offensive cybersecurity – Page 2

Chinese cyber power is neck-and-neck with U.S., Harvard research finds

Posted on September 8, 2020 by Shannon Vavra

As conventional wisdom goes, experts tend to rank the U.S ahead of China, U.K., Iran, North Korea, Russia, in terms of how strong it is when it comes to cyberspace. But a new study from Harvard University’s Belfer Center shows that China has closed the gap on the U.S. in three key categories: surveillance, cyber defense, and its efforts to build up its commercial cyber sector. “A lot of people, Americans in particular, will think that the U.S., the U.K., France, Israel are more advanced than China when it comes to cyber power,” Eric Rosenbach, the Co-Director of Harvard’s Belfer Center, told CyberScoop. “Our study shows it’s just not the case and that China is very sophisticated and almost at a peer level with the U.S.” Overall, China’s cyber power is only second to the U.S., according to the research, which was shared exclusively with CyberScoop. But the study also found […]

The post Chinese cyber power is neck-and-neck with U.S., Harvard research finds appeared first on CyberScoop.

Continue reading Chinese cyber power is neck-and-neck with U.S., Harvard research finds→

Bolton: Russia, China ‘undoubtedly’ interfering in 2020 U.S. elections

Posted on August 19, 2020 by Shannon Vavra

Russia and China are “undoubtedly” working to interfere in the 2020 presidential election in the U.S., Trump’s former national security adviser John Bolton said Tuesday. The comment, which Bolton shared in response to a question from CyberScoop about offensive cyber-operations, came days after the Office of the Director of National Intelligence shared publicly that a whole host of foreign governments, including Russia, China, and Iran, are trying to exert influence over the U.S. presidential election this year. Russia is working to “primarily denigrate former Vice President [Joe] Biden,” while China “prefers” that Trump “does not win reelection,” the U.S. intelligence shows, according to the ODNI. Iran has set its focus on spreading disinformation on social media and seeks to “undermine U.S. democratic institutions, President Trump, and to divide the country,” according to the ODNI. The U.S., however, can and should hit back in cyberspace in an effort to try to […]

The post Bolton: Russia, China ‘undoubtedly’ interfering in 2020 U.S. elections appeared first on CyberScoop.

Continue reading Bolton: Russia, China ‘undoubtedly’ interfering in 2020 U.S. elections→

Here’s what John Bolton had to say about cybersecurity policy in his new book

Posted on June 22, 2020 by Shannon Vavra

In his new book, former national security adviser John Bolton says that squabbling amongst Trump administration officials hobbled the White House’s efforts to issue new policies that shaped the U.S. government’s offensive and defense cyber-operations. The book, “The Room Where It Happened: A White House Memoir,” which CyberScoop obtained, provides an insider’s view of the U.S. government’s largely secretive approach to revamping cyber policy in the last two years. Aside from cyber-operations, Bolton paints President Donald Trump as preoccupied and angered by cybersecurity-related issues, as well as all too willing to use hacking to prop up his political goals in negotiations with China and Ukraine. “We needed to do two things: first, we needed a Trump Administration cyber strategy, and second, we needed to scrap the Obama-era [offensive cyber-operations] rules and replace them with a more agile, expeditious decision-making structure,” Bolton writes of his time negotiating new policies with national security and intelligence officials in 2018. […]

The post Here’s what John Bolton had to say about cybersecurity policy in his new book appeared first on CyberScoop.

Continue reading Here’s what John Bolton had to say about cybersecurity policy in his new book→

Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers

Posted on April 21, 2020 by Shannon Vavra

A bipartisan group of senators sent a letter to both the Department of Defense and Department of Homeland Security on Monday urging them to take more action to defend the U.S. healthcare sector against hackers that have been exploiting the coronavirus pandemic. The senators warned that if Gen. Paul Nakasone, the commander of U.S. Cyber Command, and Christopher Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA), don’t take more action to deter hackers, they will continue to pummel the U.S. healthcare sector will continue to get pummeled with coronavirus hacking campaigns. “Unless we take forceful action to deny our adversaries success and deter them from further exploiting this crisis, we will be inviting further aggression from them and others,” Sens. Richard Blumenthal, D-Conn.; Tom Cotton, R-Ark.; Mark Warner, D-Va.; David Perdue, R-Ga.; and Edward Markey, D-Mass. write. “The cybersecurity threat to our stretched and stressed medical and public health systems should […]

The post Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers appeared first on CyberScoop.

Continue reading Senators want Cyber Command and CISA to do more to deter coronavirus-focused hackers→

In search of a B.S. filter for software bugs

Posted on April 15, 2020 by Sean Lyngaas

An organization can’t — and shouldn’t — care about each of the thousands of software vulnerabilities that are made public each year. A bug in a public-facing web browser probably won’t matter a lick for the control systems at an energy plant; an accounting firm can ignore a vulnerability in industrial computers it doesn’t use. Yet for some organizations, it’s an ongoing struggle to understand how a software bug might impact their business. On Wednesday, cybersecurity company Rapid7 took a stab at the issue by going public with a project that uses crowd-sourced feedback to rate vulnerabilities. The company invited security professionals of all stripes to use a web platform, known as Attacker Knowledge Base (KB), to assess the impact of a vulnerability to an organization, starting with a simple question: What could a malicious hacker do with the bug? The answers rate how easy it would be for a hacker to weaponize a vulnerability or what level of […]

The post In search of a B.S. filter for software bugs appeared first on CyberScoop.

Continue reading In search of a B.S. filter for software bugs→

Australian government says it is hacking criminals who are exploiting the pandemic

Posted on April 7, 2020 by Sean Lyngaas

As governments around the world consider their options for cracking down on scammers exploiting the coronavirus pandemic, Australia is touting a muscular approach in cyberspace. The Australian Signals Directorate (ASD) “has mobilized its offensive cyber capabilities to disrupt foreign cyber criminals responsible for a spate of malicious activities during COVID-19,” the Australian defense ministry said in a statement Tuesday. The ASD, the country’s lead agency for hacking operations, has “already successfully disrupted activities from foreign criminals by disabling their infrastructure and blocking their access to stolen information,” Australian Minister of Defense Linda Reynolds said. “Some of these cybercriminals have even posed as health officials in an attempt to exploit vulnerable Australians, by infecting their computers with malware and stealing their private information.” COVID-19-related scams and phishing attempts targeting people around the world have surged in recent weeks as criminals and spies prey on people’s health fears. In Australia, a consumer […]

The post Australian government says it is hacking criminals who are exploiting the pandemic appeared first on CyberScoop.

Continue reading Australian government says it is hacking criminals who are exploiting the pandemic→

Trump administration wants private sector to do more to counter foreign intelligence efforts

Posted on February 10, 2020 by Shannon Vavra

The Trump administration’s counterintelligence strategy, released Monday, aims for stronger collaboration between the intelligence community and the private sector on detecting and stopping foreign intelligence threats to U.S. entities. The plan, which President Donald Trump approved in early January, emphasizes a longstanding government argument that the private sector must do more to prevent foreign espionage. As state-sponsored hackers target more U.S. companies, corporate America should prioritize preparations to stifle similar attacks in the future, the director of the National Counterintelligence and Security Center, Bill Evanina, told reporters at a briefing Monday. “A hostile nation state attack on a private U.S. company … is a counterintelligence attack on our nation,” he said. The NCSC is part of the Office of the Director of National Intelligence. Earlier on Monday the Department of Justice announced charges against four members of the Chinese People’s Liberation Army for allegedly hacking into Equifax to steal information about roughly 147 million Americans. Prosecutors also alleged […]

The post Trump administration wants private sector to do more to counter foreign intelligence efforts appeared first on CyberScoop.

Continue reading Trump administration wants private sector to do more to counter foreign intelligence efforts→

How the Marine Corps thinks about beating adversaries in cyberspace

Posted on December 3, 2019 by Shannon Vavra

There are a whole host of products on the market purporting to be the best way to run defense against nation-state adversaries’ email spearphishing attempts — but there’s one part of defending against spearphishing in particular the U.S. Marine Corps Forces Cyberspace Command’s Chief Technology Officer endorses: context. For Renata Spinks, the goal is not to just make sure employees understand they should avoid clicking on what appear to be malicious links, but to make sure they understand the bigger picture of what they’re protecting, she said Tuesday. “Instead of just [test] phishing attempts, teach your employees why phishing attempts are so important and make it relatable,” Spinks said at the Fortinet Security Summit, produced by FedScoop and StateScoop. “Data is your most critical commodity, but people [are] the best asset you can have.” Spearphishing emails often seek to pilfer off passwords and credentials from victims who click on links or attachments that purport […]

The post How the Marine Corps thinks about beating adversaries in cyberspace appeared first on CyberScoop.

Continue reading How the Marine Corps thinks about beating adversaries in cyberspace→

Pentagon’s next cyber policy guru predicts more collective responses in cyberspace

Posted on November 21, 2019 by Shannon Vavra

State-sponsored cyberattacks against just one victim nation at a time could soon provoke a global response, if a growing number of officials around the world have their way. As the Pentagon has experimented with new authorities allowing U.S. Cyber Command to be more offensive in cyberspace, key officials have suggested there is a groundswell of support for multi-nation countermeasures in the digital age. Thomas Wingfield, the incoming deputy assistant secretary of Defense for cyber policy, told CyberScoop that alliances could be a more successful way to deter hackers and strike back when they infiltrate sensitive networks. “I think that’s a more effective way to solve the problem, and I think that is the general [direction] of international law,” said Wingfield, who is still employed at National Defense University. “But I would also say we’re not there yet and states are in the process of moving international law in that direction.” For months now, the U.S. […]

The post Pentagon’s next cyber policy guru predicts more collective responses in cyberspace appeared first on CyberScoop.

Continue reading Pentagon’s next cyber policy guru predicts more collective responses in cyberspace→

Sen. Warner says hacking, disinformation are the future of war, and urges the U.S. to keep up

Posted on September 18, 2019 by Shannon Vavra

Cyberwarfare and information operations now are the primary ways in which countries assert themselves on the world stage, Sen. Mark Warner said in a speech Tuesday, pointing to a new geopolitical reality in which traditional military strength may be less urgent. The Virginia Democrat portrayed hacking, social media manipulation, and other digital techniques as affordable options for smaller countries that don’t have the financial resources to invest in modern military hardware like tanks and fighter jets. U.S. leaders need to more urgently recognize this transition, he said, and prioritize processes and technology that stifle future attempts from adversaries to interfere in U.S. elections and markets. Warner, vice chairman of the Senate Intelligence Committee, for years has urged Congress to authorize more funding for cybersecurity. “I worry at times we may be spending too much time [and] resources on 20th century stuff when increasingly conflict in the 21st century will be cyber, will be misinformation, disinformation,” Warner […]

The post Sen. Warner says hacking, disinformation are the future of war, and urges the U.S. to keep up appeared first on CyberScoop.

Continue reading Sen. Warner says hacking, disinformation are the future of war, and urges the U.S. to keep up→