reported on, has been expected for months. The White House said last month it would nominate Matt Olsen, a security executive at Uber, to replace Demers. The assistant attorney general for national security is one of the most important cybersecurity-related perches in the U.S. government as the incumbent can wield the full force of the Justice Department to pursue […]

The post Veteran Justice official who oversaw cybercrime cases to step down appeared first on CyberScoop.

Continue reading Veteran Justice official who oversaw cybercrime cases to step down

White House taps Matt Olsen, Uber security boss and former NSA lawyer, to lead key DOJ division

The White House has nominated Matt Olsen to run the Justice Department’s National Security Division, a move that would put the Uber security executive and former civil servant at the helm of some of the most sensitive cases in the U.S.  Olsen, who now works as Uber’s chief trust and security officer, previously worked as the director of the National Counterterrorism Center during the Obama administration and served as the general counsel of the National Security Agency. The Biden administration announced his nomination on Wednesday. If confirmed by the Senate, Olsen will take over a key division of the Justice Department focused on counterintelligence, terrorism, foreign interference in U.S. elections and, increasingly, cybersecurity matters. He would replace John Demers, an assistant attorney general who has focused heavily on countering alleged Chinese espionage and theft of intellectual property in the U.S.  The Biden administration tapped Olsen as national security officials reckon […]

The post White House taps Matt Olsen, Uber security boss and former NSA lawyer, to lead key DOJ division appeared first on CyberScoop.

Continue reading White House taps Matt Olsen, Uber security boss and former NSA lawyer, to lead key DOJ division

US spy agencies review software suppliers’ ties to Russia following SolarWinds hack

U.S. intelligence agencies have begun a review of supply chain risks emanating from Russia in light of the far-reaching hacking campaign that exploited software made by SolarWinds and other vendors, a top Justice Department official said Thursday. The review will focus on any supply chain vulnerabilities stemming from Russian companies — or U.S. companies that do business in Russia, according to John Demers, the assistant attorney general for national security. “If there’s back-end software design and coding being done in a country where we know that they’ve used sophisticated cyber means to do intrusions into U.S. companies, then maybe … U.S. companies shouldn’t be doing work with those companies from Russia or other untrusted countries,” Demers said during a Justice Department-hosted cybersecurity conference. Demers said that the FBI and other intelligence agencies will pass any information obtained from the review to the Commerce Department to decide if further action to exclude […]

The post US spy agencies review software suppliers’ ties to Russia following SolarWinds hack appeared first on CyberScoop.

Continue reading US spy agencies review software suppliers’ ties to Russia following SolarWinds hack

China aims its influence operations at incoming Biden administration, top intel official says

China has increased its influence operations targeting incoming Biden administration personnel and their associates since the presidential election, the top U.S. counterintelligence official said Wednesday. “We’re starting to see that now play [out] across the country, to not only the folks who are in the new administration, but those who are around those folks in the new administration,” William Evanina, who heads the National Counterintelligence and Security Center, said at an online event hosted by the Aspen Institute. Evanina did not elaborate on what the Chinese influence activity entailed. But another U.S. intelligence official told CyberScoop it included intelligence collection and efforts to shape U.S. policy. Evanina did say that China had engaged in an “uptick” in influence operations since the Nov. 3 election of Joe Biden that were focused on the president-elect’s advisers. Chinese influence activity in the past has included amplification of state-controlled media outlets and other means of […]

The post China aims its influence operations at incoming Biden administration, top intel official says appeared first on CyberScoop.

Continue reading China aims its influence operations at incoming Biden administration, top intel official says

EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack

The European Union on Thursday sanctioned the head of a Russian military intelligence unit, an alleged hacker wanted by the FBI and a Russian government-linked hacking group over a 2015 cyberattack against Germany’s parliament. It’s only the second time the EU has issued cyber-related sanctions, following July sanctions against Russia, China and North Korea in connection with a string of unrelated cyberattacks. Now, as then, the General Staff Main Intelligence Directorate, commonly known as the GRU, is among the targets of the EU’s ire. Igor Kostyukov, head of the GRU, was hit with sanctions in Thursday’s action over the Bundestag hack. So, too, was alleged intelligence officer Dmitry Badin, previously indicted in the U.S. for his role in 2016 election interference. The EU also sanctioned the GRU-connected hacking group known as Fancy Bear, among other names, which the U.S. has likewise connected to 2016 election meddling. “The cyber-attack against the German federal parliament targeted the parliament’s information […]

The post EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack appeared first on CyberScoop.

Continue reading EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack

Justice Department official accuses China of acting as ‘safe haven’ for cybercriminals

China is increasingly tolerant of criminal hackers on its soil if they are willing to hack on behalf of the Chinese government, a senior U.S. Justice Department official has alleged. Recent U.S. indictments of accused Chinese hackers indicate that the country “has become a safe haven for cybercriminals as long as they’re also doing work on behalf of the state,” John Demers, the assistant attorney general for national security, alleged in an interview for CyberTalks, the annual summit produced by Scoop News Group. “That’s very worrisome…because now you’ve got a country that’s giving free rein to criminal hackers.” It’s an accusation that U.S. government officials and security researchers have frequently leveled against Russia, as well. The blend, though, of criminal and state-sponsored activity in China will make it even more difficult for U.S. companies to defend themselves, Demers said. A spokesperson for the Chinese Embassy in Washington, D.C., called the allegations “groundless,” adding: “China is a […]

The post Justice Department official accuses China of acting as ‘safe haven’ for cybercriminals appeared first on CyberScoop.

Continue reading Justice Department official accuses China of acting as ‘safe haven’ for cybercriminals

Takedown of 92 Iran-owned domains includes 4 used for disinformation in US, feds say

The U.S. government says it seized 92 internet domains used “to spread pro-Iranian disinformation around the globe,” including four that directly targeted U.S. audiences. Iran’s Islamic Revolutionary Guard Corps operated the domains in violation of U.S. sanctions, according to a Justice Department announcement Wednesday. The department said the operation was based on intelligence provide by Google, and was a collaborative effort between the FBI and Google, Facebook and Twitter. The other 88 domains “targeted audiences in Western Europe, the Middle East, and South East Asia and masqueraded as genuine news outlets,” the department said. The feds claimed jurisdiction over all 92 domains because the government of Iran and the IRGC ran them through “website and domain services in the United States without a license from OFAC,” the Treasury’s Office of Foreign Assets Control. The announcement is the latest in a steady stream of news about attempts by U.S. agencies or Silicon Valley giants to monitor […]

The post Takedown of 92 Iran-owned domains includes 4 used for disinformation in US, feds say appeared first on CyberScoop.

Continue reading Takedown of 92 Iran-owned domains includes 4 used for disinformation in US, feds say

TikTok users ‘voluntarily’ giving their data to China, Justice official says

U.S. officials have repeatedly expressed concern that China could use the 2014 and 2015 hacks of the Office of Personnel Management and health care insurer Anthem to build data profiles on Americans for intelligence recruitment (allegations Beijing denies). But TikTok, the popular video-sharing application, is a different type of data collection opportunity for China because Americans are willingly handing the information over, a senior Department of Justice official alleged Wednesday. “[Y]ou have an instance of Americans voluntarily signing onto this product as opposed to the Chinese stealing the data or the Chinese buying the data,” said John Demers, the assistant attorney general for national security. “And that’s what the recent executive order was meant to address,” Demers said, referring to the Aug. 6 directive from President Donald Trump that will ban transactions with ByteDance, TikTok’s Chinese parent company, and Tencent, another Chinese tech firm, starting Sept. 20. TikTok, which is […]

The post TikTok users ‘voluntarily’ giving their data to China, Justice official says appeared first on CyberScoop.

Continue reading TikTok users ‘voluntarily’ giving their data to China, Justice official says

US accuses two Chinese hackers of targeting coronavirus vaccine research

Two men conspired with Chinese intelligence agencies to steal data from a range of U.S. targets in the medical and defense sectors, including an effort to beach firms working on a potential vaccine for the coronavirus, U.S. Department of Justice officials said Tuesday. The suspects, Li Xiaoyu and Dong Jiazhi, stole terabytes of information from computers around the world while based in China, according to an indictment unsealed Tuesday. The espionage campaign predates the COVID-19 pandemic, officials said. For more than a decade, the pair allegedly targeted health care firms, pharmaceutical companies, U.S. universities, maritime engineering firms, biotechnology innovation centers and a range of other targets. The suspects worked with the Chinese Ministry of State Security, said Assistant Attorney General John Demers, though they also hacked for personal profit. Attackers also targeted Chinese dissidents and human rights activists in the U.S., according to the indictment. The scheme began no later than September 2009 and continued […]

The post US accuses two Chinese hackers of targeting coronavirus vaccine research appeared first on CyberScoop.

Continue reading US accuses two Chinese hackers of targeting coronavirus vaccine research