Iran-linked hackers steal sensitive data from U.S. Navy member, researchers say

Allison Wikoff has spent years tracking suspected Iranian hackers, sifting through data they’ve left behind and analyzing their techniques. But in May, when her colleague stumbled upon a server with 40 gigabytes of the hackers’ training videos and online personas, Wikoff knew she had struck gold. “[When] we started combing through all the data and video files we couldn’t believe what we were seeing,” said  Wikoff, a cyber threat analyst on IBM’s X-Force security team. “This discovery brought a whole new meaning to observing ‘hands-on keyboard activity.’” The nearly five hours of videos found on the server, which IBM reported publicly on Thursday, include evidence of a suspected Iranian hacker stealing data from the personal email and social media accounts of an enlisted member of the U.S. Navy and a Greek naval officer. The attacker managed to exfiltrate files on the military unit of the U.S. Navy member and their […]

The post Iran-linked hackers steal sensitive data from U.S. Navy member, researchers say appeared first on CyberScoop.

Continue reading Iran-linked hackers steal sensitive data from U.S. Navy member, researchers say

Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work

The Department of Homeland Security and two U.S. military branches already had discontinued use of the app based on concerns over Chinese data-security and censorship practices. Continue reading Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work

U.S. Army bans TikTok amid ongoing scrutiny of Chinese-made video app

The U.S. Army is barring its soldiers from using TikTok, a video-sharing app owned by a company with ties to the Chinese government. Lt. Col. Robin Ochoa, an Army spokeswoman, told Military.com on Dec. 30 the military branch considers TikTok a “cyberthreat” and that personnel may not use the app on government phones. Some 1.3 billion people globally use TikTok to create short videos. The new Army policy follows a December advisory from the U.S. Department of Defense stating that TikTok includes “potential security risks associated with its use” and that using the program could result in the exposure of personal information. Much of the U.S. government’s anxiety over TikTok is connected to ByteDance, a Chinese technology giant with government ties that has owned the app since 2017. ByteDance shares a series of partnerships with Chinese state organizations, Reuters reported, and must abide by Chinese law. In September, the Washington Post reported that TikTok appeared to be censoring […]

The post U.S. Army bans TikTok amid ongoing scrutiny of Chinese-made video app appeared first on CyberScoop.

Continue reading U.S. Army bans TikTok amid ongoing scrutiny of Chinese-made video app

Blistering report scolds Navy for longstanding cybersecurity challenges

The Department of the Navy this week released a scathing assessment of the service’s approach to cybersecurity, lamenting that hackers have been relatively unimpeded in their years-long plundering of data from the department and its contractors. “Competitors and potential adversaries have exploited DON [Department of Navy] information systems, penetrated its defenses, and stolen massive amounts of national security” intellectual property, says the “cybersecurity readiness review” released by Richard Spencer, the secretary of the Navy. The Navy failed to account for the fact that defense companies it contracts with would be aggressively targeted by foreign hackers for their valuable data, according to the audit. “Despite our adversaries’ clear statements of intent, the DON did not anticipate this attack vector,” the report says. The reactive system of self-reporting of breaches and supplier vulnerabilities has “demonstrably failed,” concludes the study,  which was released after The Wall Street Journal reported on it this week. […]

The post Blistering report scolds Navy for longstanding cybersecurity challenges appeared first on CyberScoop.

Continue reading Blistering report scolds Navy for longstanding cybersecurity challenges