Pyongyang North Korea
Cybercrime Featured Government Nation-state Technology

U.S. Authorities Take Sweeping Actions Against North Korean Hacking Operations

Several U.S. federal agencies on Wednesday released a batch of indictments, cybersecurity advisories, and malware analysis reports that represents one of the most expansive cybersecurity-related actions against North Korea in years. The U.S. Justice Department unsealed charges against three North Korean hackers who are accused of stealing and extorting more than $1.3 billion of money and cryptocurrency from financial institutions around the globe. It’s the first indictment related to North Korean hacking operations since 2018, according to an analysis by The Record…

Nicole Perlroth
Featured Government Leadership Nation-state People

‘Every Attack Was Like a Slightly Deadlier Version Than the Last:’ NYT’s Perlroth Talks About Her New Book

When Nicole Perlroth joined The New York Times’ technology bureau nearly ten years ago, cybersecurity was in a much different place than it is today.

“The crazy thing happening in that moment was Anonymous, which seems so quaint these days,” she said.

As the decade unfolded, she witnessed and wrote about attacks that grew increasingly brazen and destructive: hacks targeting Sony Pictures, Yahoo, and Equifax, as well as incidents that spiraled out of control like WannaCry and NotPetya. Governments were stockpiling cyber weapons and unleashing them on adversaries. Occasionally the tools would get stolen and used against the country hoarding them….

SIM swap
Cybercrime Featured Government People Technology

SIM Swappers Stole $100 Million from ‘Well-Known Influencers’ Before Getting Arrested, Authorities Say

An international law enforcement operation arrested ten suspected hackers who are accused of targeting U.S. celebrities with SIM swapping attacks that netted them $100 million in cryptocurrency. “Well-known sports stars, musicians, and influencers” were targeted in the scheme, which involved exploiting phone service providers to deactivate a victim’s SIM and transferring the number to one owned by a member of the criminal network. This let the attackers intercept messages directed to the victims, allowing them to hijack accounts, steal money, and masquerade as the victims on social media, authorities said…

authentication, digital id
Cybercrime Featured Government Technology

Federal Officials: COVID-19 Fraud Highlights Need for a New Digital Identity System

“We’ve seen how billions of dollars in fraud involving COVID-19 relief programs have exposed weaknesses in current identity and payment systems. These forced us to take a really hard look at how identity is managed, verified, and authenticated,” said Michael Mosier, deputy director of the Treasury Department’s Financial Crimes Enforcement Network, also known as FinCEN. “To get payments right, we have to get identity right and we have to do it in a way that preserves privacy while ensuring security in the system.” Lawmakers and other officials called on the Biden administration to focus on creating a new digital identification system that would make it harder for cybercriminals to steal from financial institutions and individuals…

The Department of Justice unsealed a series of cybersecurity indictments.
Chart of the Week Featured Government Nation-state

How the Justice Department Is Stepping up Its Efforts To Indict State-Sponsored Hackers

When it comes to indicting state-sponsored hackers, 2020 was one of the busiest years yet for the U.S. Justice Department. The DOJ unsealed seven such indictments last year, charging 22 foreign hackers with working in whole or in part for foreign governments. In terms of both indictments unsealed and foreign hackers charged, that makes 2020 the second most prolific year ever for the DOJ, an investigation by The Record has found. The only time the Justice Department surpassed that tally was in 2018…

Featured Government Leadership Nation-state People

Belgium’s Top Cybersecurity Authority on How To Make the Internet a Safer Place

In 2017, Belgian cybersecurity officials launched a campaign aimed at one the country’s most pervasive digital threats: phishing attacks. Citizens were taught how to spot potentially malicious emails and were instructed to forward them to an address administered by the Centre for Cyber Security Belgium, the country’s central authority for cybersecurity. At first only a trickle of emails came in, said CCB Managing Director Miguel De Bruycker. But the campaign continued and expanded over the last three years—by the end of 2020, about 10,000 suspicious emails a day were forwarded to the address, double the amount from a year prior.

As the head of the CCB, which manages Belgium’s Computer Emergency Response Team (CERT) and is under the authority of the country’s Prime Minister, De Bruycker has his sights on more ambitious projects aimed at making the internet more secure. He talked to The Record recently about the future of digital identity and how governments must gain trust to implement strong cybersecurity policies…

Cybercrime Featured Government

U.S. Announces Charges, Cryptocurrency Seizure in NetWalker Investigation

The U.S. Department of Justice announced Wednesday that a coordinated international campaign targeting the NetWalker ransomware has resulted in the seizure of hundreds of thousands of dollars in cryptocurrency and criminal charges against a Canadian national. NetWalker attacks steadily rose last year, and targeted a wide range of organizations including hospitals, schools, and municipalities, according to data collected by Recorded Future. The ransomware-as-a-service operation is part of a growing movement where attackers steal and leak data to pressure victims into paying a demand….

Cybercrime Featured Government Technology

Global Operation Takes Down Part of Emotet, ‘World’s Most Dangerous Malware’

It’s been called the “king of malware,” “one of the most prevalent ongoing threats,” and “the world’s most dangerous malware.” And now a global law enforcement operation says they’ve seized control of it. On Wednesday, Europol announced that a collaborative effort between authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada, and Ukraine disrupted the prolific malware operation by taking control of its infrastructure….

Joe Biden
Featured Government Leadership People

For Biden’s Cybersecurity Strategy, All Eyes Are on the New National Cyber Director Role

When President Joe Biden took office last week, he and his administration were immediately tasked with managing one of the largest cybersecurity failures in recent memory—a stealthy and methodical supply-chain intrusion into private companies and government agencies that has been blamed on Russia. Much of the work overseeing the response efforts will fall on a position that is not even a month old: the National Cyber Director. The first days of the Biden administration will be a make-or-break moment for the new White House posting…

Featured Government Leadership Technology

‘Adopt the Adversarial Point of View:’ Cybersecurity Lessons From a National Intelligence Technology Leader

Amit Meltzer spent three decades working in Israel’s national security apparatus, including as chief technologist for Mossad, the country’s famed national intelligence agency. “The main reason I left was that my wife said: ‘Enough!’”

I caught up with Meltzer to talk about his time working in national intelligence and how it shaped his thinking on cybersecurity…