Category Archives: U.S. Cyber Command

Why did Cyber Command back off its recent plans to call out North Korean hacking?

Posted on by

U.S. Cyber Command was on the verge of again publicly calling out North Korean hackers for targeting the financial sector in late September, but ultimately backed off the plan by early October, multiple sources familiar with the decision tell CyberScoop. The announcement was to be part of a Cyber Command effort to publicly share malware samples on VirusTotal, a web platform dedicated to tracking malware. Led by Cyber Command’s Cyber National Mission Force, those postings are intended to call out adversary-linked hacking in the hopes that it will deter groups from similar efforts in the future. It wasn’t clear why the decision was made to refrain from publicly posting malware samples this time around, despite the fact that Cyber Command has done so numerous times in recent months. It didn’t appear to be an issue of accuracy — the Pentagon outfit still decided to share private advisories with threat intelligence companies and the financial sector. A […]

The post Why did Cyber Command back off its recent plans to call out North Korean hacking? appeared first on CyberScoop.

Continue reading Why did Cyber Command back off its recent plans to call out North Korean hacking?

Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities

Posted on by

Ethical hackers have found nine “high severity” vulnerabilities and one “critical” vulnerability across Department of Defense proxies, virtual private networks, and virtual desktops through the “Hack the Proxy,” bug bounty program, the Department of Defense’s Defense Digital Service and HackerOne announced Monday. In addition to the high severity and critical vulnerabilities uncovered, “Hack the Proxy” found 21 “medium” or “low severity” vulnerabilities. Defense Digital Service and HackerOne spokespeople did not immediately return requests for comment on what kinds of vulnerabilities constitute as “high severity,” “critical,” or “medium/low severity.” The bug bounty program, sponsored by U.S. Cyber Command, zeroed in on finding vulnerabilities external to the Department of Defense Information Network that could enable foreign hackers to watch internal affairs at the Pentagon. This comes just a week after the National Security Agency issued an alert warning that multiple nation-state adversaries have been exploiting VPN vulnerabilities in Pulse Secure and Fortinet products, products which Chinese hackers known as “Manganese” or […]

The post Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities appeared first on CyberScoop.

Continue reading Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities

‘No more away games’: Former Cyber Command official says Russia and China have leveled the playing field

Posted on by

A former U.S. Cyber Command official said Thursday that China and Russia’s use of cyberattacks has upended the way the U.S. military thinks about warfare, given the incidents’ direct impact on civilians rather than armed forces. Brett Williams, a former deputy of operations for the command, said at an IT conference in New York City that the two adversaries have made it so the military can no longer “play an away game.” “What I mean by that is [the U.S. likes] to fight away games,” Williams said at an event held by Tierpoint, held during CyberScoop’s NY CyberWeek. “We don’t want to have to fight here [on U.S. soil]. Anything we get into with China and Russia, the first impact is going to be felt on our civilian population.” Williams also said he believes both countries’ actions — he spoke specifically on China’s intellectual property theft and Russia’s targeting of […]

The post ‘No more away games’: Former Cyber Command official says Russia and China have leveled the playing field appeared first on CyberScoop.

Continue reading ‘No more away games’: Former Cyber Command official says Russia and China have leveled the playing field

U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech

Posted on by

U.S. Secretary of Defense Mark Esper is calling on allies in the North Atlantic Treaty Organization to bar Chinese companies from developing 5G networks there, reiterating an American argument that largely has failed to convince European countries to blacklist telecommunication firms with ties to Beijing. Esper, in a speech Thursday at the Cybersecurity and Infrastructure Security Agency summit in Maryland, said “every Chinese company has the potential to be an accomplice in Beijing’s state-sponsored campaign to steal technology.” His remarks came amid a standoff between Washington and Beijing in which the Chinese telecom Huawei has become the subject of geopolitical scrutiny while it also lobbies nations around the world to help build 5G wireless networks. Esper in his speech warned NATO allies that using 5G networks developed by Chinese companies “jeopardizes military interoperability and intelligence sharing opportunities.” “The U.S. military does not fight alone,” he said. “Just like the other […]

The post U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech appeared first on CyberScoop.

Continue reading U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech

Sen. Warner says hacking, disinformation are the future of war, and urges the U.S. to keep up

Posted on by

Cyberwarfare and information operations now are the primary ways in which countries assert themselves on the world stage, Sen. Mark Warner said in a speech Tuesday, pointing to a new geopolitical reality in which traditional military strength may be less urgent. The Virginia Democrat portrayed hacking, social media manipulation, and other digital techniques as affordable options for smaller countries that don’t have the financial resources to invest in modern military hardware like tanks and fighter jets. U.S. leaders need to more urgently recognize this transition, he said, and prioritize processes and technology that stifle future attempts from adversaries to interfere in U.S. elections and markets. Warner, vice chairman of the Senate Intelligence Committee, for years has urged Congress to authorize more funding for cybersecurity. “I worry at times we may be spending too much time [and] resources on 20th century stuff when increasingly conflict in the 21st century will be cyber, will be misinformation, disinformation,” Warner […]

The post Sen. Warner says hacking, disinformation are the future of war, and urges the U.S. to keep up appeared first on CyberScoop.

Continue reading Sen. Warner says hacking, disinformation are the future of war, and urges the U.S. to keep up

U.S. cyber-offensive against ISIS continues, and eyes are now on Afghanistan, general says

Posted on by

As loyalties among Afghanistan’s Islamic extremists continue to shift, the U.S. military may be poised to rely more heavily on offensive cyber capabilities to target one group in particular — the dispersed but still active membership of ISIS, according to one military cyber commander. Joint Task Force ARES, the outfit charged with running joint and coalition cyber-operations against ISIS, is working to uncover information about how the terrorist group continues to operate in Afghanistan, the deputy commander said Monday. “JTF-ARES is in or around where ISIS is operating,” Brig. Gen. Len Anderson said during a question and answer at an Atlantic Council event Monday. “We are trying to illuminate the network, trying to figure out how they’re communicating, what they’re using, where the money might be flowing, is there money.” Although the Islamic State’s physical caliphate has been crushed in Iraq and Syria, reporting from the Defense Intelligence Agency this year says the group still has a […]

The post U.S. cyber-offensive against ISIS continues, and eyes are now on Afghanistan, general says appeared first on CyberScoop.

Continue reading U.S. cyber-offensive against ISIS continues, and eyes are now on Afghanistan, general says

North Korean government hackers sanctioned by U.S. Treasury

Posted on by

Add the U.S. Treasury to the list of government agencies going after North Korean hackers. The Treasury’s Office of Foreign Assets Control announced Friday it is sanctioning three North Korean hacking groups it says are backed by Kim Jong-un’s regime, including the well-known Lazarus Group. The office also identifies two sub-groups of Lazarus Group, Bluenoroff and Andariel. Bluerunoff has targeted foreign financial institutions in Bangladesh, India, Mexico, Pakistan, Philippines, South Korea, Taiwan, Turkey, Chile, and Vietnam, as well as the Society for Worldwide Interbank Financial Telecommunication (SWIFT) monetary transfer system to conduct cyber-enabled financial heists in response to prior sanctions, according to OFAC. Andariel has been more focused on stealing cash and customer information from ATMs as well as targets in government agencies and in the defense industry, including those in South Korea to gather intelligence, according to OFAC. The U.S. government has previously linked Lazarus Group with the North […]

The post North Korean government hackers sanctioned by U.S. Treasury appeared first on CyberScoop.

Continue reading North Korean government hackers sanctioned by U.S. Treasury

Security clearance background checks should take three days, Rep. Will Hurd says

Posted on by

Rep. Will Hurd, who recently announced he is leaving Congress after his current term is up, has something to get off his chest. The Texas Republican has previously said he thinks the federal government should be able to issue security clearances in one week — but now he says it can be done in three days. “I never thought I would have to work on such a basic issue as this: [Getting a security clearance] shouldn’t take 9 months,” Hurd said Thursday at the Dell Technologies Forum. “I think we can do it in three days.” Currently, the federal government is currently working on overhauling the security clearance process as part of an overhaul known as Trusted Workforce 2.0 — and already in the last several months the government has made some progress on the backlog of applications. Hurd — a former CIA officer — has had a front-row seat for the process […]

The post Security clearance background checks should take three days, Rep. Will Hurd says appeared first on CyberScoop.

Continue reading Security clearance background checks should take three days, Rep. Will Hurd says

Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware

Posted on by

Cyber Command’s largest-ever upload to VirusTotal exposes malware linked with North Korean government hackers, according to security researchers. #CNMF has posted multiple new malware samples: https://t.co/fSgk1xpG8t — USCYBERCOM Malware Alert (@CNMF_VirusAlert) September 8, 2019 Several of the malware samples have been tied to Lazarus Group, a group the U.S. government has linked with the North Korean government. Specifically, the samples look to be what’s known as “HOPLIGHT,” a trojan that has been used to gather information on victims’ operating systems and uses a public SSL certificate for secure communications with attackers. Cyber Command uploaded 11 malware samples in all. FireEye Managing Principal Threat Analyst Andrew Thompson said the upload signals to North Korea‘s government that it can’t remain anonymous in cyberspace. “Will this deter intelligence activities? Of course not. That’s foolish. What it does do is articulate [North Koreans] aren’t operating free from attribution, which limits the range of activities they should see as […]

The post Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware appeared first on CyberScoop.

Continue reading Cyber Command’s biggest VirusTotal upload looks to expose North Korean-linked malware

As NSA expands election security task force, Director Paul Nakasone talks lessons learned

Posted on by

A key component of the Pentagon’s effort to defend the 2018 midterm elections from foreign interference was its collaboration with the Department of Justice to disrupt operations from overseas, Gen. Paul Nakasone, director of the National Security Agency, said Thursday. It’s the kind of interagency effort American officials are trying to achieve again before the 2020 presidential election. The NSA and U.S. Cyber Command, a unified combatant command at the Pentagon dedicated to running cyber-operations, worked with the FBI’s Foreign Influence Task Force in 2018 as part of an effort to avoid the kind of Russian meddling that occurred in 2016, Nakasone said. The effort to protect the 2018 midterm elections, collectively known as Synthetic Theology, resulted in disrupting the internet access of Russia’s social media troll farm, the Internet Research Agency. The effort represented the first cyber-operations abroad to protect U.S. elections, and it’s helping inform the intelligence community’s approach to […]

The post As NSA expands election security task force, Director Paul Nakasone talks lessons learned appeared first on CyberScoop.

Continue reading As NSA expands election security task force, Director Paul Nakasone talks lessons learned