Category Archives: National Security Agency

NSA points to two-year patching window in remarks about Baltimore incident

Posted on by

In the wake of the Baltimore ransomware attack, a senior adviser at the National Security Agency said Thursday there is no “indefensible” nation-state-built tool that is responsible for the spread of ransomware and network administrators have a responsibility to patch their systems, especially when patches have been released for critical flaws. The comments come after The New York Times reported this past week that RobbinHood, the ransomware strain behind the Baltimore ransomware attack, was able to spread on the city IT infrastructure partly due to its use of a leaked NSA tool known as EternalBlue. The Times report, which cites security experts briefed on the matter, states EternalBlue was discovered as incident response teams fixed the issues that had crippled a number of the city’s online services. “The characterization that there is an indefensible nation-state tool propagating ransomware is simply untrue,” Rob Joyce, a senior adviser at the NSA, said Thursday […]

The post NSA points to two-year patching window in remarks about Baltimore incident appeared first on CyberScoop.

Continue reading NSA points to two-year patching window in remarks about Baltimore incident

NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year

Posted on by

The National Security Agency named the identities of Americans and U.S entities swept up in its foreign surveillance program approximately 75 percent more often last year than the year before, according to a new NSA transparency report. In reports to other federal agencies, the NSA provided the identities of 16,721 individuals or entities to agencies upon request last year, whereas in 2017 it unmasked 9,529. The year-over-year uptick comes as part of an effort to identify the victims of cyberattacks stemming from foreign intelligence agencies, said Alex Joel, chief of the Office of the Director of National Intelligence’s civil liberties, privacy, and transparency office, according to The Wall Street Journal. Although Director of National Intelligence Dan Coats has publicly warned Congress about an increase in malicious cyber activity from countries like China and Russia, Joel told CyberScoop it remains unclear if the spike in unmasking is directly related to a jump in foreign espionage. “I […]

The post NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year appeared first on CyberScoop.

Continue reading NSA unmasked more U.S. entities caught in foreign cyber-espionage efforts last year

National Security Council cyber chief: Criminals are closing the gap with nation-state hackers

Posted on by

Cybercriminals are catching up to nation-states’ hacking capabilities, and it’s making attribution more difficult, the National Security Council’s senior director for cybersecurity policy said Thursday. “They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” said Grant Schneider, who also holds the title of federal CISO, at the Security Through Innovation Summit presented by McAfee and produced by CyberScoop and FedScoop. Schneider told CyberScoop that he thinks the implants cybercriminals are using in their cyberattacks have been improving. “The actual sophistication of the tool … is better with criminals than we saw in the past.” Steve Grobman, the chief technology officer for McAfee, told CyberScoop that advanced crooks are behaving more corporately, which means they are able to proliferate higher-quality hacking tools. “One of the things we’re seeing on the business-model side is cybercriminals are starting to use innovative processes like franchises — affiliate groups where a cybercriminal will develop technology [and] make it […]

The post National Security Council cyber chief: Criminals are closing the gap with nation-state hackers appeared first on CyberScoop.

Continue reading National Security Council cyber chief: Criminals are closing the gap with nation-state hackers

Edward Snowden: Without Russian Asylum, ‘I Would Be in Guantanamo or Dead’

Posted on by

In this week’s CYBER podcast, we sat down with Edward Snowden to talk about his life in Russia, Julian Assange, and press freedom. Continue reading Edward Snowden: Without Russian Asylum, ‘I Would Be in Guantanamo or Dead’

Edward Snowden: Assange’s Arrest and the Mueller Report Show a ‘Two-Tiered System of Justice’

Posted on by

In this week’s CYBER podcast, we sat down with Edward Snowden to talk about his life in Russia, Julian Assange, and press freedom. Continue reading Edward Snowden: Assange’s Arrest and the Mueller Report Show a ‘Two-Tiered System of Justice’

Financial Apps are Ripe for Exploit via Reverse Engineering

Posted on by

White hat hacker reverse engineers financial apps and finds a treasure trove of security issues. Continue reading Financial Apps are Ripe for Exploit via Reverse Engineering

Ex-NSA contractor pleads guilty to vast classified data leak, faces 9 years in prison

Posted on by

A former National Security Agency contractor accused of one of the largest breaches of classified data in U.S. history pleaded guilty Thursday to one felony count and faces over six more years in federal prison. Appearing solemn and weary in federal court in Baltimore, Harold T. Martin III, 54, seemed to embrace his fate, telling the judge more than once, “It’s time [to] close Pandora’s Box.” Martin, who worked as an intelligence contractor for multiple firms for over two decades, allegedly stole some 50 terabytes of data that included details of sensitive NSA policies and cyber operations. Prosecutors said he stashed numerous computers and storage devices with classified data on his Maryland property. Under the plea deal, Martin, a former Navy lieutenant, faces nine years in prison and another three years of supervised release. He will be credited for the more than two years he has already served in custody […]

The post Ex-NSA contractor pleads guilty to vast classified data leak, faces 9 years in prison appeared first on CyberScoop.

Continue reading Ex-NSA contractor pleads guilty to vast classified data leak, faces 9 years in prison

No ‘smoking gun’ evidence coming on Huawei, NSA official says

Posted on by

Don’t expect U.S. officials to produce a “smoking gun” of public evidence that the Chinese government might be using telecommunications giant Huawei to further its interests in cyberspace, a senior National Security Agency official told CyberScoop. “Everybody is anxious for that smoking gun,” Rob Joyce, senior cybersecurity adviser at NSA, said in an interview. “It is not the case that you’re going to see people bring out and drop that smoking gun on the table … for all sorts of reasons about the way we understand the threat, the way we deal with the Chinese, the way we have to protect the ability to see and maybe defeat or deny that capability going forward.” U.S. officials have long accused Chinese tech companies Huawei and ZTE of being potential vessels for spying. One reason is that under Chinese law, companies are required to cooperate with national intelligence activities. Huawei and ZTE strenuously […]

The post No ‘smoking gun’ evidence coming on Huawei, NSA official says appeared first on CyberScoop.

Continue reading No ‘smoking gun’ evidence coming on Huawei, NSA official says

NSA might shut down phone snooping program, whatever that means

Posted on by

We’ve heard this tale before. This time, it was mentioned by a congressional aide. Also, the NSA released Ghidra, a free reverse-engineering tool. Continue reading NSA might shut down phone snooping program, whatever that means