Collaborate Disseminate
Laura Galante comes to the role after several years of running her own cybersecurity firm. The Ukrainian government was one of her clients.
The post Former Mandiant exec tapped to run CTIIC, ODNI’s cyber threat intelligence center appeared first on CyberScoop.
Continue reading Former Mandiant exec tapped to run CTIIC, ODNI’s cyber threat intelligence center
In 2022, the FBI is looking to approach cybercrime differently. During separate public appearances on Thursday, two FBI officials said the bureau was going to change up how it deals with computer intrusions. “The FBI specifically is moving away from an indictment- and arrest-first model into the totality of imposing costs on our adversaries, and we’re making tremendous progress there,” said Bryan Vorndran, assistant director of the FBI’s cyber division. “There is a right time for indictments and arrests and certainly one of our goals to take players off the field. But at the end of the day, we’re a team member first before we’re prioritizing our own authorities.” Vorndran, speaking at an event hosted by the Silverado Policy Accelerator, touted the FBI’s workforce around the country and the skills they can bring to bear. “That decentralized workforce is a huge strength for our government, especially given the FBI statutory […]
The post FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response appeared first on CyberScoop.
Top U.S. national security officials on Tuesday explained some ideal elements to a potential national data breach reporting law, describing the idea as one pathway to stopping massive security incidents like the SolarWinds hack. A national data breach reporting law would need to be clear and concise for companies to follow it, and generally not be a huge burden, said Tonya Ugoretz, deputy assistant director of the FBI. It also might function as an alternative to government surveillance of private sector networks, a controversial idea previously suggested as a means of detecting cyber-espionage. Such a law should be focused on receiving reports about only especially sensitive breaches, such as those which jeopardize national security and critical infrastructure or that compromise U.S. government information, Ugoretz said during a prerecorded segment that aired at the virtual 2021 RSA Conference. However, Ugoretz and Adam Hickey, the deputy assistant attorney general and the Justice […]
The post National security officials outline hopes for national data breach notification law appeared first on CyberScoop.
Continue reading National security officials outline hopes for national data breach notification law
While dealing with a massive cyber-espionage campaign against the U.S. government, the FBI is trying to quietly implement a new strategy aimed at better tracking foreign hackers. FBI officials last spring gave the head of the National Cyber Investigative Joint Task Force (NCIJTF) — a group of intelligence, law enforcement and defense officials who track hacking threats — a more senior role within the bureau, according to Tonya Ugoretz, deputy assistant director in the FBI’s cyber division. The result is that a senior FBI official now leads an interagency group whose work could lead to offensive cyber-operations, sanctions or State Department démarches — or all three. Herb Stapleton, the former head of the FBI’s the head of FBI’s Cyber Crime Operations, is filling that role. The goal of the strategy, which the FBI unveiled in September, is to disrupt foreign cyber operations against U.S. assets by “changing the risk calculus” of adversaries, as […]
The post FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout appeared first on CyberScoop.
Continue reading FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout
As the FBI investigated alleged Chinese hacking of American COVID-19 research, it used information it found in known victims’ networks to identify others who had been victimized or potentially might be, according to a top bureau official. It was just one step of several in how the FBI confronted threats to that research, said Tonya Ugoretz, deputy assistant director in the bureau’s cyber division, speaking Tuesday at CyberTalks, a virtual summit hosted by Scoop News Group. The FBI’s role in defending vaccine makers and others combating the virus is part of a government-wide effort, which has included indictments and public joint agency warnings sounding the alarm that both China and Russia have been trying to steal U.S. research secrets. The FBI deployed personnel to aid hacking victims and those who faced attempted hacks with their consent, which allowed investigators to collect evidence to aid other potential victims. But that evidence also would be “valuable for any future […]
The post What the FBI did to make headway against COVID-19 research hackers appeared first on CyberScoop.
Continue reading What the FBI did to make headway against COVID-19 research hackers
Last week saw a flurry of U.S. indictments of alleged Chinese and Iranian hackers as part of a multi-agency crackdown on foreign intelligence services. The Department of Treasury issued sanctions, the Department of Homeland Security advised companies on how to fend off hackers and U.S. intelligence agencies likely kept a close eye on possible reactions from Beijing and Tehran. At the center of the coordinated crackdowns, though, were the FBI agents who tracked the computer infrastructure used by the suspects. The series of events was one of the first examples of the FBI’s new cybersecurity strategy in action. The goal of the effort, which officials revealed this month, is simple: impose harsher consequences on America’s digital adversaries by working more closely with intelligence agencies and data-rich private companies. For the FBI, that could mean trying to put a suspect in handcuffs, burning their identity through an indictment or opting to provide targeting […]
The post FBI hopes a more aggressive cyber strategy will disrupt foreign hackers appeared first on CyberScoop.
Continue reading FBI hopes a more aggressive cyber strategy will disrupt foreign hackers
Nation-state hackers have been running cyber-espionage operations against medical research organizations in the U.S. that are studying the novel coronavirus, according to the FBI. “We have certainly seen reconnaissance activity and some intrusions into some of those institutions, especially those that have publicly identified themselves as working on COVID-19 related research,” the deputy assistant director of the FBI’s cyber division, Tonya Ugoretz, said Thursday while speaking on a virtual panel hosted by the Aspen Institute. Ugoretz did not specify the nature of the intrusions, the timing of the targeting and intrusions, or which entities had been targeted. Ugoretz noted that some of the research labs or hospitals that had been the focus of the foreign intelligence operations in recent weeks include those that have publicly shared that they are working on research related to the coronavirus, such as those entities working on developing vaccines against the virus. Several U.S. drug making titans and startups alike have […]
The post Coronavirus scientists are big targets for foreign cyber-espionage, FBI says appeared first on CyberScoop.
Continue reading Coronavirus scientists are big targets for foreign cyber-espionage, FBI says
A special unit inside the FBI helped victims of cybercrime recover $300 million of the roughly $3.5 billion in reported losses in 2019, according to a top bureau official. Tonya Ugoretz, a deputy assistant director in the cyber division at the FBI, said Monday the Internet Crime Complaint Center (IC3) responded to more than 467,000 complaints in 2019, up from 351,937 complaints in 2018. Each one of the nearly 500,000 complaints submitted to the FBI was analyzed by an individual human who then determines whether to begin an investigation and, in some cases, try to recover stolen funds, Ugoretz said. The FBI first quantified the figures from last year in its annual IC3 report, published earlier this month. The same report included details about how reported losses from ransomware attacks doubled in the past year to $8.9 million, though the true figure likely is much higher, and that attacks increasingly […]
The post An FBI unit recovered $300 million of $3.5 billion in reported cybercrime losses last year appeared first on CyberScoop.
The notorious SamSam ransomware — which extracted $6 million in payments from more than 200 victim organizations — forced the FBI to adjust its model for handling cyberattack investigations, a senior bureau official said Thursday. Nearly all 56 of the FBI’s field offices responded to SamSam incidents — an inefficient way of keeping up with the malware, said Tonya Ugoretz, deputy assistant director of the FBI’s Cyber Division. And so, in an example of how the FBI is trying to adapt to an era of unceasing cyberthreats to U.S. businesses, the bureau changed its investigative structure. “We developed a model whereby when there is a certain type of malicious strain or certain type of threat actor, we have one office that’s in charge, we have other offices running supporting investigations that are feeding up into that,” Ugoretz said at the Cybersecurity Leadership Forum presented by Forcepoint and produced by CyberScoop and […]
The post SamSam outbreak led to FBI restructuring, top official says appeared first on CyberScoop.
Continue reading SamSam outbreak led to FBI restructuring, top official says
Private sector security companies had a key role in the U.S. government’s attribution of last year’s WannaCry ransomware epidemic to North Korea, an official at the Office of the Director of National Intelligence (ODNI) said on Friday. Speaking at a Washington Post Live event, Tonya Ugoretz, director of ODNI’s Cyber Threat Intelligence Integration Center (CTIIC), said that the small agency she leads acted as a liaison to get critical information about the global attack from the private sector to U.S. intelligence agencies. Ugoretz said that CTIIC learned of information about WannaCry that had been fed to Department of Homeland Security by its private sector partners. The information would play an important role in the attribution to North Korea months later, Ugoretz explained. CTIIC comprises staff from intelligence, law enforcement and other federal agencies with the goal of helping coordinate responses to cyberthreats. “DHS had that by virtue of their private sector relationships, and we asked […]
The post Private sector played critical role in WannaCry attribution, ODNI official says appeared first on Cyberscoop.
Continue reading Private sector played critical role in WannaCry attribution, ODNI official says