offensive cybersecurity – Page 3

U.S. cyber-offensive against ISIS continues, and eyes are now on Afghanistan, general says

Posted on September 17, 2019 by Shannon Vavra

As loyalties among Afghanistan’s Islamic extremists continue to shift, the U.S. military may be poised to rely more heavily on offensive cyber capabilities to target one group in particular — the dispersed but still active membership of ISIS, according to one military cyber commander. Joint Task Force ARES, the outfit charged with running joint and coalition cyber-operations against ISIS, is working to uncover information about how the terrorist group continues to operate in Afghanistan, the deputy commander said Monday. “JTF-ARES is in or around where ISIS is operating,” Brig. Gen. Len Anderson said during a question and answer at an Atlantic Council event Monday. “We are trying to illuminate the network, trying to figure out how they’re communicating, what they’re using, where the money might be flowing, is there money.” Although the Islamic State’s physical caliphate has been crushed in Iraq and Syria, reporting from the Defense Intelligence Agency this year says the group still has a […]

The post U.S. cyber-offensive against ISIS continues, and eyes are now on Afghanistan, general says appeared first on CyberScoop.

Continue reading U.S. cyber-offensive against ISIS continues, and eyes are now on Afghanistan, general says→

NATO cyber-operations center will be leaning on its members for offensive hacks

Posted on August 30, 2019 by Shannon Vavra

The North Atlantic Treaty Organization’s cyber-operations command center in Belgium still has a ways to go before its offensive playbook is set in stone, a NATO cyber official involved in the matter told CyberScoop. The Cyberspace Operations Centre was established almost exactly one year ago, in Mons, Belgium to help member nations’ obtain real-time intelligence on and respond to cyberthreats from criminal or nation-state backed hackers. The alliance is still working on pooling member nations’ offensive cyber capabilities for those responses, Deputy Director of the Cyberspace Operations Centre Group Captain Neal Dewar told CyberScoop in an interview. The cyber operations center was created in part to fulfill the alliance’s 2016 decision that under NATO’s Article V, a cyberattack on one member nation may result in a group of members coming to its defense, just as if a physical attack had occurred. But because the alliance does not have its own […]

The post NATO cyber-operations center will be leaning on its members for offensive hacks appeared first on CyberScoop.

Continue reading NATO cyber-operations center will be leaning on its members for offensive hacks→

The NSA is experimenting with machine learning concepts its workforce will trust

Posted on June 21, 2019 by Shannon Vavra

As the U.S. National Security Agency incorporates machine learning and artificial intelligence into its defensive cyber operations, officials are weighing whether cyber operators will have confidence in the algorithms underpinning those emerging technologies. NSA operators want to say, “is my AI or ML system explainable?” Neal Ziring, NSA’s Technical Director for Capabilities, told CyberScoop Thursday. “Contexts where the AI is recommending an action is where that will be most important.” The intelligence agency still is exploring how machine learning, an automated method of data analysis, might be used to detect threats and protect new Internet of Things technology. Given the amount of information that agency employees need to sort through, machine learning could help prioritize tasks and decrease the amount of time employees spend on triage. The NSA aims to use machine learning and artificial intelligence, in which computers make their own decisions, to more efficiently stop threats, and eventually leverage those tools in offensive operations. But, if NSA workers don’t trust the […]

The post The NSA is experimenting with machine learning concepts its workforce will trust appeared first on CyberScoop.

Continue reading The NSA is experimenting with machine learning concepts its workforce will trust→

Cyber Command has redeployed overseas in effort to protect 2020 elections

Posted on May 7, 2019 by Shannon Vavra

U.S. Cyber Command is still working overseas with allies to try preventing election interference, Brig. Gen. Timothy Haugh, the commander of Cyber Command’s cyber national mission force said Tuesday. As part of the military’s operation to defend the U.S. midterm elections in 2018, an operation known internally in the Department of Defense as “Synthetic Theology,” Cyber Command deployed cyber warriors to Ukraine, North Macedonia, and Montenegro to help defend those countries’ networks, and to collect intelligence on adversaries. Cyber Command has since “redeployed” out of “some of those” countries, Haugh said during a reporters’ roundtable at the Integrated Cyber Center and Joint Operations Center in Fort Meade, Maryland. Haugh did not specify in which countries Cyber Command has ongoing operations right now in preparation for 2020, but said these kinds of partnership will continue to grow. “When we look to do partnerships overseas … we want to do that anywhere where […]

The post Cyber Command has redeployed overseas in effort to protect 2020 elections appeared first on CyberScoop.

Continue reading Cyber Command has redeployed overseas in effort to protect 2020 elections→

Bolton confirms offensive cyber-operations conducted to protect midterms

Posted on November 1, 2018 by Greg Otto

Days before the midterm elections, the United States is undertaking offensive cyber-operations to protect against foreign interference, White House national security adviser John Bolton said Wednesday. “We are right now undertaking offensive cyber-operations in connection with defending the integrity of our electoral process,” Bolton said at an event hosted by the Alexander Hamilton Society. Bolton said it was “too soon to tell,” whether the offensive was affecting adversary behavior, but added that he expects attackers to realize a distinct uptick from how the previous administration conducted cyber-operations. The operations were first made public and described by a New York Times story last month. According to the story, U.S. Cyber Command operators have sent direct messages to those who are conducting influence campaigns aimed at sowing discord in American society for the midterm elections. The Department of Justice last month charged a Russian national for her alleged role in a Russian conspiracy […]

The post Bolton confirms offensive cyber-operations conducted to protect midterms appeared first on Cyberscoop.

Continue reading Bolton confirms offensive cyber-operations conducted to protect midterms→

NSO Group employee allegedly stole source code worth ‘hundreds of millions of dollars’

Posted on July 5, 2018 by Patrick Howell O'Neill

A former senior programmer at one of the world’s most powerful hacking companies was charged with stealing spyware and trying to secretly sell it for $50 million on the dark net. Headquartered in Tel Aviv, NSO Group is an Israeli cyber surveillance company famous for developing expensive malware that the world’s governments buy to use against high-value targets. The Israeli Justice Ministry said that a 38-year-old former employee downloaded the proprietary malware and attempted to sell it for cryptocurrency after he was fired on April 29, Israeli media reported. The identity of the alleged hacker has not been released publicly. The Justice Ministry imposed a gag order citing a threat to national security. According to Israeli authorities, the former employee conducted internet searches about how to circumvent McAfee Data Loss Protection software that is used by NSO Group as a security measure for its intellectual property. The employee allegedly then moved […]

The post NSO Group employee allegedly stole source code worth ‘hundreds of millions of dollars’ appeared first on Cyberscoop.

Continue reading NSO Group employee allegedly stole source code worth ‘hundreds of millions of dollars’→

NDAA pushes U.S. Cyber Command to be more aggressive

Posted on June 7, 2018 by Ryan Duffy

By the Senate Armed Service Committee’s estimation, the United States has held back in cyberspace. The committee is angling to change that with the latest National Defense Authorization Act, proposing to free up the military on the front lines of cyber conflict, create a new strategic cyber entity and respond to Russian aggressions in-kind. The bill’s authors wrote that lawmakers have long-standing concerns about the lack of an effective U.S. strategy to deter and counter cyber threats. To counter foreign state actors bent on stealing, striking, spying or disrupting in cyberspace, the bill suggests boosting resilience, increasing attribution capabilities, emphasizing defense and enhancing the country’s ability to respond to attacks. “We’re letting episodes define strategy. It should be the other way around, where we clearly articulate our cyber deterrence strategy and rules of engagement,” said Frank Cilluffo, director of George Washington University’s Center for Cyber and Homeland Security. By offering […]

The post NDAA pushes U.S. Cyber Command to be more aggressive appeared first on Cyberscoop.

Continue reading NDAA pushes U.S. Cyber Command to be more aggressive→

Cyxtera Technologies to acquire offensive cyber firm Immunity

Posted on January 8, 2018 by Chris Bing

Internet infrastructure company Cyxtera Technologies has acquired Miami-based Immunity Inc., a penetration testing technology development and vulnerability research firm founded by former NSA analyst Dave Aitel. Cyxtera Technologies decided to acquire the startup in order to expand its product portfolio, which will now include various offensive-oriented tools to test defensive systems. The new offerings will be packaged into a “threat analytics solution” to be sold by Cyxtera Technologies later this year, based on a press release distributed by the company. Terms for the acquisition were not disclosed. It is expected to close by the end of the first fiscal quarter. “In the security industry, it’s rare that you can blend together offense and defense-oriented capabilities,” Christopher Day, chief cybersecurity officer of Cyxtera, said in a release. “The advantages of combining Immunity’s products and services with Cyxtera’s portfolio creates an opportunity to approach cybersecurity in a truly holistic manner.” Cyxtera Technologies […]

The post Cyxtera Technologies to acquire offensive cyber firm Immunity appeared first on Cyberscoop.

Continue reading Cyxtera Technologies to acquire offensive cyber firm Immunity→

Shadow Brokers grow increasingly aggressive, threaten to dox former U.S. spy

Posted on June 29, 2017 by Chris Bing

Just 24 hours after a malicious worm infected thousands of computers across Europe, the now infamous Shadow Brokers group published a message celebrating the chaos, advertised a vague new “VIP service” and threatened an unnamed former NSA official for “writing ugly tweets.” In a post on social media publishing site Steemit, the group also hinted at being in possession of FBI hacking tools. Until Wednesday, it was largely believed that only NSA-linked exploits had been published by the group. The Shadow Brokers described a former NSA official “as a doctor living in Hawaii that owns a security company.” The group threatened to publish this person’s personal information — a practice known as “doxxing” — including their operational history at NSA. The person’s record included missions targeting Chinese nationals, the Shadow Brokers said. “TheShadowBrokers is thinking ‘doctor’ person is former EquationGroup developer who built many tools and hacked organization in China,” the blog […]

The post Shadow Brokers grow increasingly aggressive, threaten to dox former U.S. spy appeared first on Cyberscoop.

Continue reading Shadow Brokers grow increasingly aggressive, threaten to dox former U.S. spy→