State Department – Page 7 – WindowsTechs.com

In rare move, State Department calls out Russia for attacks on Georgia last year

Posted on February 20, 2020 by Shannon Vavra

In a rare public announcement, the State Department is formally blaming Russian intelligence for a cyber incident that disrupted thousands of websites in Georgia last year. The incident, carried out by the Russian General Staff Main Intelligence Directorate (GRU) last October, according to Secretary of State Mike Pompeo, disrupted and defaced thousands of Georgian government websites and the broadcast of two television stations. “This action contradicts Russia’s attempts to claim it is a responsible actor in cyberspace and demonstrates a continuing pattern of reckless Russian GRU cyber operations against a number of countries,” Pompeo said in a statement Thursday. “These operations aim to sow division, create insecurity, and undermine democratic institutions.” Thursday’s announcement was the first time the U.S. government connected the GRU to the hacking group known as Sandworm. The U.S. government has previously said Sandworm was responsible for the NotPetya worm and Olympic Destroyer attacks. The rare reprimand […]

The post In rare move, State Department calls out Russia for attacks on Georgia last year appeared first on CyberScoop.

Continue reading In rare move, State Department calls out Russia for attacks on Georgia last year→

Sen. Menendez questions Twitter about former employees spying for Saudi Arabia

Posted on November 15, 2019 by Shannon Vavra

Sen. Bob Menendez has a lot of questions for Twitter and the Trump Administration after the Justice Department charged two former Twitter employees with spying on behalf of Saudi Arabia. Menendez, a New Jersey Democrat who serves as ranking member of the Senate Foreign Relations Committee, has written two letters, one to State Department officials and another to Twitter CEO Jack Dorsey, asking for details on how Saudi Arabia was able to exploit an American company’s internal systems for its own goals. He also wants to know what Twitter, and the Trump Administration, are doing about it. “As we know from the brutal murder of Jamal Khashoggi, Saudi officials carefully surveil social media for any critical voices,” Menendez wrote, referring to The Washington Post columnist who was an espionage target before he was murdered in the Saudi consulate in Istanbul last year. “However, these public charges reveal the extent to which Saudi Arabia is exploiting American companies […]

The post Sen. Menendez questions Twitter about former employees spying for Saudi Arabia appeared first on CyberScoop.

Continue reading Sen. Menendez questions Twitter about former employees spying for Saudi Arabia→

World powers are pushing to build their own brand of cyber norms

Posted on September 24, 2019 by Shannon Vavra

The race to establish what states can and can’t do in cyberspace — an effort that has been largely stalled for the past couple of years — is back on. The United States and 26 other nations on Monday kicked off the United Nations General Assembly in New York by issuing a statement that called out both state and non-state actors for targeting critical infrastructure during peacetime, interfering in politics, and conducting intellectual property theft. They also called for costs to be imposed on those that seek to undermine established cyber norms. “State and non-state actors are using cyberspace increasingly as a platform for irresponsible behavior from which to target critical infrastructure and our citizens, undermine democracies and international institutions and organizations, and undercut fair competition in our global economy by stealing ideas when they cannot create them,” reads the joint statement. “We call on all states to support the […]

The post World powers are pushing to build their own brand of cyber norms appeared first on CyberScoop.

Continue reading World powers are pushing to build their own brand of cyber norms→

Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware

Posted on September 8, 2019 by Shannon Vavra

Cyber Command’s largest-ever upload to VirusTotal exposes malware linked with North Korean government hackers, according to security researchers. #CNMF has posted multiple new malware samples: https://t.co/fSgk1xpG8t — USCYBERCOM Malware Alert (@CNMF_VirusAlert) September 8, 2019 Several of the malware samples have been tied to Lazarus Group, a group the U.S. government has linked with the North Korean government. Specifically, the samples look to be what’s known as “HOPLIGHT,” a trojan that has been used to gather information on victims’ operating systems and uses a public SSL certificate for secure communications with attackers. Cyber Command uploaded 11 malware samples in all. FireEye Managing Principal Threat Analyst Andrew Thompson said the upload signals to North Korea‘s government that it can’t remain anonymous in cyberspace. “Will this deter intelligence activities? Of course not. That’s foolish. What it does do is articulate [North Koreans] aren’t operating free from attribution, which limits the range of activities they should see as […]

The post Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware appeared first on CyberScoop.

Continue reading Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware→

Estonia debuts first-ever cyber diplomacy training

Posted on July 29, 2019 by Shannon Vavra

Dozens of NATO and EU diplomats who focus on cybersecurity issues descended upon Estonia last week for their first-ever “summer school” training on cyber diplomacy. The sessions focused on lessons learned from previous international negotiations on cybersecurity issues, technical developments on the latest cyberthreats, and international norms and laws in cyberspace. For five days the 80 diplomats participated with cybersecurity experts and academics in conversations and a simulation of a real-world international cybersecurity crisis, Britta Tarvis, media adviser for the Estonian Ministry of Foreign Affairs, told CyberScoop. The objective was to help diplomats from EU and NATO countries get “a more in-depth understanding” of cybersecurity strategies and technological developments, and how those topics affect the implementation of norms and international law, Tarvis said. Twenty-six countries were represented. The development of what is accepted nation-state behavior in cyberspace is still in its nascent stages. It was only five years ago that NATO incorporated cyberattacks into its collective defense agreement, for instance, […]

The post Estonia debuts first-ever cyber diplomacy training appeared first on CyberScoop.

Continue reading Estonia debuts first-ever cyber diplomacy training→

Senate investigation finds agencies ‘unprepared’ to protect Americans’ data

Posted on June 25, 2019 by Sean Lyngaas

Federal agencies are “failing to implement basic cybersecurity standards” needed to protect Americans’ personal data and keep the nation’s secrets safe from hackers, a Senate investigation has concluded. The report, which drew on 10 years’ worth of inspector general reports at eight agencies, paints a picture of persistent neglect of standard network defense measures. It comes more than four years after the breach of the Office of Personnel Management, in which alleged Chinese hackers stole sensitive personal data on 22 million current and former federal employees. Lessons from that sweeping compromise of American security clearances still haven’t been heeded, according to the report from the Senate Committee on Homeland Security and Government Affairs’ Permanent Subcommittee on Investigations. “Despite major data breaches like OPM, the federal government remains unprepared to confront the dynamic cyberthreats of today,” laments the report, which covered the departments of Agriculture, Education, Health and Human Services, Homeland […]

The post Senate investigation finds agencies ‘unprepared’ to protect Americans’ data appeared first on CyberScoop.

Continue reading Senate investigation finds agencies ‘unprepared’ to protect Americans’ data→

Proposed State Department bureau takes wrong approach to U.S. cyber diplomacy

Posted on June 7, 2019 by Sean Lyngaas

This week the State Department formally notified Congress of its long overdue plan to establish a new Bureau for Cyberspace Security and Emerging Technologies. This news, which was expected for almost a year, should in theory be welcomed by lawmakers. In 2018, the Republican-controlled House grew so frustrated with former Secretary Rex Tillerson’s plan to abolish the State Department’s cybersecurity coordinator – the country’s top cyber diplomat – that it passed legislation to not just reconstitute the position but actually elevate its stature and responsibilities. This rare rebuke of the administration by the president’s own party could have been rectified by Tillerson’s successor, Mike Pompeo. Instead, the department’s latest plan may be worse than Tillerson’s. There are two fundamental and related problems with the department’s proposed cyber bureau. First, the bureau’s focus is far too narrow. By limiting the scope of the bureau’s purview to security – and excluding the digital economy, […]

The post Proposed State Department bureau takes wrong approach to U.S. cyber diplomacy appeared first on CyberScoop.

Continue reading Proposed State Department bureau takes wrong approach to U.S. cyber diplomacy→

State Department proposes new $20.8 million cybersecurity bureau

Posted on June 5, 2019 by Sean Lyngaas

The State Department has sent to Congress a long-awaited plan to reestablish a cybersecurity-focused bureau it says is key to supporting U.S. diplomatic efforts in cyberspace. The State Department’s new plan, obtained by CyberScoop, would create the Bureau of Cyberspace Security and Emerging Technologies (CSET) to “lead U.S. government diplomatic efforts to secure cyberspace and its technologies, reduce the likelihood of cyber conflict, and prevail in strategic cyber competition.” The new bureau, with a proposed staff of 80 and projected budget of $20.8 million, would be led by a Senate-confirmed coordinator and “ambassador-at-large” with the equivalent status of an assistant secretary of State, who would report to the Undersecretary of State for Arms Control and International Security. The idea comes nearly two years after then-Secretary of State Rex Tillerson announced he would abolish the department’s cybersecurity coordinator position and put its support staff under the department’s economic bureau. CSET would “unify the policy functions and […]

The post State Department proposes new $20.8 million cybersecurity bureau appeared first on CyberScoop.

Continue reading State Department proposes new $20.8 million cybersecurity bureau→

White House executive order sets path for ban on Huawei

Posted on May 15, 2019 by Shannon Vavra

President Donald Trump issued an executive order Wednesday that is intended to prevent U.S. companies from using telecommunications technology made by firms that are beholden to foreign adversaries. The goal of the order is to protect the security, economy, and critical infrastructure of the U.S., a senior administration official told reporters Wednesday. The intent is to prevent economic and industrial espionage, especially those activities that pose “undue risk of sabotage” through technologies that are “owned by, controlled by, or subject to the jurisdiction or direction” of foreign adversaries. Although the order, which invokes the International Emergency Economic Powers Act and the National Emergencies Act, does not name any country or company in particular, the order is thought to impinge on business with China-based Huawei. The order comes as tension has risen over the U.S.-China trade war. Earlier this week, the Chinese government said it will impose tariffs on $60 billion worth of U.S. […]

The post White House executive order sets path for ban on Huawei appeared first on CyberScoop.

Continue reading White House executive order sets path for ban on Huawei→

DNS hacks are attacks on critical infrastructure, senior U.S. diplomat says

Posted on April 24, 2019 by Shannon Vavra

Any nation-state behind recent hijackings of Domain Name System (DNS) records should, in theory, be held responsible under the latest cyberwarfare norms agreement made by 20 countries at the UN in 2015, says America’s top cyber diplomat. “One of the norms is disrupting physical infrastructure providing services to the public, and I think that fully encapsulates the internet’s DNS function,” Amb. Robert Strayer told CyberScoop Tuesday on the sidelines of the Atlantic Council’s International Conference on Cyber Engagement. The 2015 UN agreement, outlined in a Group of Government Experts (GGE), affirms that nation-states shouldn’t launch cyberattacks that intend to damage critical infrastructure in other countries. The DNS — which translates human-readable domain names of websites to their machine-readable versions — has a crucial role in directing internet traffic. But subsequent UN talks reportedly fell apart in 2017 over disagreements China and Russia had with the rest of the member states about whether further enhancements to the GGE document would impinge on their right to self-defense in […]

The post DNS hacks are attacks on critical infrastructure, senior U.S. diplomat says appeared first on CyberScoop.

Continue reading DNS hacks are attacks on critical infrastructure, senior U.S. diplomat says→