U.K. confirms use of offensive cyberweapons against ISIS

U.K. Defense Secretary Sir Michael Fallon said Tuesday that his country is regularly and successfully utilizing offensive cyberweapons within Iraq and other areas under control of the Islamic State. “I can confirm that we are now using offensive cyber routinely in the war against Daesh, not only in Iraq but also in the campaign to liberate Raqqa and other towns on the Euphrates,” Fallon said, using the Arabic phrase for ISIS. “Offensive cyber there is already beginning to have a major effect on degrading Daesh’s capabilities.” The U.K. isn’t the only country to use offensive cyberweapons against the Islamic State, but Fallon’s comments suggest it might be having more success than others. The U.S. has struggled to tailor its arsenal of cyberweaponry to fight ISIS, which notoriously utilizes social media to recruit while remaining overall less technically advanced than its enemies. Social media also creates legal gray areas for U.S. agencies, potentially slowing offensive operations. […]

The post U.K. confirms use of offensive cyberweapons against ISIS appeared first on Cyberscoop.

Continue reading U.K. confirms use of offensive cyberweapons against ISIS

EU countries agree to collectively punish attacker when a member is hacked

The European Union’s 28-nation bloc is in agreement concerning how to punish hackers. On Monday, the European Council announced a joint framework, dubbed the “cyber diplomacy toolbox,” to guide how member countries should uniformly respond to malicious cyber activity, which includes steps to cooperatively impose economic sanctions, travel bans, asset freezes and blanket bans against responsible parties. “The key principle here is proportionality,” an EU official told CyberScoop. “It is EU member states who would decide what measure should be used depending on the case they would face … This work aims to promote enhanced shared situational awareness, information sharing and efficient decision-making, and should see the development of a procedure for the attribution of cyber attacks in the context of the cyber diplomacy toolbox.” Use of the “toolbox” is voluntary in nature and any collective response would require unanimous EU member support. In short, the framework represents an ambitious […]

The post EU countries agree to collectively punish attacker when a member is hacked appeared first on Cyberscoop.

Continue reading EU countries agree to collectively punish attacker when a member is hacked

APT28 targeted Montenegro’s government before it joined NATO, researchers say

As Montenegro preprepared to join NATO amid growing tensions in the region driven by Russia’s incursion into Ukraine, a hacking group linked to Russian intelligence was actively engaged in a cyber-espionage campaign against Montenegrin government officials, according to U.S. cybersecurity firm FireEye. The findings underscore Russia’s ongoing efforts to impact the political process in foreign countries through the use of a hacking group better known as APT28 or Fancy Bear. The Office of the Director of National Intelligence produced an unclassified report in January linking APT28 to the Russian government. Analyst Ben Read told CyberScoop that FireEye had found two different malicious Microsoft Word document attachments between January and February that carried signs of APT28 authorship and were specifically designed to be combined with phishing emails sent to the Montenegro government. The titles of the weaponized documents described a “schedule for a european military transfer program” and the “schedule for […]

The post APT28 targeted Montenegro’s government before it joined NATO, researchers say appeared first on Cyberscoop.

Continue reading APT28 targeted Montenegro’s government before it joined NATO, researchers say

Russia-linked hackers impersonate NATO in attempt to hack Romanian government

An elite hacking group linked to the Russian government masqueraded as a NATO representative to send a barrage of phishing emails to diplomatic organizations in Europe, including Romania’s Foreign Ministry of Affairs, documents show. CyberScoop obtained a copy of one such phishing email that researchers have attributed to the hacking group, which is known as APT28 or Fancy Bear. The email, which carries a booby-trapped attachment that leverages two recently disclosed Microsoft Word vulnerabilities, shows that the government-backed hacking group effectively spoofed a NATO email address to make the message appear authentic. The hq.nato.intl domain is currently used by NATO employees. The file has already been submitted to Virus Total, a publicly maintained library of computer viruses. Typically files don’t appear on the site unless they have been found in the wild. An analyst from cybersecurity firm FireEye confirmed the phishing email pictured above is in fact authentic and related to APT28 activity. […]

The post Russia-linked hackers impersonate NATO in attempt to hack Romanian government appeared first on Cyberscoop.

Continue reading Russia-linked hackers impersonate NATO in attempt to hack Romanian government

May 2, 2017 – Hack Naked News #122

Microsoft VB macro barriers have been penetrated, the website that doesn’t let you change your password, IBM flash drives have malware, and more. Jason Wood of Paladin Security joins us to deliver expert commentary on NATO’s cyberwar games on this episode of Hack Naked News! Full Show Notes Visit http://hacknaked.tv to get all the latest Continue reading May 2, 2017 – Hack Naked News #122

Hacking against France’s Macron previews dangers for other major European elections

Last week’s “massive and coordinated hack” against the campaign of French President-elect Emmanuel Macron was the opening act in a year slated with critical European elections that will help decide the fate of the EU. The incident was, for about 24 hours, a hold-your-breath moment for Macron’s campaign. By Sunday night, the centrist candidate handily won, taking more than 66 percent of the vote over far-right-wing rival Marine Le Pen. Le Pen’s global array of opponents exhaled. But any reprieve for election systems’ cyber-defenders is destined to be brief. The United Kingdom, Germany and France are readying themselves for further elections and similar potential attacks. Experts have noted close similarities between this week’s leaked emails and hacks against American political targets in 2016 that were blamed widely on Russian intelligence agencies. While most experts say it’s too early yet to definitively attribute these latest attacks to any specific group, many expect the coming year to be […]

The post Hacking against France’s Macron previews dangers for other major European elections appeared first on Cyberscoop.

Continue reading Hacking against France’s Macron previews dangers for other major European elections

News in brief: NATO cyberthreat centre launches; Yahoo ‘hacker’ denied bail; Samsung delays AI assistant

Your daily round-up of some of the other stories in the news Continue reading News in brief: NATO cyberthreat centre launches; Yahoo ‘hacker’ denied bail; Samsung delays AI assistant

NATO expert: Russians have it right — it’s information security not cyber

In international discussions about cybersecurity, there’s a long-recognized disconnect on vocabulary: The U.S. and its Western allies conceive of cybersecurity as a technical issue — the protection of software against malicious code. Russian officials talk about information security, and it’s a much broader concept of ensuring the integrity of their political and social structures by controlling the […]

The post NATO expert: Russians have it right — it’s information security not cyber appeared first on Cyberscoop.

Continue reading NATO expert: Russians have it right — it’s information security not cyber