John Sakellariadis
contributor
Articles By This Author
Hackers target NFT craze by stealing from Nifty Gateway users
Over the last couple days, multiple users of Nifty Gateway, a marketplace for buying and selling non-fungible tokens (NFTs), reported on Twitter that their accounts had been hacked and then drained of thousands of dollars worth of digital art. The theft marks one of the first known incidents of digital art theft, but the rapid adoption of NFTs suggests it will not be the last…
Healthcare Providers Were Warned of a Ransomware Surge Last Fall. Some Still Aren’t Sure How Serious the Threat Was
Late last October, when the U.S. government warned of an imminent ransomware threat to the country’s hospitals and healthcare providers, many in the industry had a similar reaction: they paused, took a deep breath, and braced for impact. But one of the organizations tasked with distributing critical threat information across the healthcare sector was not among them, instead turning a skeptical eye on the government’s alert…
Four Things We Learned (And Four Things That Remain Unclear) About the Russia Hack
The U.S. Senate and House of Representatives hauled the CEOs of SolarWinds, FireEye, CrowdStrike and Microsoft onto (semi-virtual) Capitol Hill last week to answer questions about the sweeping Russian compromise of U.S. government and corporate networks—the first public hearings dedicated to the campaign to date. In honor of the occasion, The Record watched 7.5 hours of testimony so you didn’t have to. Here are eight key takeaways…
A Volunteer Cyber Group Formed To Protect Hospitals During the Pandemic Releases Its First Report
An organization founded by vigilantes seeking to protect healthcare workers from digital threats during the COVID-19 pandemic has released its first report, which details cybercrime activity against global healthcare entities since pandemic lockdowns began in March of last year. In line with previous reports on the sector, it found that cybercrime had accelerated during the pandemic as criminals exploited the rapid transition to remote work and the psychological pressures produced by the global health crisis…
How the Justice Department Is Stepping up Its Efforts To Indict State-Sponsored Hackers
When it comes to indicting state-sponsored hackers, 2020 was one of the busiest years yet for the U.S. Justice Department. The DOJ unsealed seven such indictments last year, charging 22 foreign hackers with working in whole or in part for foreign governments. In terms of both indictments unsealed and foreign hackers charged, that makes 2020 the second most prolific year ever for the DOJ, an investigation by The Record has found. The only time the Justice Department surpassed that tally was in 2018…
For Biden’s Cybersecurity Strategy, All Eyes Are on the New National Cyber Director Role
When President Joe Biden took office last week, he and his administration were immediately tasked with managing one of the largest cybersecurity failures in recent memory—a stealthy and methodical supply-chain intrusion into private companies and government agencies that has been blamed on Russia. Much of the work overseeing the response efforts will fall on a position that is not even a month old: the National Cyber Director. The first days of the Biden administration will be a make-or-break moment for the new White House posting…
Researchers Find Links Between SolarWinds Campaign and Tools Used by Russian Hackers
Federal investigators still can’t say with certainty who was behind the recent hacking campaign that compromised countless government agencies and private companies. But cybersecurity researchers say they’ve found evidence linking tools used in the months-long espionage campaign to malware used by Russian cyber operators….
Sen. Warner Says U.S. ‘Underestimate[s] and Underreport[s]’ on Russian Hacks Following SolarWinds Breach
A Senate Democrat who has been a top backer of cybersecurity and intelligence policies accused the Trump administration of “watering down” Russia’s responsibility for the SolarWinds breach and warned that the hackers had compromised several high-profile victims that remain unidentified. Mark Warner, who as Vice-chair of the Senate Intelligence Committee spearheaded a five-volume report on the 2016 Russian election interference campaign, called that statement “one more outrageous effort to underestimate and underreport on Russian activity…”
The SolarWinds Hack and the Perils of Attribution
On Tuesday, a multi-agency task force stood up by the U.S. National Security Council to investigate and respond to the SolarWinds compromise issued a statement alleging that hackers “likely Russian in origin” were behind the intrusion, offering the first official indication that the government believes the attacks were ordered by the Kremlin. But nearly a month after the compromise was first detected, none of the private security companies that are leading the investigation into the intrusions—and often provide the forensic data necessary to identify the perpetrators behind state-sponsored cyber-campaigns—have pinned the blame on a specific group….
Spyware Attack Targeting Dozens of Journalists Used Pernicious Zero-Click Exploit, Researchers Say
The mobile phones of dozens of employees at news outlet Al Jazeera were hacked using a stealthy ‘zero-click’ exploit developed by NSO Group, a heavily scrutinized Israeli commercial spyware vendor, according to a new report by researchers at Citizen Lab. The security research group associated with the University of Toronto said that the 36 journalists identified in their report likely represent a “minuscule fraction” of the total victims of the company’s spyware given the size of NSO Group’s customer base and the reach of the vulnerability, which affects iPhones prior to the iOS 14 update that was released this fall and included several security enhancements….