Archive for the ‘FBI’ Category

Baltimore’s bill for ransomware: Over $18 million, so far

June 5th, 2019
Baltimore City Hall, where the ransomware battle continues.

Enlarge / Baltimore City Hall, where the ransomware battle continues. (credit: Alex Wroblewski/Getty Images)

BALTIMORE—It has been a month since the City of Baltimore's networks were brought to a standstill by ransomware. On Tuesday, Mayor Bernard "Jack" Young and his cabinet briefed press on the status of the cleanup, which the city's director of finance has estimated will cost Baltimore $10 million—not including $8 million lost because of deferred or lost revenue while the city was unable to process payments. The recovery remains in its early stages, with less than a third of city employees issued new log-in credentials thus far and many city business functions restricted to paper-based workarounds.

"All city services remain open, and Baltimore is open for business," Mayor Young said at the briefing, listing off critical services that had continued to function during the network outage. City Finance Director Henry Raymond called the current state of systems "not ideal, but manageable"—some emails and phone services have been restored, and many systems have remained online, but payment processing systems and other tools used to handle transactions with the city remain in manual workaround mode. Department of Public Works director Rudy Chow warned residents to expect a larger-than-normal water bill in the future, as the city's smart meters and water billing system are still offline and bills cannot be generated.

Parking tickets and tickets generated by the city's speed and red light cameras can be paid in person if the ticket is in hand. The city has regained the data for all parking and camera-generated violations up to May 4, but it still lacks the ability to look up violations without the physical paper ticket or process payments electronically, city officials said. And the same is true for many other interactions with the city, which currently require mailing or hand-delivering paper documents and manual workarounds.

Read 6 remaining paragraphs | Comments

Posted in Baltimore ransomware attack, Biz & IT, EternalBlue, FBI, IoT, Maryland, NSA, Policy | Comments (0)

Europol Shuts Down Two Major Illegal ‘Dark Web’ Trading Platforms

May 3rd, 2019
Europol announced the shut down of two prolific dark web marketplaces—Wall Street Market and Silkkitie (also known as Valhalla)—in simultaneous global operations against underground websites for trading drugs, stolen credit card numbers, malicious software, and other illegal goods. Police in western Germany has also arrested three men who were allegedly running Wall Street Market, the world's

Posted in Cybercriminals, dark web, Dark Web Marketplace, Deep Web, Drug Market, Europol, FBI, hacking forum, hacking news, Tor network, Underground hacking | Comments (0)

NIH, FBI accuse scientists in US of sending IP to China, running shadow labs

April 22nd, 2019
MD Anderson Cancer Center in Houston, Texas.

Enlarge / MD Anderson Cancer Center in Houston, Texas. (credit: Getty | Aurora Fierro)

MD Anderson Cancer Center in Houston, Texas has forced out three senior researchers with ties to China. The move comes amid nationwide investigations by federal officials into whether researchers are pilfering intellectual property from US research institutions and running “shadow laboratories” abroad, according to a joint report by Science magazine and the Houston Chronicle.

The National Institutes of Health began sending letters to the elite cancer center last August regarding the conduct of five researchers there. The letters discussed “serious violations” of NIH policies, including leaking confidential NIH grant proposals under peer review to individuals in China, failing to disclose financial ties in China, and other conflicts of interest. MD Anderson moved to terminate three of those researchers, two of whom resigned during the termination process. The center cleared the fourth and is still investigation the fifth.

The move follows years of probing from the FBI, which first contacted MD Anderson back in 2015 with such concerns, according to MD Anderson President Dr. Peter Pisters. In December 2017, MD Anderson handed over hard drives containing employee emails to FBI investigators. That same year, a report by the US Commission on the Theft of American Intellectual Property used some rough calculations to estimate that IP theft by all parties cost the country upward of $225 billion, potentially as high as $600 billion, each year. The report called China the “world’s principal IP infringer.”

Read 4 remaining paragraphs | Comments

Posted in cancer, china, FBI, grants, intellectual property, ip, ip theft, MD Anderson, NIH, Policy, research, science | Comments (0)

DHS, FBI say election systems in 50 states were targeted in 2016

April 10th, 2019
Voter registration data was one of the targets of Russian hacking efforts in the run-up to the 2016 presidential election—which DHS and FBI analysts now say went after systems in every state.

Enlarge / Voter registration data was one of the targets of Russian hacking efforts in the run-up to the 2016 presidential election—which DHS and FBI analysts now say went after systems in every state. (credit: Getty Images)

A joint intelligence bulletin (JIB) has been issued by the Department of Homeland Security and Federal Bureau of Investigation to state and local authorities regarding Russian hacking activities during the 2016 presidential election. While the bulletin contains no new technical information, it is the first official report to confirm that the Russian reconnaissance and hacking efforts in advance of the election went well beyond the 21 states confirmed in previous reports.

As reported by the intelligence newsletter OODA Loop, the JIB stated that, while the FBI and DHS "previously observed suspicious or malicious cyber activity against government networks in 21 states that we assessed was a Russian campaign seeking vulnerabilities and access to election infrastructure," new information obtained by the agencies "indicates that Russian government cyber actors engaged in research on—as well as direct visits to—election websites and networks in the majority of US states." While not providing specific details, the bulletin continued, "The FBI and DHS assess that Russian government cyber actors probably conducted research and reconnaissance against all US states’ election networks leading up to the 2016 Presidential elections."

Read 10 remaining paragraphs | Comments

Posted in 2016 presidential election, Biz & IT, DHS, FBI, Policy, robert mueller, Russian election interference | Comments (0)

Ex-US Intelligence Agent Charged With Spying and Helping Iranian Hackers

February 14th, 2019
The United States Department of Justice has announced espionage charges against a former US Air Force intelligence officer with the highest level of top-secret clearance for providing the Iranian government classified defense information after she defected to Iran in 2013. Monica Elfriede Witt, 39, was a former U.S. Air Force Intelligence Specialist and Special Agent of the Air Force Office

Posted in cyber espionage, cyber security, espionage, FBI, fbi most wanted hackers, Hacker wanted, intelligence agency, Iranian Hackers, Iranian military, most wanted hacker | Comments (0)

FBI Mapping ‘Joanap Malware’ Victims to Disrupt the North Korean Botnet

January 31st, 2019
The United States Department of Justice (DoJ) announced Wednesday its effort to "map and further disrupt" a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade. Dubbed Joanap, the botnet is believed to be part of "Hidden Cobra"—an Advanced Persistent Threat (APT) actors' group often known as Lazarus Group and Guardians of

Posted in Botnet, Brambul malware, Cyber Attack, FBI, Hidden Cobra Hackers, Joanap botnet, Lazarus Group, malware, North Korea, North Korean hackers | Comments (0)

FBI, Air Force investigators mapped North Korean botnet to aid shutdown

January 31st, 2019
Stylized photograph of a suspicious character at a laptop.

Enlarge / Computer Hacker (credit: ilkaydede / iStock / GettyImages)

On January 30, the US Department of Justice announced that it, the Federal Bureau of Investigation, and the Air Force Office of Special Investigations were engaged in a campaign to "map and further disrupt" a botnet tied to North Korean intelligence activities detailed in an indictment unsealed last September. Search warrants obtained by the FBI and AFOSI allowed the agencies to essentially join the botnet, creating servers that mimicked the beacons of the malware.

"While the Joanap botnet was identified years ago and can be defeated with antivirus software," said United States Attorney Nick Hanna, "we identified numerous unprotected computers that hosted the malware underlying the botnet. The search warrants and court orders announced today as part of our efforts to eradicate this botnet are just one of the many tools we will use to prevent cybercriminals from using botnets to stage damaging computer intrusions.”

Joanap is a remote access tool (RAT) identified as part of "Hidden Cobra", the Department of Homeland Security designator for the North Korean hacking operation also known as the Lazarus Group. The same group has been tied to the WannaCry worm and the hacking of Sony Motion Pictures. Joanap's spread dates back to 2009, when it was distributed by Brambul, a Server Message Block (SMB) file-sharing protocol worm. Joanap and Brambul were recovered from computers of the victims of the campaigns listed in the indictment of Park Jin Hyok in September.

Read 4 remaining paragraphs | Comments

Posted in Biz & IT, Botnet, DOJ, FBI, hidden cobra, Lazarus Group, North Korea, Policy, usdoj | Comments (0)

Police Shut Down xDedic – An Online Market for Cyber Criminals

January 29th, 2019
In an international operation involving law enforcement authorities from the U.S. and several European countries, feds have shut down an online underground marketplace and arrested three suspects in Ukraine. Dubbed xDedic, the illegal online marketplace let cybercriminals buy, sell or rent out access to thousands of hacked computers and servers across the world and personally identifiable

Posted in Cyber Criminal, Cybercrime, Cybercrime market, Europol, FBI, hacking forum, hacking marketplace, hacking news, underground hacker forums | Comments (0)

Unprotected Government Server Exposes Years of FBI Investigations

January 17th, 2019
A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of sensitive files. The unsecured storage server, discovered by Greg Pollock, a researcher with cybersecurity firm UpGuard, also contained decades worth of confidential case files from the

Posted in Cyber Attack, Database Security, FBI, FBI investigation, government computers hacking, Oklahoma Securities Commission, server hacked, server security | Comments (0)

ACLU to feds: Your “hacking presents a unique threat to individual privacy”

December 21st, 2018
Fingers press keyboard buttons.

Enlarge (credit: Jaap Arriens/NurPhoto via Getty Images)

The American Civil Liberties Union, along with Privacy International, a similar organization based in the United Kingdom, have now sued 11 federal agencies, demanding records about how those agencies engage in what is often called "lawful hacking."

The activist groups filed Freedom of Information Act requests to the FBI, the Drug Enforcement Agency, and nine others. None responded in a substantive way.

"Law enforcement use of hacking presents a unique threat to individual privacy," the ACLU argues in its lawsuit, which was filed Friday in federal court in New York state.

Read 7 remaining paragraphs | Comments

Posted in ACLU, FBI, lawful hacking, Policy | Comments (0)