Articles By This Author

Cyber Command
Cybercrime Featured Government Leadership Nation-state People Privacy Technology

Former NSA and Cyber Command Chief Keith Alexander on SolarWinds, Cyberwar, and China

“The commercial sector is trying its best to fight against a government and all its resources. That’s not a fair fight… China will tell you it’s not stealing your stuff, and then goes and steals your stuff…

It can’t be just trusting them—it’s trust but verify. Look at what’s going on in the COVID-19 arena alone and the theft of intellectual property. It’s huge… This is the biggest transfer of wealth in history, and it’s going right out the front door…”

The Record
Featured People Technology

Catalin Cimpanu Joins The Record as Its First Cybersecurity Reporter

Catalin has years of experience writing about information security, and has become a well-known name in the field for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers. He’s been at ZDNet since 2018, where he wrote thousands of stories on everything from vulnerabilities in ballistic missile systems to the ever-changing ransomware landscape…

hospital
Chart of the Week Cybercrime Featured Private Channel Technology

Hospitals, Schools Get a Crucial Break From Ransomware Attacks

After a year of what felt like nonstop cyberattacks on the most vulnerable targets, healthcare and government organizations started 2021 with ransomware incidents at their lowest point in more than a year. There were just two ransomware attacks on healthcare organizations in January, a fourfold decrease from the monthly average in 2020. State and local governments reported four ransomware incidents in January—that compares to 14 attacks in December of last year and 15 attacks from one year prior…

United Nations
Cybercrime Featured Government Leadership Nation-state

With Biden in Office, Global Policymakers Are Making a Renewed Push for Cyber Norms

On Tuesday, diplomats from Australia, France, and Estonia, as well as private sector cybersecurity officials, emphasized the need for a renewed focus on norms in cyberspace, and suggested that progress could be made in the coming years. “As cyber threats grow, it’s vitally important that UN discussions keep pace, or they really do risk losing credibility,” said Tobias Feakin, Australia’s ambassador for cyber affairs and critical technology, at a virtual event on cyber norms hosted by the U.S. Chamber of Commerce. And one of the biggest assets for this renewed push may be the fact that there’s a new administration in the White House….

big data research
Cybercrime Featured Nation-state People Technology

Cyber Attribution Is More Art Than Science. This Researcher Has a Plan to Change That

The Record caught up with threat intelligence researcher Timo Steffens to talk about the latest in threat hunting, and why he thinks it’s similar to disciplines like art history and criminology. He also discussed why the whole concept of APT groups—the term security professionals often use to categorize nation state or state-sponsored hacking operations—is a simplification that the industry might have to move past. “[Hacking groups] don’t necessarily have a fixed set of people—some leave, some join, they might share malware or an idea for an exploit with another group—so we have to… understand that the whole landscape is dynamic,” he said…

Pyongyang North Korea
Cybercrime Featured Government Nation-state Technology

U.S. Authorities Take Sweeping Actions Against North Korean Hacking Operations

Several U.S. federal agencies on Wednesday released a batch of indictments, cybersecurity advisories, and malware analysis reports that represents one of the most expansive cybersecurity-related actions against North Korea in years. The U.S. Justice Department unsealed charges against three North Korean hackers who are accused of stealing and extorting more than $1.3 billion of money and cryptocurrency from financial institutions around the globe. It’s the first indictment related to North Korean hacking operations since 2018, according to an analysis by The Record…

Nicole Perlroth
Featured Government Leadership Nation-state People

‘Every Attack Was Like a Slightly Deadlier Version Than the Last:’ NYT’s Perlroth Talks About Her New Book

When Nicole Perlroth joined The New York Times’ technology bureau nearly ten years ago, cybersecurity was in a much different place than it is today.

“The crazy thing happening in that moment was Anonymous, which seems so quaint these days,” she said.

As the decade unfolded, she witnessed and wrote about attacks that grew increasingly brazen and destructive: hacks targeting Sony Pictures, Yahoo, and Equifax, as well as incidents that spiraled out of control like WannaCry and NotPetya. Governments were stockpiling cyber weapons and unleashing them on adversaries. Occasionally the tools would get stolen and used against the country hoarding them….

SIM swap
Cybercrime Featured Government People Technology

SIM Swappers Stole $100 Million from ‘Well-Known Influencers’ Before Getting Arrested, Authorities Say

An international law enforcement operation arrested ten suspected hackers who are accused of targeting U.S. celebrities with SIM swapping attacks that netted them $100 million in cryptocurrency. “Well-known sports stars, musicians, and influencers” were targeted in the scheme, which involved exploiting phone service providers to deactivate a victim’s SIM and transferring the number to one owned by a member of the criminal network. This let the attackers intercept messages directed to the victims, allowing them to hijack accounts, steal money, and masquerade as the victims on social media, authorities said…

server racks
Cybercrime Featured Technology

Hackers Targeted Work-From-Home Technology and Avoided Adobe Products Last Year

In 2015, eight of the top ten most exploited vulnerabilities involved Adobe products. But in 2020, no Adobe products made the list, according to new data. Instead, cybercriminals focused their attention on vulnerabilities in remote-work technology, such as Citrix’s Application Delivery Controller, PulseSecure’s Pulse Connect, and Oracle’s WebLogic, as well as widely-used Microsoft products…

authentication, digital id
Cybercrime Featured Government Technology

Federal Officials: COVID-19 Fraud Highlights Need for a New Digital Identity System

“We’ve seen how billions of dollars in fraud involving COVID-19 relief programs have exposed weaknesses in current identity and payment systems. These forced us to take a really hard look at how identity is managed, verified, and authenticated,” said Michael Mosier, deputy director of the Treasury Department’s Financial Crimes Enforcement Network, also known as FinCEN. “To get payments right, we have to get identity right and we have to do it in a way that preserves privacy while ensuring security in the system.” Lawmakers and other officials called on the Biden administration to focus on creating a new digital identification system that would make it harder for cybercriminals to steal from financial institutions and individuals…