U.S. Southern District of New York

Wyden seeks details on spies’ data protection after scathing CIA audit on Vault 7 leaks

Posted on June 16, 2020 by Jeff Stone

A senator with insight into the way U.S. intelligence agencies conduct espionage wants to know if American spies are protecting their secrets in a way that prevents intruders from stealing information that’s crucial to national security. In a letter sent Tuesday to the director of national intelligence, Sen. Ron Wyden, D-Ore., asked for more information about what he described as “widespread security problems across the intelligence community.” Wyden was referencing, in part, an internal Central Intelligence Agency audit that described “longstanding imbalances and lapses” in data protection before WikiLeaks published secret U.S. hacking tools, known as the Vault 7 files, starting in 2017. The October 2017 audit encouraged the CIA to view the audit’s findings as “a wake-up call” and “an opportunity” to “reorient how we view risk.” Now, Wyden is asking Director of National Intelligence John Ratcliffe about whether known vulnerabilities still exist. The intelligence community “is still lagging […]

The post Wyden seeks details on spies’ data protection after scathing CIA audit on Vault 7 leaks appeared first on CyberScoop.

Continue reading Wyden seeks details on spies’ data protection after scathing CIA audit on Vault 7 leaks→

US will try Joshua Schulte again for allegedly leaking CIA hacking tools

Posted on May 19, 2020 by Jeff Stone

U.S. prosecutors will retry ex-CIA employee Joshua Schulte on espionage-related charges after a jury couldn’t come to a decision in his first trial. Assistant U.S. Attorney David Denton on Monday told a judge in the Southern District of New York that the Department of Justice “does intend to retry Mr. Schulte on the espionage charges.” The update comes more than two months after a jury found Schulte, 31, guilty of lying to the FBI and contempt of court, though they remained deadlocked on eight counts, including the illegal transmission of national defense information. Prosecutors will “clarify” the charges, Denton said, but not add any new criminal counts. While a trial date remains unclear, Judge Paul Crotty said jury selection would not begin before September, amid ongoing concerns connected to the coronavirus pandemic. “It’s difficult to predict when things are going to approach normal again,” he said. The teleconference came after […]

The post US will try Joshua Schulte again for allegedly leaking CIA hacking tools appeared first on CyberScoop.

Continue reading US will try Joshua Schulte again for allegedly leaking CIA hacking tools→

Joshua Schulte’s attorney suggests Vault 7 leaks were due to the CIA’s poor cybersecurity

Posted on February 4, 2020 by Jeff Stone

So many people had access to the computer network used by CIA software engineers that U.S. officials still don’t know who is actually behind the leak of the agency’s hacking tools, according to the defense attorney for an accused leaker. The lawyer for Joshua Schulte, a former CIA employee on trial for allegedly providing the tools to WikiLeaks, told the jury Tuesday that the government networks their client worked on were so insecure that investigators will never know if Schulte, or some other intruder, carried out the theft. Schulte, 31, faces 11 criminal counts in connection with leaking the so-called Vault 7 files to WikiLeaks. In 2017, the controversial organization spent six months publishing documents detailing the CIA’s ability to hack into mobile operating systems, messaging apps, smart TVs and other consumer technology. Prosecutors have alleged Schulte stole the files in order to cause as much harm as possible to […]

The post Joshua Schulte’s attorney suggests Vault 7 leaks were due to the CIA’s poor cybersecurity appeared first on CyberScoop.

Continue reading Joshua Schulte’s attorney suggests Vault 7 leaks were due to the CIA’s poor cybersecurity→

As Vault 7 trial begins, Joshua Schulte’s attorneys will argue he’s a whistleblower

Posted on February 3, 2020 by Jeff Stone

Nearly three years after WikiLeaks began publishing secret CIA hacking tools, the legal team for the former agency employee who allegedly stole those files will try to convince a jury he did so in order to reveal the secrets behind the tools uses by the government to break into widely used consumer technology. Based on the evidence, it’s shaping up to be a difficult argument. That’s before you consider the current environment: where the U.S. justice system has taken a hard-line approach to those who go public with classified information. While the U.S. has charged former CIA software engineer Joshua Schulte with transmitting files detailing the agency’s arsenal of hacking tools, his lawyers have given no indication that he acted out of conscience. Government prosecutors, meanwhile, will introduce evidence starting Monday that Schulte, now 31, was motivated by nothing more than revenge for what he perceived to be mistreatment by […]

The post As Vault 7 trial begins, Joshua Schulte’s attorneys will argue he’s a whistleblower appeared first on CyberScoop.

Continue reading As Vault 7 trial begins, Joshua Schulte’s attorneys will argue he’s a whistleblower→

AIG must cover client’s $5.9 million in cyber-related losses, judge rules

Posted on January 31, 2020 by Jeff Stone

Insurance giant AIG must cover nearly $6 million in losses for a client that was fleeced by an email scam carried out by suspected Chinese hackers, a federal court has decided. A judge in the Southern District of New York ruled Wednesday that AIG was in breach of contract when it previously denied a claim from SS&C Technologies, a $6 billion financial technology firm. In 2016, hackers defrauded SS&C out of $5.9 million by sending spoofed emails that appeared to be from an SS&C client, Tillage Commodities, asking SS&C employees to transfer money. After SS&C carried out the transactions, Tillage took legal action, resulting in a settlement. While AIG covered SS&C’s court dispute with Tillage, SS&C also sought filed a claim seeking to have AIG cover the stolen $5.9 million. AIG denied the claim. The insurance company had argued its policy included an exclusion stipulating that SS&C was not covered […]

The post AIG must cover client’s $5.9 million in cyber-related losses, judge rules appeared first on CyberScoop.

Continue reading AIG must cover client’s $5.9 million in cyber-related losses, judge rules→

U.S. says accused Vault 7 leaker tried orchestrating PR campaign from jail cell

Posted on January 21, 2020 by Jeff Stone

With less than two weeks before a former Central Intelligence Agency contractor is scheduled to strand trial for allegedly leaking classified information to WikiLeaks, U.S. prosecutors on Tuesday asked a judge to admit evidence detailing the defendant’s behavior behind bars, including alleged communications with reporters. The defendant, Joshua Schulte, has been charged with stealing national defense information, then providing it to WikiLeaks, which then published a trove of CIA hacking tools known as the Vault7 files. Schulte was arrested in August 2017 and has been awaiting his trial in Manhattan’s Metropolitan Correctional Center. While detained, Schulte sought to “drum up media attention for his case and to paint himself as an innocent man,” prosecutors wrote in a Jan. 21 court filing. This public relations campaign involved writing a series of articles that he sought to distribute to the media, urging family members to post his missives on a public Facebook […]

The post U.S. says accused Vault 7 leaker tried orchestrating PR campaign from jail cell appeared first on CyberScoop.

Continue reading U.S. says accused Vault 7 leaker tried orchestrating PR campaign from jail cell→

No more delays: Judge in Vault 7 case sets trial date

Posted on December 10, 2019 by Jeff Stone

It looks like the judge presiding over the case of a former Central Intelligence Agency employee accused of providing U.S. secrets to WikiLeaks is out of patience. Judge Paul Crotty of the U.S. Southern District of New York declared in a court filing Monday that the trial of Joshua Schulte will begin on Feb. 3, 2020, nearly a month after the anticipated Jan. 12 trial start and three months after the previously scheduled date of Nov. 4, 2019. The decision comes after a long series of delays from Schulte’s defense attorneys, who have argued they needed the court to add another lawyer to the defense, and that they failed to understand some of the government’s allegations against Schulte despite repeated explanations from prosecutors. Schulte’s team also requested on Dec. 5 the court grant an extension to file a response to a motion related to the handling of classified material in the […]

The post No more delays: Judge in Vault 7 case sets trial date appeared first on CyberScoop.

Continue reading No more delays: Judge in Vault 7 case sets trial date→

NeverQuest banking malware administrator sentenced to 4 years

Posted on November 21, 2019 by Jeff Stone

A Russian man who helped create a hacking tool capable of extracting funds from victims’ bank accounts will spend four years behind bars, a punishment that fell short of the five years for which federal prosecutors had asked. A judge in the U.S. Southern District of New York handed down the 48-month prison sentence, including time served, to Stanislav Lisov for his role in deploying the NeverQuest malware. Lisov admitted he profited $885,000 from NeverQuest, while government investigators said the hacking technique had been used to try to steal a total of $4.4 million from international banks. Five years would have been the maximum allowed under the terms of a plea deal Lisov struck with the Department of Justice early this year. “He is happy,” Lisov’s attorney, Arkady Bukh, told CyberScoop, calling the sentence a “great victory.” NeverQuest quickly became a favorite hacking tool for financial scammers after its debut in 2013. Thieves […]

The post NeverQuest banking malware administrator sentenced to 4 years appeared first on CyberScoop.

Continue reading NeverQuest banking malware administrator sentenced to 4 years→

Accused Vault7 leaker argues Espionage Act charges are unconstitutional

Posted on November 6, 2019 by Jeff Stone

A former Central Intelligence Agency employee accused of providing U.S. secrets to WikiLeaks is asking a judge to toss some of the key charges against him, asserting they are unconstitutional. A defense attorney for Joshua Schulte filed a motion on Tuesday asking a judge in the U.S. Southern District of New York to dismiss five charges prosecutors brought against Schulte under the Espionage Act and federal larceny law because they “are unconstitutionally overbroad and void for vagueness.” The Department of Justice charged Schulte in June 2018 in connection with leaking a collection of CIA hacking tools used for cyber-espionage to WikiLeaks, which published much of the data under the name “Vault 7.” Schulte also has been accused of possessing child pornography, smuggling cell phones into his Manhattan jail cell, plotting a disinformation campaign to discredit his accusers and other wrongdoing as part of a years-long legal battle that’s only poised […]

The post Accused Vault7 leaker argues Espionage Act charges are unconstitutional appeared first on CyberScoop.

Continue reading Accused Vault7 leaker argues Espionage Act charges are unconstitutional→

AIG says its cyber insurance plans don’t cover criminal acts; wants lawsuit tossed

Posted on October 8, 2019 by Jeff Stone

Insurance giant AIG argued to a New York federal court on Monday that it is not responsible to cover nearly $6 million in losses incurred by a client that was victimized by suspected Chinese hackers. The company asked a court in the Southern District of New York to dismiss a lawsuit filed in August by SS&C Technologies, a $6 billion financial technology company, which alleged that AIG violated its contract by failing to cover losses from fraud. Hackers fleeced SS&C out of $5.9 million in 2016 by emailing company employees from spoofed email addresses, and requesting monetary transfers. AIG says its policy stipulates that the insurer will not cover losses stemming from criminal activity. “SS&C admits that it has filed suit seeking indemnity coverage for its settlement of a breach of contract claim concerning criminals using ‘spoof emails’ to trick SS&C into improperly using its authority over its client’s bank […]

The post AIG says its cyber insurance plans don’t cover criminal acts; wants lawsuit tossed appeared first on CyberScoop.

Continue reading AIG says its cyber insurance plans don’t cover criminal acts; wants lawsuit tossed→