Bidenâs Pick for Acting CIA Director Has a Lot To Say About Ransomware and Cybercrime
Cohen will lead the CIA as the U.S. confronts what experts say is one of the most significant cybersecurity incidents to ever target the government. Russia was recently blamed for an attack that affects potentially thousands of companies and government agencies, and cybersecurity experts say it might have been carried out by the countryâs Foreign Intelligence Service, which has similar objectives to the CIA….
âNothing in Cybersecurity Is Satisfactory:â Former Swedish PM Carl Bildt on the Need for Norms in Cyberspace
In February 1994, Carl Bildt, who was at the time serving as Prime Minister of Sweden, typed a brief two-paragraph email addressed to then-U.S. President Bill Clinton. The note congratulated Clinton on his decision to end a trade embargo on Vietnam, but also marked a historic event for the internet: It was the first known email sent between heads of government. âSweden isâas you knowâone of the leading countries in the world in the field of telecommunications, and it is only appropriate that we should be among the first to use the Internet also for political contacts and communications around the globe,â the message read.
I talked to Bildt recently about how global leaders should think about cybersecurity, and which policies and practices can help keep people safe online. To Bildt, we are often our own worst enemy: âThe greatest threat is ignorance,” he said…
Hackerâs Early Release Gets Sidetracked After Federal Prosecutors Say He Continued Crimes From Prison
In a surprise twist to a drawn-out legal saga, a foreign hacker who was scheduled to be imminently released from federal prison and deported was charged Tuesday evening with allegedly continuing his fraudulent schemes from behind bars. Ardit Ferizi, a Kosovo citizen who was arrested in 2015 in Malaysia and later extradited to the U.S., was granted a compassionate release by a federal judge last month due to the coronavirus outbreak….
Researchers Find Links Between SolarWinds Campaign and Tools Used by Russian Hackers
Federal investigators still canât say with certainty who was behind the recent hacking campaign that compromised countless government agencies and private companies. But cybersecurity researchers say theyâve found evidence linking tools used in the months-long espionage campaign to malware used by Russian cyber operators….
NSA Opens Up About Its Cybersecurity Operations in First-Ever Yearly Review
As the intelligence agency tasked with deciphering coded communications and carrying out a range of other clandestine surveillance operations, the National Security Agency has been shrouded in secrecy since its inception. But in a series of steps taken over the last year, the NSA has changed its approachâat least a littleâby being more forthcoming about its cybersecurity operations…
Sen. Warner Says U.S. âUnderestimate[s] and Underreport[s]â on Russian Hacks Following SolarWinds Breach
A Senate Democrat who has been a top backer of cybersecurity and intelligence policies accused the Trump administration of âwatering downâ Russiaâs responsibility for the SolarWinds breach and warned that the hackers had compromised several high-profile victims that remain unidentified. Mark Warner, who as Vice-chair of the Senate Intelligence Committee spearheaded a five-volume report on the 2016 Russian election interference campaign, called that statement âone more outrageous effort to underestimate and underreport on Russian activity…”
The SolarWinds Hack and the Perils of Attribution
On Tuesday, a multi-agency task force stood up by the U.S. National Security Council to investigate and respond to the SolarWinds compromise issued a statement alleging that hackers âlikely Russian in originâ were behind the intrusion, offering the first official indication that the government believes the attacks were ordered by the Kremlin. But nearly a month after the compromise was first detected, none of the private security companies that are leading the investigation into the intrusionsâand often provide the forensic data necessary to identify the perpetrators behind state-sponsored cyber-campaignsâhave pinned the blame on a specific group….
âI Was Running Two Parallel Livesâ: An Ex-Secret Service Agent Opens Up About Going Undercover To Catch Cybercriminals
Until recently, Richard LaTulip was one of the Secret Serviceâs special agents who went undercover to better understand cybercriminals. On occasion, he would even befriend hackers. âI opened the door and there on the other side was the target standing with a liter of vodka… a gift from their home country,â he recalled. LaTulip, who left the agency in July to join the private sector, opened up about his experiences at the Secret Service in a recent interview with Recorded Future expert threat intelligence analyst Dmitry Smilyanets. The two first met in 2012, when Smilyanets himself was interviewed by LaTulip in relation to his involvement in a major data breach investigation….
‘More of an Art Than a Science:’ Behind the Governmentâs Effort To Measure Cybersecurity
A dirty little secret of cybersecurity is that no one really knows how to measure it. To start filling that void, the U.S. government standards agency, the National Institute of Standards and Technology, is leading a big push to catalogue existing measurement systems and research new ones. NIST asked in September for public comments about how organizations measure their cybersecurity performance….
Spyware Attack Targeting Dozens of Journalists Used Pernicious Zero-Click Exploit, Researchers Say
The mobile phones of dozens of employees at news outlet Al Jazeera were hacked using a stealthy âzero-clickâ exploit developed by NSO Group, a heavily scrutinized Israeli commercial spyware vendor, according to a new report by researchers at Citizen Lab. The security research group associated with the University of Toronto said that the 36 journalists identified in their report likely represent a âminuscule fractionâ of the total victims of the companyâs spyware given the size of NSO Groupâs customer base and the reach of the vulnerability, which affects iPhones prior to the iOS 14 update that was released this fall and included several security enhancements….