Featured Government Nation-state Technology

Researchers Find Links Between SolarWinds Campaign and Tools Used by Russian Hackers

Federal investigators still can‚Äôt say with certainty who was behind the recent hacking campaign that compromised countless government agencies and private companies. But cybersecurity researchers say they‚Äôve found evidence linking tools used in the months-long espionage campaign to malware used by Russian cyber operators….

U.S. Capitol
Cybercrime Featured Government Nation-state People

Sen. Warner Says U.S. ‚ÄėUnderestimate[s] and Underreport[s]‚Äô on Russian Hacks Following SolarWinds Breach

A Senate Democrat who has been a top backer of cybersecurity and intelligence policies accused the Trump administration of ‚Äúwatering down‚ÄĚ Russia‚Äôs responsibility for the SolarWinds breach and warned that the hackers had compromised several high-profile victims that remain unidentified. Mark Warner, who as Vice-chair of the Senate Intelligence Committee spearheaded a five-volume report on the 2016 Russian election interference campaign, called that statement ‚Äúone more outrageous effort to underestimate and underreport on Russian activity…”

Magnifying lens
Cybercrime Featured Government Nation-state

The SolarWinds Hack and the Perils of Attribution

On Tuesday, a multi-agency task force stood up by the U.S. National Security Council to investigate and respond to the SolarWinds compromise issued a statement alleging that hackers ‚Äúlikely Russian in origin‚ÄĚ were behind the intrusion, offering the first official indication that the government believes the attacks were ordered by the Kremlin. But nearly a month after the compromise was first detected, none of the private security companies that are leading the investigation into the intrusions‚ÄĒand often provide the forensic data necessary to identify the perpetrators behind state-sponsored cyber-campaigns‚ÄĒhave pinned the blame on a specific group….

iphone hacker
Featured Government Nation-state Technology

Spyware Attack Targeting Dozens of Journalists Used Pernicious Zero-Click Exploit, Researchers Say

The mobile phones of dozens of employees at news outlet Al Jazeera were hacked using a stealthy ‚Äėzero-click‚Äô exploit developed by NSO Group, a heavily scrutinized Israeli commercial spyware vendor, according to a new report by researchers at Citizen Lab. The security research group associated with the University of Toronto said that the 36 journalists identified in their report likely represent a ‚Äúminuscule fraction‚ÄĚ of the total victims of the company‚Äôs spyware given the size of NSO Group‚Äôs customer base and the reach of the vulnerability, which affects iPhones prior to the iOS 14 update that was released this fall and included several security enhancements….

department of homeland security
Featured Government Leadership Nation-state Technology

Ridding Hackers From Government Networks Will Be ‚ÄúHighly Complex and Challenging,‚ÄĚ CISA Warns

The Department of Homeland Security‚Äôs Cybersecurity and Infrastructure Security Agency on Thursday issued its most urgent and detailed alert yet about the hacking campaign that has rocked government agencies and technology firms in recent days, saying that it ‚Äúposes a grave risk‚ÄĚ to federal and state governments, critical infrastructure entities, and private sector organizations. Additionally, CISA said it has evidence of additional attack vectors other than the SolarWinds Orion platform. CISA said it is still investigating the additional attack vectors, and that the attacker is likely using tactics, techniques, and procedures that have not yet been discovered…

The Hague
Featured Government Nation-state People

Dutch Intelligence Expels Two Russian Diplomats Over Espionage Accusations

The Netherlands‚Äô on Thursday ordered the expulsion of two Russian intelligence officers accused of spying on the country‚Äôs high-tech sector and targeting research that could potentially be used in weapons systems, the country‚Äôs national intelligence agency said. The Netherlands‚Äô General Intelligence and Security Service, known as AIVD, said that diplomats stationed at the Russian Embassy in The Hague were officers working for the SVR, the Russian civil intelligence agency that was recently reported to be implicated in a high-profile cyberattack against FireEye…

Cybercrime Featured Nation-state Technology

What We Know So Far About the FireEye Breach‚ÄĒand Why It Matters

On Tuesday afternoon, cybersecurity firm FireEye announced what is likely one of the most significant cyberattacks of 2020‚ÄĒwith itself as the victim. The attack was notable not just because the fallout could be immense, but because it required a brazenness and skill that only the most sophisticated hacking groups could pull off. Details will likely emerge as the FBI, FireEye, and its partners investigate the incident, but here‚Äôs what we know already…

FBI warning
Featured Government Nation-state

CISA, FBI Warn of Foreign Cyberattacks Targeting U.S. Think Tanks

The FBI and the Department of Homeland Security‚Äôs Cybersecurity and Infrastructure Security Agency on Tuesday alerted U.S. think tanks of ‚Äúpersistent continued cyber intrusions‚ÄĚ from advanced persistent threat groups. Several individuals who work at think tanks, including Neera Tanden, the president of the Center for American Progress who was recently announced to be Joe Biden‚Äôs pick to lead the Office of Management and Budget, have already been tapped to join the new administration….

Chart 4
Chart of the Week Featured Government Nation-state

Cyber-Espionage Attacks Disproportionately Target These Industries

Industries frequently targeted by financially-motivated cybercriminals, such as banks and healthcare organizations, are a low priority for attackers engaged in espionage, a new report from Verizon suggests. These attackers, typically linked to nation states, instead focus their efforts on industries that hold data like trade secrets, blueprints and classified government documents…

Cybercrime Featured Government Leadership Nation-state People

Ukraine’s Top Cyber Cop on Defending Against Disinformation and Russian Hackers

In recent years, Ukraine has become an involuntary testing ground for some of the most dangerous cyberweapons in the world. Serhii Demediuk has perhaps played the most prominent role in defending Ukraine against digital intrusions, investigating cyberattacks and the groups behind them, and strengthening the country‚Äôs capabilities in cyberspace….