There are a lot: The cybersecurity company McAfee recently uncovered a cyber operation, dubbed Operation GoldDragon, attacking South Korean organizations related to the Winter Olympics. McAfee believes the attack came from a nation state that speaks Korean, although it has no definitive proof that this is a North Korean operation. The victim organizations include ice … Read More “Internet Security Threats at the Olympics” »
Category: russia
Auto Added by WPeMatico
Both the New York Times and the Washington Post are reporting that Israel has penetrated Kaspersky’s network and detected the Russian operation. From the New York Times: Israeli intelligence officers informed the NSA that, in the course of their Kaspersky hack, they uncovered evidence that Russian government hackers were using Kaspersky’s access to aggressively scan … Read More “More on Kaspersky and the Stolen NSA Attack Tools” »
The Wall Street Journal has a bombshell of a story. Yet another NSA contractor took classified documents home with him. Yet another Russian intelligence operation stole copies of those documents. The twist this time is that the Russians identified the documents because the contractor had Kaspersky Labs anti-virus installed on his home computer. This is … Read More “Yet Another Russian Hack of the NSA — This Time with Kaspersky’s Help” »
Wired has a story about a possible GPS spoofing attack by Russia: After trawling through AIS data from recent years, evidence of spoofing becomes clear. Goward says GPS data has placed ships at three different airports and there have been other interesting anomalies. “We would find very large oil tankers who could travel at the … Read More “GPS Spoofing Attacks” »
Kaspersky Labs exposed a highly sophisticated set of hacking tools from Russia called WhiteBear. From February to September 2016, WhiteBear activity was narrowly focused on embassies and consular operations around the world. All of these early WhiteBear targets were related to embassies and diplomatic/foreign affair organizations. Continued WhiteBear activity later shifted to include defense-related organizations … Read More “Russian Hacking Tools Codenamed WhiteBear Exposed” »
In April, the Shadow Brokers — presumably Russia — released a batch of Windows exploits from what is presumably the NSA. Included in that release were eight different Windows vulnerabilities. Given a presumed theft date of the data as sometime between 2012 and 2013 — based on timestamps of the documents and the limited Windows … Read More “Zero-Day Vulnerabilities against Windows in the NSA Tools Released by the Shadow Brokers” »
This week brought new public evidence about Russian interference in the 2016 election. On Monday, the Intercept published a top-secret National Security Agency document describing Russian hacking attempts against the US election system. While the attacks seem more exploratory than operational – and there’s no evidence that they had any actual effect – they further … Read More “NSA Document Outlining Russian Attempts to Hack Voter Rolls” »
There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities. First, there are the writers of the malicious software, which blocks victims’ access to their computers until they pay a fee. Then there are the users who … Read More “WannaCry and Vulnerabilities” »
Last year, I wrote about the potential for doxers to alter documents before they leaked them. It was a theoretical threat when I wrote it, but now Citizen Lab has documented this technique in the wild: This report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a … Read More “Tainted Leaks” »
NSA Deputy Director Richard Ledgett described a 2014 Russian cyberattack against the US State Department as “hand-to-hand” combat: “It was hand-to-hand combat,” said NSA Deputy Director Richard Ledgett, who described the incident at a recent cyber forum, but did not name the nation behind it. The culprit was identified by other current and former officials. … Read More “Incident Response as “Hand-to-Hand Combat”” »