How Russia pulled off a cyberwar invasion of America, according to the New York Times

Huge New York Times investigation on Russia's role in the elections, and Trump's upset victory: "The Perfect Weapon: How Russian Cyberpower Invaded the US.” It's a riveting tic-tock narrative, and no doubt those in the intel/security biz will debate the contents.

An examination by The Times of the Russian operation — based on interviews with dozens of players targeted in the attack, intelligence officials who investigated it and Obama administration officials who deliberated over the best response — reveals a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack.

The D.N.C.’s fumbling encounter with the F.B.I. meant the best chance to halt the Russian intrusion was lost. The failure to grasp the scope of the attacks undercut efforts to minimize their impact. And the White House’s reluctance to respond forcefully meant the Russians have not paid a heavy price for their actions, a decision that could prove critical in deterring future cyberattacks.

The low-key approach of the F.B.I. meant that Russian hackers could roam freely through the committee’s network for nearly seven months before top D.N.C. officials were alerted to the attack and hired cyberexperts to protect their systems. In the meantime, the hackers moved on to targets outside the D.N.C., including Mrs. Clinton’s campaign chairman, John D. Podesta, whose private email account was hacked months later.

Even Mr. Podesta, a savvy Washington insider who had written a 2014 report on cyberprivacy for President Obama, did not truly understand the gravity of the hacking.

Read the rest

In 2000, the NSA hacked the Hague-based Organization for the Prohibition of Chemical Weapons

A reader writes, "According to last week's Shadow Brokers leak, the NSA compromised a DNS server of the Hague-based Organization for the Prohibition of Chemical Weapons in September 2000, two years after the Iraq Liberation Act and Operation Desert Fox, but before the Bush election." Read the rest

The Shadow Brokers dump more intel from the NSA's elite Equation Group

In August, anonymous hacker(s) dumped a cache of cyberweapons that appeared to originate with The Equation Group, an elite, NSA-affiliated hacking squad. Read the rest

UAE surveillance contractor is recruiting an army of foreign hackers to break into its citizens' devices

The world's most sophisticated security experts have been bombarded with recruiting offers from UAE-based company Darkmatter, which bills itself as a major state security contractor -- but people who've taken the bait say they were then told that they were being hired to weaponize huge arsenals of zero-day vulnerabilities so that the UAE can subject its own population to fine-grained, continuous surveillance. Read the rest

In a leaked "weaponized information" catalog, Indian cyberarms dealer offers blackest-ever SEO

In 2014, an Indian company called Aglaya brought a 20-page brochure to ISS World (AKA the Wiretappers' Ball -- the annual trade fair where governments shop for surveillance technology): the brochure laid out the company's offerings, which ranged from mobile malware for Ios and Android to a unique "Weaponized Information" selection that combined denial-of-service with disinformation to "discredit a target" online. Read the rest

French spy boss admits France cyberattacked Iran, Canada, Spain, Greece, Norway, Ivory Coast, Algeria, and others

Bernard Barbier presided over DGSE, France's answer to NSA, during the agency's period of fast growth, spending €500M and adding 800 new staffers; in a recent speech to a French engineering university Ecole Centrale Paris, Barbier spilled a ton of secrets, apparently without authorisation. Read the rest

A powerful attacker is systematically calibrating an internet-killing tool

Someone -- possibly the government of China -- has launched a series of probing attacks on the internet's most critical infrastructure, using carefully titrated doses of denial-of-service to precisely calibrate a tool for shutting down the whole net. Read the rest

Was NSA Hacked? Leak from 'Shadow Brokers' suggests so, Russian intelligence suspected

As our Cory Doctorow reported previously, a previously unheard of hacker group calling themselves The Shadow Brokers announced this week it had stolen a trove of ready-to-use cyber weapons from The Equation Group (previously), an advanced cyberweapons dealer believed to be operating on behalf of, or within, the NSA.

The Shadow Brokers are auctioning the weaponized malware off to the highest bidder. Read the rest

Chinese opsec funnies: your foreign boyfriend is a western spy!

In this Chinese government comic book, women are warned that mysterious foreign strangers who pitch woo at them are secretly Western spies trying to get at their government secrets. Read the rest

Turns out the U.S. military really is dropping “cyber bombs” on ISIS

There's been an awful lot of talk about “cyber pathogens” and “cyber bombs” lately from the mouths of American officials discussing terrorism, and how we will vanquish it. President Obama mentioned “cyber ops” against Islamic State terrorists in one recent address. Today, we know a little more about what was behind last week's cyber-hawkish hacking headlines.

Read the rest

U.S. military claims to be dropping 'cyber bombs' on ISIS

America's military forces are dropping "cyber bombs" on Islamic State terrorist groups for the first time, Deputy Defense Secretary Robert Work told reporters accompanying him on a military flight on Tuesday.

The ISIS internet attacks, whatever the particulars really may be, are part of a stepped-up coordinated effort to put increasing pressure on the militant organization.

Read the rest

Everybody knows: FBI won't confirm or deny buying cyberweapons from Hacking Team

Back in July, a hacker dumped the emails and other files from Hacking Team, Italy's notorious cyber-arms dealer. Coincidentally, Vice had recently filed a Freedom of Information Act request with the FBI, asking if they were buying cyberweapons from Hacking Team. Read the rest

Cyber-arms dealer offers $1M for weaponizable Iphone bugs

Zerodium, a new firm started by the founder of notorious French arms dealers Vupen, have put out the $1M bounty for unpublished vulnerabilities in the Iphone; they plan on keeping these vulns a secret so that they can be turned into cyberweapons and sold to repressive governments who want to use them to spy on their citizens using their own phone cameras, mics, and keyboards. Read the rest

The End of the Internet Dream: the speech that won Black Hat (and Defcon)

"The End of the Internet Dream," cyberlawyer Jennifer Granick's keynote at Black Hat, was all anyone could talk about at this year's Defcon -- Black Hat being the grown-up, buttoned-down, military-industrial cousin to Defcon's wild and exuberant anarchy. Read the rest

Shining light on the shadowy, "superhuman" state-level Equation Group hackers

For more than decade, a shadowy, heavily resourced, sophisticated hacker group that Kaspersky Labs calls the Equation Group has committed a string of daring, cutting-edge information attacks, likely at the behest of the NSA. Read the rest

Hackers in Iran set up fake news websites in cyberattack on US

"An elaborate, three-year cyberespionage campaign against United States military contractors, members of Congress, diplomats, lobbyists and Washington-based journalists has been linked to hackers in Iran." The NYT's Nicole Perlroth has more from a report released this week by the Dallas computer security firm iSight Partners. Read the rest

US gov may block Chinese nationals from Defcon hacker event

The US government may use visa restrictions to ban hackers from China from participating in the 2014 Defcon hacker conference in Las Vegas. The move is part of a larger effort by the US to combat Chinese internet espionage.

Read the rest

More posts