CIA
Cybercrime Featured Government Leadership People

Biden’s Pick for Acting CIA Director Has a Lot To Say About Ransomware and Cybercrime

Cohen will lead the CIA as the U.S. confronts what experts say is one of the most significant cybersecurity incidents to ever target the government. Russia was recently blamed for an attack that affects potentially thousands of companies and government agencies, and cybersecurity experts say it might have been carried out by the country’s Foreign Intelligence Service, which has similar objectives to the CIA….

Swedish Parliament
Featured Government Leadership People

“Nothing in Cybersecurity Is Satisfactory:” Former Swedish PM Carl Bildt on the Need for Norms in Cyberspace

In February 1994, Carl Bildt, who was at the time serving as Prime Minister of Sweden, typed a brief two-paragraph email addressed to then-U.S. President Bill Clinton. The note congratulated Clinton on his decision to end a trade embargo on Vietnam, but also marked a historic event for the internet: It was the first known email sent between heads of government. “Sweden is—as you know—one of the leading countries in the world in the field of telecommunications, and it is only appropriate that we should be among the first to use the Internet also for political contacts and communications around the globe,” the message read.

I talked to Bildt recently about how global leaders should think about cybersecurity, and which policies and practices can help keep people safe online. To Bildt, we are often our own worst enemy: “The greatest threat is ignorance,” he said…

justice
Cybercrime Featured Government People

Hacker’s Early Release Gets Sidetracked After Federal Prosecutors Say He Continued Crimes From Prison

In a surprise twist to a drawn-out legal saga, a foreign hacker who was scheduled to be imminently released from federal prison and deported was charged Tuesday evening with allegedly continuing his fraudulent schemes from behind bars. Ardit Ferizi, a Kosovo citizen who was arrested in 2015 in Malaysia and later extradited to the U.S., was granted a compassionate release by a federal judge last month due to the coronavirus outbreak….

solarwinds
Featured Government Nation-state Technology

Researchers Find Links Between SolarWinds Campaign and Tools Used by Russian Hackers

Federal investigators still can’t say with certainty who was behind the recent hacking campaign that compromised countless government agencies and private companies. But cybersecurity researchers say they’ve found evidence linking tools used in the months-long espionage campaign to malware used by Russian cyber operators….

NSA
Featured Government

NSA Opens Up About Its Cybersecurity Operations in First-Ever Yearly Review

As the intelligence agency tasked with deciphering coded communications and carrying out a range of other clandestine surveillance operations, the National Security Agency has been shrouded in secrecy since its inception. But in a series of steps taken over the last year, the NSA has changed its approach—at least a little—by being more forthcoming about its cybersecurity operations…

U.S. Capitol
Cybercrime Featured Government Nation-state People

Sen. Warner Says U.S. ‘Underestimate[s] and Underreport[s]’ on Russian Hacks Following SolarWinds Breach

A Senate Democrat who has been a top backer of cybersecurity and intelligence policies accused the Trump administration of “watering down” Russia’s responsibility for the SolarWinds breach and warned that the hackers had compromised several high-profile victims that remain unidentified. Mark Warner, who as Vice-chair of the Senate Intelligence Committee spearheaded a five-volume report on the 2016 Russian election interference campaign, called that statement “one more outrageous effort to underestimate and underreport on Russian activity…”

Magnifying lens
Cybercrime Featured Government Nation-state

The SolarWinds Hack and the Perils of Attribution

On Tuesday, a multi-agency task force stood up by the U.S. National Security Council to investigate and respond to the SolarWinds compromise issued a statement alleging that hackers “likely Russian in origin” were behind the intrusion, offering the first official indication that the government believes the attacks were ordered by the Kremlin. But nearly a month after the compromise was first detected, none of the private security companies that are leading the investigation into the intrusions—and often provide the forensic data necessary to identify the perpetrators behind state-sponsored cyber-campaigns—have pinned the blame on a specific group….

Latulip Thailand
Cybercrime Featured Government Leadership People

‘I Was Running Two Parallel Lives’: An Ex-Secret Service Agent Opens Up About Going Undercover To Catch Cybercriminals

Until recently, Richard LaTulip was one of the Secret Service’s special agents who went undercover to better understand cybercriminals. On occasion, he would even befriend hackers. “I opened the door and there on the other side was the target standing with a liter of vodka… a gift from their home country,” he recalled. LaTulip, who left the agency in July to join the private sector, opened up about his experiences at the Secret Service in a recent interview with Recorded Future expert threat intelligence analyst Dmitry Smilyanets. The two first met in 2012, when Smilyanets himself was interviewed by LaTulip in relation to his involvement in a major data breach investigation….

measurements
Featured Government Technology

‘More of an Art Than a Science:’ Behind the Government’s Effort To Measure Cybersecurity

A dirty little secret of cybersecurity is that no one really knows how to measure it. To start filling that void, the U.S. government standards agency, the National Institute of Standards and Technology, is leading a big push to catalogue existing measurement systems and research new ones. NIST asked in September for public comments about how organizations measure their cybersecurity performance….

iphone hacker
Featured Government Nation-state Technology

Spyware Attack Targeting Dozens of Journalists Used Pernicious Zero-Click Exploit, Researchers Say

The mobile phones of dozens of employees at news outlet Al Jazeera were hacked using a stealthy ‘zero-click’ exploit developed by NSO Group, a heavily scrutinized Israeli commercial spyware vendor, according to a new report by researchers at Citizen Lab. The security research group associated with the University of Toronto said that the 36 journalists identified in their report likely represent a “minuscule fraction” of the total victims of the company’s spyware given the size of NSO Group’s customer base and the reach of the vulnerability, which affects iPhones prior to the iOS 14 update that was released this fall and included several security enhancements….