U.S. Cyber Command – Page 6

Cyber Command deploys abroad to fend off foreign hacking ahead of the 2020 election

Posted on August 25, 2020 by Shannon Vavra

The Department of Defense has sent personnel abroad to hunt for malicious software that adversaries may be using against U.S. voting infrastructure or networks prior to Election Day. Gen. Paul Nakasone announced Tuesday in a Foreign Affairs editorial that Cyber Command personnel would be deployed as part of a plan to allow defensive cyber-operators from the Pentagon to identify malware targeting other countries’ networks and systems. Similar attacks could later be used for attempted intrusions aimed at disrupting American technologies. The announcement coincides with ongoing efforts between Cyber Command, the military’s offensive hacking outfit, and the National Security Agency to monitor threats to the 2020 U.S. presidential election from Russia, China, Iran, North Korea. It was not immediately clear where the military personnel were deployed. Cyber Command has run multiple so-called Hunt Forward missions in Montenegro, which, Russian military hackers have aimed to disrupt their political process, as they did with a hack-and-leak operation against the Democratic National Committee […]

The post Cyber Command deploys abroad to fend off foreign hacking ahead of the 2020 election appeared first on CyberScoop.

Continue reading Cyber Command deploys abroad to fend off foreign hacking ahead of the 2020 election→

U.S. military researchers may have found a more productive vulnerability discovery process

Posted on August 24, 2020 by Shannon Vavra

A study from the U.S. government shows there is proof of a way to be more efficient when looking for flaws in software. Security researchers of all expertise levels do better with an improved, automated analysis that better allocates human resources during investigations, U.S. military researchers from the National Security Agency, Cyber Command, Navy, Air Force, and Army posit in new research published this month. This differs from a common approach taken when researchers are more naturally inclined to zero in on a given piece of software to try to find flaws. “There is a cognitive bias in the hacker community to select a piece of software and invest significant human resources into finding bugs in that software without any prior indication of success,” they write in the paper. This status quo, which the researchers call the “depth-first” approach, places more of a burden on experienced researchers while beginners get […]

The post U.S. military researchers may have found a more productive vulnerability discovery process appeared first on CyberScoop.

Continue reading U.S. military researchers may have found a more productive vulnerability discovery process→

Election interference efforts have shifted, NSA and Cyber Command election threats leads say

Posted on August 7, 2020 by Shannon Vavra

With Election Day less than 100 days away, the National Security Agency and U.S. Cyber Command are carefully monitoring threats to the 2020 U.S. presidential election from Russia, China, Iran, and groups of criminal actors, two officials said Friday. And while Russian government operatives have probed state IT systems and run hack-and-leak operations to influence U.S. elections in the past, the playbook is not necessarily the same this year, the NSA election threats lead, David Imbordino, and Brig. Gen. William Hartman, the Cyber Command election threats lead, said. While Russia depended on the Internet Research Agency (IRA) to run influence operations in 2016, they have been outsourcing operations to other actors, Imbordino and Hartman said, confirming that the IRA recently set up an offshoot of its troll farm in Ghana and Nigeria. “In terms of 2020 [in the IRA] we’ve seen a shift towards more use of proxies…intermediaries…laundering information through […]

The post Election interference efforts have shifted, NSA and Cyber Command election threats leads say appeared first on CyberScoop.

Continue reading Election interference efforts have shifted, NSA and Cyber Command election threats leads say→

DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns

Posted on August 3, 2020 by Shannon Vavra

The U.S. government publicly put forth information Monday that exposed malware used in Chinese government hacking efforts for more than a decade. The Chinese government has been using malware, referred to as Taidoor, to target government agencies, entities in the private sector, and think tanks since 2008, according to a joint announcement from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Department of Defense, and the FBI. The Chinese Communist Party has been using the malware, in conjunction with proxy servers, “to maintain a presence on victim networks and to further network exploitation,” according to the U.S. government’s malware analysis report (MAR). In particular, Taidoor has been used to target government and private sector organizations that have a focus on Taiwan, according to previous FireEye analysis. It is typically distributed to victims through spearphishing emails that contain malicious attachments. U.S. Cyber Command, the DOD’s offensive cyber unit, has also shared samples […]

The post DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns appeared first on CyberScoop.

Continue reading DOD, FBI, DHS release info on malware used in Chinese government-led hacking campaigns→

Here’s how Army Cyber Command plans to take on information warfare

Posted on July 29, 2020 by Shannon Vavra

Amid burgeoning Russian, Chinese, and Iranian influence operations aimed at manipulating U.S. politics and Americans’ understanding of the coronavirus pandemic, the Army’s top cybersecurity official has released a ten-year plan to reform his command into a more capable information warfare unit. The plan, which Lt. Gen. Stephen Fogarty outlined this week in Cyber Defense Review, a publication from the Army Cyber Institute, is meant to reorganize Army Cyber Command into a series of units that can work to counter adversaries’ efforts to destabilize the U.S., including by influencing adversaries’ behavior and decision-making through jamming up their signals, or by messaging and running social media information operations to control the narrative, for instance. In some cases, the reformulated Army Cyber Command (ARCYBER) will focus on “skillfully communicating (or obscuring), the location, capability, and intent of Army forces,” Fogarty said. The final goal of the ten-year plan is to get ARCYBER to be able to outsmart and outmaneuver adversaries in the information space — in concert with other […]

The post Here’s how Army Cyber Command plans to take on information warfare appeared first on CyberScoop.

Continue reading Here’s how Army Cyber Command plans to take on information warfare→

Islamic State propaganda efforts struggle after Telegram takedowns, report says

Posted on July 28, 2020 by Jeff Stone

The Islamic State terrorist group is reportedly struggling to regain a foothold on mainstream social networks amid tighter controls from technology firms and ongoing attention from the U.S. military. As major networks have stifled the group, it has tried to build a presence on a number of marginal social media platforms, only to be met “by increasing efforts by these companies to bring down content,” the European Union’s law enforcement agency, Europol, said Tuesday in a report examining the extremist group’s activities over 2019. Telegram, previously the primary source of terrorist propaganda online, according to Europol, said in November that it had removed more than 5,000 “terrorist accounts and bots” during a two day effort against the group, an uptick from the typical average of 200 to 300 removals. Since then, IS supporters have shifted to more fringe services, like the Russia-based TamTam and Hoop Messenger, which is hosted in Canada. Extremists also have […]

The post Islamic State propaganda efforts struggle after Telegram takedowns, report says appeared first on CyberScoop.

Continue reading Islamic State propaganda efforts struggle after Telegram takedowns, report says→

The case for a National Cyber Director

Posted on July 14, 2020 by cyber_admin

Although the aftershocks of COVID-19 will last for years, one result is already clear — shifting more activity online has increased our society’s digital dependence even faster than expected. The federal government’s cybersecurity capabilities need to keep pace. Although some Federal agencies, particularly the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security (DHS), have made significant improvements over the last few years, at least three factors impede government-wide progress. First, cybersecurity’s cross-cutting nature does not fit with the U.S. government’s bureaucratic structure. Second, agencies are not incentivized to sustain the degree of coordination required for effective cybersecurity. Third, a lack of central leadership hinders effective incident response. No single policy action will solve these problems, but creating a National Cyber Director along the lines of what the Cyberspace Solarium Commission recommends would be a good start. Bureaucracies prefer issues that fit neatly into one organization’s mission. […]

The post The case for a National Cyber Director appeared first on CyberScoop.

Continue reading The case for a National Cyber Director→

US Cyber Command highlights Palo Alto Networks security patch, citing foreign espionage

Posted on June 30, 2020 by Jeff Stone

U.S. cyber officials are urging American companies and individuals who rely on a popular security product to update their systems immediately, before foreign hackers can exploit a flaw in the technology to steal protected information. The Department of Homeland Security and U.S. Cyber Command said Monday that a “critical” flaw in technology from Palo Alto Networks, a multinational security firm based in California, could enable attackers “with network access” to obtain sensitive information. The flaw exists in PAN-OS, the operating system on firewalls and corporate virtual private network application products. Cyber Command said in a tweet that advanced hacking groups “will likely attempt exploit soon.” Palo Alto Networks issued a patch on Monday for the security flaw, the start of a weeks or months-long process in which corporate security teams will start updating their technologies to fend off hacking groups. The software flaw, officially dubbed CVE-2020-2021, was designated a 10.0 […]

The post US Cyber Command highlights Palo Alto Networks security patch, citing foreign espionage appeared first on CyberScoop.

Continue reading US Cyber Command highlights Palo Alto Networks security patch, citing foreign espionage→

GAO: Cyber Command is overspending on data tools

Posted on June 5, 2020 by Shannon Vavra

One of the major initiatives that U.S. Cyber Command has been working on for two years is going to cost five times more than what military officials originally estimated, according to a Government Accountability Office report. The program, a software platform called Unified Platform (UP), is meant to help forces and military services working with Cyber Command to reduce the amount of data silos, and to streamline data processing, storage, queries, and information-sharing to enhance overall mission effectiveness. One of the main contributing factors to the miscalculation is that the overall cost of UP was not based on any independent analysis, GAO found. “UP did not have several key elements of its business case approved at the time of program initiation, such as approved requirements, a cost estimate informed by independent analysis, or a formal schedule risk assessment,” the GAO said. “Our prior work has shown that this type of […]

The post GAO: Cyber Command is overspending on data tools appeared first on CyberScoop.

Continue reading GAO: Cyber Command is overspending on data tools→

FBI, DHS to go public with suspected North Korean hacking tools

Posted on May 12, 2020 by Shannon Vavra

The FBI and the Department of Homeland Security are preparing to jointly expose North Korean government-backed hacking this week, CyberScoop has learned. Threat data meant to help companies fend off hackers has already been shared with the private sector in an effort to boost cyber-defenses in critical infrastructure sectors. The circulating information, contained in several documents known as malware analysis reports (MARs), details activity from Hidden Cobra hackers, an advanced persistent threat group that the U.S. government has previously linked with the North Korean government. The Hidden Cobra group frequently targets financial institutions such as banks, cryptocurrency exchanges, and ATMs for financial gain, the government says. However, it was not immediately clear which specific security incidents, if any, the U.S. government sought to expose in the information sharing effort. The documents, which sources say contains 26 malware samples, appear to be the latest piece of a broader U.S. government effort […]

The post FBI, DHS to go public with suspected North Korean hacking tools appeared first on CyberScoop.

Continue reading FBI, DHS to go public with suspected North Korean hacking tools→