Group items tagged

But for the 2018 midterm elections, the command took a far more aggressive posture. In addition to sending the teams to allied countries, it sent warning messages to would-be Russian trolls before the vote, in its first offensive operation against Moscow; it then took at least one of those troll farms offline on Election Day and the days afterward.

After getting close to foreign adversaries’ own networks, Cyber Command can then get inside to identify and potentially neutralize attacks on the United States, according to current and former officials.

Cyber Command sends teams of experts overseas to work with partner and allied nations to help them find, identify and remove hostile intrusions on their government or military computer networks.

But Cyber Command officials said those efforts uncovered malware being used by adversarial hacking teams.

For the allied nations, inviting Cyber Command operatives not only helps improve their network defenses but also demonstrates to adversaries that the United States military is working with them. For the United States, the deployments give their experts an early look at tactics that potential adversaries are honing in their own neighborhoods, techniques that could later be used against Americans.

Similarly, Cyber Command officials said their efforts to try to counter foreign threats would not end with the close of voting on Tuesday; they will continue as votes are counted and the Electoral College prepares to meet in December.

“We are not stopping or thinking about our operations slacking off on Nov. 3,” General Moore said. “Defending the election is now a persistent and ongoing campaign for Cyber Command.”

The US military's Cyber Command has pursued a strategy in recent years of "defend forward" and "persistent engagement". This means hacking into adversary systems to find out what they are doing - and stopping operations against the US before they are unleased.

This contesting of cyber-space was seen by many as long overdue. But Russia and China appear undeterred. One option now might be to hit back harder. But escalation carries its own risks.

The US had considered espionage - stealing information - acceptable, because it practised it extensively, as whistleblower Edward Snowden revealed in 2013. The problem for Washington is recent breaches may fit into the same category.That leaves the US in a bind.

US says destructive cyber-attacks are unacceptable but was the first to cross that line a decade ago when it used the Stuxnet attack to destroy parts of the Iran nuclear system.

But the administration is not "taking any options off the table" in response to the incident, press secretary Jen Psaki said at a press briefing earlier Wednesday, adding that there's an internal policy review process to consider any actions.

"I'm not going to give any further analysis on that. Other than to tell you that our view is that when there are criminal entities within a country, they certainly have a responsibility and it is a role that the government can play," she responded.

The JBS attack comes after a string of cyber breaches and ransomware attacks tied to nation state actors.

In April, the Biden administration announced a series of actions, including sanctions, against Russia for its interference in the 2020 US election, its ongoing actions in Crimea and the SolarWinds cyber attack. The attack on the software developer was one of the worst data breaches to ever hit the US government.

Microsoft also recently said that hackers who are part of the same Russian group behind the SolarWinds hack have struck again in the US and other countries, launching a new cyberattack on more than 150 government agencies, think tanks and other organizations.

"Ransomware right now, this is a business model," Lior Div, CEO of the security firm Cybereason told CNN's Richard Quest. "They are in it for the money and they are trying to generate as much revenue as possible for themselves. So as long as people are going to pay, they're going to keep operating in order to generate this massive amount of revenue that they are generating every year."

Cyber hygiene is necessary. Every US company and organization needs to protect itself, said Eric Goldstein, the current assistant director at CISA, in a statement.

The hack of the world's largest meat producer, JBS, a Brazilian company whose subsidiaries control a quarter of US beef processing and a large portion of pork processing, was disclosed Tuesday by the White House, which promised to re-focus on the issue and to raise it with Russia, the government thought to be harboring hackers.

You figure if nine meat plants hadn't gone dark in Arizona, Texas, Nebraska, Colorado, Wisconsin, Utah, Michigan and Pennsylvania, it seems very plausible we likely would never have heard. The US JBS headquarters is based in Greeley, Colorado, and it employs more than 66,000 people. Read about the fallout for them, from CNN's Brian Fung.

It's not clear, of course, if the company is paying the ransom. If they're getting back online this quickly, you've certainly got to assume they could have.

"We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice. We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable," the FBI said in a statement. "A cyber attack on one is an attack on us all."

Ireland's national health service has completely shut its IT system and refuses to pay the ransom, which it said in May has disrupted everything from its Covid vaccine rollout to community health services.

Senators Ron Wyden (D-OR) and Rand Paul (R-KY) introduced legislation on Wednesday that would bar government and local law enforcement agencies from purchasing the location data of U.S. citizens without a warrant. The “Fourth Amendment Is Not for Sale Act” [PDF] would also criminalize the police use of “illegitimately obtained” data from technology brokers such as Clearview AI, a biometrics firm that has scraped and sold billions of photos from social media and other websites

Facebook announced that it had broken up two separate Palestinian hacker groups—one with alleged ties to the Palestinian Preventive Security Service (PSS), the intelligence service of the Palestinian Authority, and the other, known as Arid Viper, with reported links to the Hamas militant group.

the PSS-backed hackers are believed to be based in the West Bank and target entities primarily in Palestine and Syria, with a lesser focus on Turkey, Iraq, Lebanon, and Libya. Their targets include journalists, critics of the Palestinian government, human rights activists, and military groups such as the Syrian opposition and Iraqi military.

The alert also ramped up the urgency of government warnings. After playing the incident down — President Trump has said nothing and Secretary of State Mike Pompeo deflected the hacking as one of the many daily attacks on the federal government,

"We've never really seen anything this targeted [that] impacts so many sites,"

Amazon Web Services was also experiencing connectivity issues on Friday

came a week after the deadly terrorist attacks in Paris which killed 17 people.

UK police have said there is "heightened concern" about the risk to the UK's Jewish communities and are considering stepping up patrols in certain areas.

We face a poisonous and fanatical ideology that wants to pervert one of the world's major religions, Islam, and create conflict, terror and death

Mr Cameron said the terror threat level, set independently by the Joint Terrorism Assessment Centre, was currently at "severe" - meaning an attack is "highly likely

he prime minister also announced that the UK would send an additional 1,000 troops to take part in Nato military exercises in the Baltic states and eastern Europe amid heightened tensions in the region following Russia's conflict with Ukraine

On Iran, Mr Cameron cautioned against further sanctions on the country over its nuclear programme, warning that it would be "counter-productive" and could undermine efforts for a diplomatic solution.

it was announced that the UK and US are to carry out "war game" cyber attacks on each other as part of a new joint defence against online criminals.

But the United States is constrained by its huge commitment to the Internet. We are more dependent on the Web than the North Koreans. In practice, this means that we are more vulnerable to attacks on it. More systems can be shut down and crippled than in North Korea. Americans think that technological superiority works to our benefit. Here, the opposite may be true.

Russian and American officials have discussed how to stabilize the situation.

Fact-checking measures adopted by major tech and social-media companies are unlikely to stop Russia from seeking out new vulnerabilities in Western democracies.

While such an attack would mark a major escalation for Russia, it would not be unprecedented. Attacks on at least a dozen electric facilities in America—including one nuclear plant—have been traced back to a Russian-linked group. Russia is also thought to be behind an increasing number of cyberattacks against private corporations and government agencies in Ukraine. Similarly, Moscow waged a massive disinformation and propaganda campaign alongside its annexation of Crimea in 2014.

In recent years, Kremlin-linked cyber and disinformation campaigns of varying ambition have hit several European countries. In Germany, Russian state news spread a fake story about the rape of an underage girl by migrants during the height of Europe’s refugee crisis in 2016 that led to dozens of protests across the country. Similarly, Russian-backed broadcasters targeted Germany’s Russian emigrant community allegedly to bolster support for the country’s right-wing Alternative for Germany party in its bid to enter parliament for the first time. In France, Russian-linked hackers were believed to have stolen and leaked emails from French President Emmanuel Macron’s campaign. Moscow also recently launched a French version of RT, the public broadcaster formerly known as Russia Today. Spanish investigators found that both private and state-led Russian-based groups disseminated information on social media to try to sway public opinion ahead of Catalonia’s independence referendum in October.

“On the security side, there are some improvements that can happen without the [Trump] administration,” Sulmeyer, the former cyber official, said. “But without a greater counterweight or cost for Russia, none of this is going to stop.”

To date, Russian hackers have only been arrested while traveling abroad. In 2016, a Russian cybercriminal was arrested while vacationing in Prague on charges he hacked LinkedIn, the social network, and other American companies.

The vast majority of ransomware outfits are based in Russia, where authorities have protected hackers from extradition.

According to Emsisoft, nearly 10 percent of ransomware victims now see their data leaked online, a jarring development for hospitals, who are legally responsible for protecting medical data.

And in 2014, American Secret Service agents coordinated with authorities in the Maldives to extradite a Russian cybercriminal to Guam. The hacker was later found guilty on 38 counts of hacking U.S. retailers and sentenced to 27 years in prison. Russian officials called the extradition a “kidnapping.”

our primary concerns are the low- to moderate-level cyber attacks from a variety of sources, which will continue and probably expand.”

Though Clapper likened the operation against OPM to activities carried out by the United States, much of Thursday’s hearing was preoccupied with the lack of norms in cyberspace and how the absence of a common framework, such as the Geneva Conventions, has resulted in a highly permissive environment. Discussions within the global intelligence community have ratcheted up recently, Clapper said, about how to provide some “rules for the road” governing conduct in cyberspace.

According to the spy chief, the next frontier in cyberspace will feature the manipulation of data, rather than theft or destruction. Such tools, Clapper said, could be used to alter decision making, and prompt business executives and others to question the credibility of information they receive.

the Russian disinformation effort has proven far harder to track and combat because Russian operatives were taking advantage of Facebook’s core functions, connecting users with shared content and with targeted native ads to shape the political environment in an unusually contentious political season, say people familiar with Facebook’s response.

Unlike the Islamic State, what Russian operatives posted on Facebook was, for the most part, indistinguishable from legitimate political speech. The difference was the accounts that were set up to spread the misinformation and hate were illegitimate.

Facebook’s cyber experts found evidence that members of APT28 were setting up a series of shadowy accounts — including a persona known as Guccifer 2.0 and a Facebook page called DCLeaks — to promote stolen emails and other documents during the presidential race. Facebook officials once again contacted the FBI to share what they had seen.

The sophistication of the Russian tactics caught Facebook off-guard. Its highly regarded security team had erected formidable defenses against traditional cyber attacks but failed to anticipate that Facebook users — deploying easily available automated tools such as ad micro-targeting — pumped skillfully crafted propaganda through the social network without setting off any alarm bells.

One of the theories to emerge from their post-mortem was that Russian operatives who were directed by the Kremlin to support Trump may have taken advantage of Facebook and other social media platforms to direct their messages to American voters in key demographic areas in order to increase enthusiasm for Trump and suppress support for Clinton.

The software tool was given a secret designation, and Facebook is now deploying it and others in the run-up to elections around the world. It was used in the French election in May, where it helped disable 30,000 fake accounts, the company said. It was put to the test again on Sunday when Germans went to the polls. Facebook declined to share the software tool’s code name. 

“It is our responsibility,” he wrote, “to amplify the good effects [of the Facebook platform] and mitigate the bad — to continue increasing diversity while strengthening our common understanding so our community can create the greatest positive impact on the world.”

The extent of Facebook’s internal self-examination became clear in April, when Facebook Chief Security Officer Alex Stamos co-authored a 13-page white paper detailing the results of a sprawling research effort that included input from experts from across the company, who in some cases also worked to build new software aimed specifically at detecting foreign propaganda.

“Facebook sits at a critical juncture,” Stamos wrote in the paper, adding that the effort focused on “actions taken by organized actors (governments or non-state actors) to distort domestic or foreign political sentiment, most frequently to achieve a strategic and/or geopolitical outcome.” He described how the company had used a technique known as machine learning to build specialized data-mining software that can detect patterns of behavior — for example, the repeated posting of the same content — that malevolent actors might use.  

the intelligence agencies had little data on Russia’s use of Facebook and other U.S.-based social media platforms, in part because of rules designed to protect the privacy of communications between Americans.

Officials said Stamos underlined to Warner the magnitude of the challenge Facebook faced policing political content that looked legitimate. Stamos told Warner that Facebook had found no accounts that used advertising but agreed with the senator that some probably existed. The difficulty for Facebook was finding them.

Technicians then searched for “indicators” that would link those ads to Russia. To narrow down the search further, Facebook zeroed in on a Russian entity known as the Internet Research Agency, which had been publicly identified as a troll farm.

By early August, Facebook had identified more than 3,000 ads addressing social and political issues that ran in the United States between 2015 and 2017 and that appear to have come from accounts associated with the Internet Research Agency.

Congressional investigators say the disclosure only scratches the surface. One called Facebook’s discoveries thus far “the tip of the iceberg.” Nobody really knows how many accounts are out there and how to prevent more of them from being created to shape the next election — and turn American society against itself.

Blinken also said that Biden will soon announce a plan to make 80 million doses of Covid vaccine available in the region and around the world, after being asked about the large advantage that Russia and China have built in the region through their vaccine diplomacy.

He added that while the US and other countries need to fortify their defenses, the international community needs "countries around the world to make commitments and then make good on those commitments, not to harbor criminal enterprises that engage in these attacks and on the contrary to seek them out and to stop them."

"I think it's the obligation of any country to do whatever it can to find these enterprises, and to bring them to justice, including in the case of the attack on the Colonial Pipeline. The enterprise that was responsible [for] that attack, its leaders were in Russia, are in Russia, so I think there's an obligation on Russia's part to make sure that that doesn't continue," Blinken said.

The President has finalized his plan to distribute the millions of coronavirus vaccines worldwide after months of deliberation, according to multiple sources familiar with the plans.

"We will begin to make available around the world, including in the hemisphere, 80 million vaccines that we now have access to that, we will, as I said, begin to make available," Blinken told CNNE.

"But here's what's important: We'll distribute those vaccines working in coordination with COVAX, doing some of the work directly ourselves, we'll do it on the basis of equity. We'll do it on the basis of science, of need, and we will do it without political strings attached, which has not been the case, or some other countries that have been engaged in providing vaccines."

"Presumably, The Temple was singled out by a racist and anti-Semitic group or individual bent on silencing our joint Temple-Ebenezer Baptist Church MLK Jr. Shabbat," Alexander wrote

"Authorities are conducting an investigation," the letter said. CNN has reached out to The Temple and local authorities for additional information.

Rothschild later befriended King, per The Temple and city of Atlanta's websites, and delivered a eulogy for King at a memorial service organized by Atlanta clergy members.