National Security Agency – Page 3

Criminal campaign uses leaked NSA tools to set up cryptomining scheme, Trend Micro says

Posted on June 13, 2019 by Sean Lyngaas

Since March, criminals have been using hacking tools that were reportedly stolen from the National Security Agency in targeting companies around the world as part of a cryptomining campaign, researchers with cybersecurity company Trend Micro said Thursday. The broad-brush campaign has hit organizations in the banking, manufacturing and education sectors, among others, Trend Micro says. The criminals are essentially hijacking corporate computing power to harvest the cryptocurrency Monero. It’s hardly a new concept, but in this case it’s a reminder that tools deployed by state-sponsored hackers can also be used by relatively unskilled crooks more interested in making money than in spying. “Entry-level cybercriminals are gaining easy access to what we can consider ‘military-grade’ tools — and are using them for seemingly ordinary cybercrime activity,” Trend Micro researchers wrote in a blog post. The attacks are exploiting old versions of Microsoft Windows using a variant of a backdoor based on the EternalBlue exploit, Trend Micro said. EternalBlue is code reportedly […]

The post Criminal campaign uses leaked NSA tools to set up cryptomining scheme, Trend Micro says appeared first on CyberScoop.

Continue reading Criminal campaign uses leaked NSA tools to set up cryptomining scheme, Trend Micro says→

Congress to take another stab at hack back legislation

Posted on June 13, 2019 by Shannon Vavra

The concept of “hacking back” — which has often been referred to as “the worst idea in cybersecurity” — has resurfaced again in Washington. Rep. Tom Graves, R-Ga., is reintroducing a bill Thursday that would allow companies to go outside of their own networks to identify their attackers and possibly disrupt their activities. While Graves has made previous attempts to legalize the practice, “hacking back” would currently be a violation of the Computer Fraud and Abuse Act. The CFAA, enacted in 1986, makes it illegal to access computers without authorization. Graves told CyberScoop the bill is necessary in part because companies are left without recourse when they are attacked. “Where do they turn — can they call 911? What do they do?” Graves said. “They have nowhere to turn.” The incentive to pass this bill, Graves says, also stems in part from the fact that there are no guidelines right now for companies that […]

The post Congress to take another stab at hack back legislation appeared first on CyberScoop.

Continue reading Congress to take another stab at hack back legislation→

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Posted on June 4, 2019 by BrianKrebs

For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it. Continue reading Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware→

Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack

Posted on May 31, 2019 by Shannon Vavra

Senior National Security Agency officials have no evidence a tool developed by the NSA “played a role” in the ransomware attack on Baltimore, Rep. Dutch Ruppersperger said Friday following a briefing at the agency’s headquarters. Ruppersberger, D-Md., and other officials requested briefings with the agency following a report from The New York Times that the exploit, known as EternalBlue, was used to help spread the RobbinHood ransomware variant across the city’s IT infrastructure. “I have been told that there is no evidence at this time that EternalBlue played a role in the ransomware attack currently affecting Baltimore City,” Ruppersberger said in a statement. “I’m told it was not used to gain access nor to propagate further activity within the network.” A followup briefing with other members of Maryland’s congressional delegation is expected to be held Monday. “It is important that discussions regarding the use of government cyber tools, and subsequent […]

The post Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack appeared first on CyberScoop.

Continue reading Ruppersberger: NSA has no evidence EternalBlue was in Baltimore attack→

NSA points to two-year patching window in remarks about Baltimore incident

Posted on May 30, 2019 by Shannon Vavra

In the wake of the Baltimore ransomware attack, a senior adviser at the National Security Agency said Thursday there is no “indefensible” nation-state-built tool that is responsible for the spread of ransomware and network administrators have a responsibility to patch their systems, especially when patches have been released for critical flaws. The comments come after The New York Times reported this past week that RobbinHood, the ransomware strain behind the Baltimore ransomware attack, was able to spread on the city IT infrastructure partly due to its use of a leaked NSA tool known as EternalBlue. The Times report, which cites security experts briefed on the matter, states EternalBlue was discovered as incident response teams fixed the issues that had crippled a number of the city’s online services. “The characterization that there is an indefensible nation-state tool propagating ransomware is simply untrue,” Rob Joyce, a senior adviser at the NSA, said Thursday […]

The post NSA points to two-year patching window in remarks about Baltimore incident appeared first on CyberScoop.

Continue reading NSA points to two-year patching window in remarks about Baltimore incident→

NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year

Posted on May 1, 2019 by Shannon Vavra

The National Security Agency named the identities of Americans and U.S entities swept up in its foreign surveillance program approximately 75 percent more often last year than the year before, according to a new NSA transparency report. In reports to other federal agencies, the NSA provided the identities of 16,721 individuals or entities to agencies upon request last year, whereas in 2017 it unmasked 9,529. The year-over-year uptick comes as part of an effort to identify the victims of cyberattacks stemming from foreign intelligence agencies, said Alex Joel, chief of the Office of the Director of National Intelligence’s civil liberties, privacy, and transparency office, according to The Wall Street Journal. Although Director of National Intelligence Dan Coats has publicly warned Congress about an increase in malicious cyber activity from countries like China and Russia, Joel told CyberScoop it remains unclear if the spike in unmasking is directly related to a jump in foreign espionage. “I […]

The post NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year appeared first on CyberScoop.

Continue reading NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year→

NSA asks to end mass phone surveillance

Posted on April 26, 2019 by Danny Bradbury

The NSA has asked the White House to end its mass phone surveillance program because the work involved outweighs its intelligence value. Continue reading NSA asks to end mass phone surveillance→

National Security Council cyber chief: Criminals are closing the gap with nation-state hackers

Posted on April 25, 2019 by Shannon Vavra

Cybercriminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, the National Security Council’s senior director for cybersecurity policy said Thursday. “They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, who also holds the title of federal CISO, at the Security Through Innovation Summit presented by McAfee and produced by CyberScoop and FedScoop. Schneider told CyberScoop that he thinks the implants cybercriminals are using in their cyberattacks have been improving. “The actual sophistication of the tool … is better with criminals than we saw in the past.” Steve Grobman, the chief technology officer for McAfee, told CyberScoop that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools. “One of the things we’re seeing on the business-model side is cybercriminals are starting to use innovative processes like franchises — affiliate groups where a cybercriminal will develop technology [and] make it […]

The post National Security Council cyber chief: Criminals are closing the gap with nation-state hackers appeared first on CyberScoop.

Continue reading National Security Council cyber chief: Criminals are closing the gap with nation-state hackers→

Edward Snowden: Without Russian Asylum, ‘I Would Be in Guantanamo or Dead’

Posted on April 23, 2019 by Lorenzo Franceschi-Bicchierai

In this week’s CYBER podcast, we sat down with Edward Snowden to talk about his life in Russia, Julian Assange, and press freedom. Continue reading Edward Snowden: Without Russian Asylum, ‘I Would Be in Guantanamo or Dead’→

Edward Snowden: Assange’s Arrest and the Mueller Report Show a ‘Two-Tiered System of Justice’

Posted on April 22, 2019 by Lorenzo Franceschi-Bicchierai

In this week’s CYBER podcast, we sat down with Edward Snowden to talk about his life in Russia, Julian Assange, and press freedom. Continue reading Edward Snowden: Assange’s Arrest and the Mueller Report Show a ‘Two-Tiered System of Justice’→