Tag: Government

Trump’s Cybersecurity Advisor Rudy Giuliani Thinks His Twitter Was Hacked Because Someone Took Advantage of His Typo

Rudy Giuliani, who was named President Trump’s cybersecurity advisor last year, has demonstrated that he does not understand how Twitter works…or hyperlinks…or domain registration. Giuliani tweeted that Twitter had allowed someone to “invade” a tweet he sent, because that tweet linked to a website with the words “Donald J. Trump is a traitor to our country.”

However, the reason the text linked to the site was due to a typo in a hyperlink in Giuliani’s original tweet. Shortly after, an anonymous (and quick-thinking) user bought the domain erroneously referred to in the tweet.

Read more about this bizarre story on Motherboard.

Ukraine Accuses Russia of Cyberattack on Judiciary Systems

Ukraine has once again accused Russian intelligence services of launching cyberattacks against one of its government organizations. Ukrainian security service SBU announced that its employees blocked an attempt by Russian special services to breach information and telecommunications systems used by the country’s judiciary.

According to the SBU, the attack started with a malicious email purporting to deliver accounting documents. The documents hid a piece of malware that could have been used to disrupt judicial information systems and steal data.

Read more about the cyberattack attributed to Russia on SecurityWeek.

U.S. Advises Allies To Shun Huawei Telecom Equipment Citing Potential Cyberthreats

U.S. intelligence agencies have been urging consumers, contractors, and government officials to avoid using Huawei products for quite some time. Although there haven’t been any specific threats detailed publicly, U.S. intelligence agencies – including the CIA, FBI, and NSA – have all spoken out against Huawei in various forums since the company was banned from bidding for government contracts in 2014, after being labeled a national security threat in a congressional report two years earlier.

Huawei was founded by a former engineer in China’s People’s Liberation Army, and is closely tied to the Chinese government.

Read more about this story on Forbes.

City of Valdez, Alaska admits to paying off ransomware infection

Officials from the city of Valdez, Alaska have admitted last week to paying $26,623.97 to hackers after the city’s IT network was crippled by a ransomware infection in July. “Based on recommendations from several cyber-crimes specialists, the City engaged a specialty cyber-incident response and digital forensics firm based out of Virginia,” said the city’s police chief.

Despite the ransomware having infected 27 servers and 170 computers, the third-party firm managed to negotiate the ransom payment down to 4 bitcoin, worth $26,623.97, at the time. The city got off cheap, as ransomware groups usually tend to request between 0.2 and 1 bitcoin per infected system.

Read more about the ransomware attack on the  city of Valdez on ZDNet.

UK ‘wholly’ unprepared to stop devastating cyber-attack, MPs warn

UK ministers are failing to act with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK’s critical national infrastructure (CNI), a parliamentary committee has warned.

The joint committee on national security strategy said at a time when states such as Russia were expanding their capability to mount disruptive cyber-attacks, the UK’s level of ministerial oversight was “wholly inadequate”. It urged Theresa May to appoint a cybersecurity minister in cabinet to take charge of the efforts to build national resilience.

Read more about this story on The Guardian.

Japan cybersecurity minister admits he has never used a computer

A Japanese minister in charge of cybersecurity has provoked astonishment by admitting he has never used a computer in his professional life, and appearing confused by the concept of a USB drive.

Yoshitaka Sakurada, 68, is the deputy chief of the government’s cybersecurity strategy office and also the minister in charge of the Olympic and Paralympic Games that Tokyo will host in 2020. In parliament on Wednesday however, he admitted he doesn’t use computers. He also appeared confused by the question when asked about whether USB drives were in use at Japanese nuclear facilities.

Read more about this bizarre story on The Guardian.

Congress Approves New DHS Cybersecurity Agency

The United States will soon officially have a single agency that takes the lead role for cybersecurity.  Congress has passed legislation to establish a new cybersecurity agency within the Department of Homeland Security. The House on Tuesday unanimously passed the measure, the CISA Act, which won Senate approval earlier. It now awaits President Trump’s signature.

The new Cybersecurity and Infrastructure Security Agency will have the same stature as other units within DHS, such as the U.S. Secret Service or Federal Emergency Management Agency. The National Protection and Programs Directorate, or NPPD, will be reorganized into the new agency.

Read more about the new US Cybersecurity Agency on BankInfoSecurity.

France Seeks Global Talks on Cyberspace Security

The French government announced on Monday a “Paris Call” for talks to lay out a common framework for ensuring internet security, following a surge in cyberattacks which has dented confidence in global networks. The move aims to relaunch negotiations on a “code of good conduct” which have stalled since last year.

Officials said the text, to be presented by President Emmanuel Macron as he opens UNESCO’s Internet Governance Forum in Paris on Monday, has been signed by most European countries. China, Russia and the United States have not yet joined, although a source in Macron’s office said a “critical mass” of US players support the call, including Microsoft and the NGO Internet Society.

Read more about the Paris Call for cybersecurity talks on SecurityWeek.

US Cyber Command starts uploading foreign APT malware to VirusTotal

The Cyber National Mission Force (CNMF), a subordinate unit of US Cyber Command (USCYBERCOM), has set in motion a new initiative through which the DOD would share malware samples it discovered on its networks with the broader cybersecurity community.

The CNMF kicked off this new project by creating an account on VirusTotal, an online file scanning service that also doubles as an online malware repository, and by uploading two malware samples. In addition, USCYBERCOM also created a new Twitter account where it would tweet a link to all new VirusTotal malware uploads. USCYBERCOM’s decision was met with universal praise by leading voices from the cybersecurity private sector.

Read more about USCYBERCOM’s popular initiative on ZDNet.

Huawei denies foreign network hack reports

Huawei has denied that it assisted the Chinese government in infiltrating a foreign network to gain information, following reports over the weekend to the contrary. “Huawei categorically denies it has ever provided, or been asked to provide, customer information for any government or organisation,” a Huawei spokesperson told ZDNet.

“These baseless accusations are made without any evidence whatsoever.” The denial followed reports by The Australian that it had “confirmed from a national security source” that Huawei staffers were used by Chinese intelligence to “get access codes to infiltrate a foreign network”, including providing password and network details.

Read more about this developing story on ZDNet.