DOJ: Former NSA Operatives Worked as Cyber-Mercenaries, Helping Hack U.S. Systems

source: gizmodo.com

Members of the U.S. intelligence community and military have reached a deferred prosecution agreement over their role in an overseas cyber-mercenary business.

 

Former U.S. intelligence operatives are facing federal charges after allegedly having worked as cyber-mercenaries for the United Arab Emirates. The men, all of whom are ex-employees of the National Security Agency, are accused of helping the UAE government to break into computer systems all over the world, including some in the U.S., newly unsealed court documents claim.

Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40, are all charged with having broken federal laws related to computer fraud and export regulations, the Department of Justice announced Tuesday.

Between 2016 and 2019, the trio worked as senior managers at Dark Matter, an Emirati cybersecurity company. Working out of a converted mansion in Abu Dhabi, the team was part of an operation dubbed “Project Raven,” the likes of which was staffed almost wholly by former U.S. intelligence officials. Their services helped the Middle Eastern monarchy to carry out hacking operations against its perceived enemies, including activists, political rivals and journalists, Reuters previously reported.

Continue reading “DOJ: Former NSA Operatives Worked as Cyber-Mercenaries, Helping Hack U.S. Systems”

“China is one of [Director Burns’] priorities, and CIA is in the process of determining how best to position ourselves to reflect the significance of this priority.”

CIA Weighs Creating Special China Unit in Bid to Out-Spy Beijing

source: bloomberg.com | image: pixabay.com

The Central Intelligence Agency is weighing proposals to create an independent “Mission Center for China” in an escalation of its efforts to gain greater insight into the U.S.’s top strategic rival, according to people familiar with the deliberations.

The proposal, part of a broader review of the agency’s China capabilities by CIA Director William Burns, would elevate the focus on China within the agency, where China has long been part of a broader “Mission Center for East Asia and Pacific.”

Continue reading “CIA Weighs Creating Special China Unit…”

Private Espionage Is Booming. The US Needs a Spy Registry


From Black Cube to Fusion GPS, the operatives-for-hire industry has recklessly exploded. Disclosure requirements could keep things in check

source: wired.com

Photo by Sora Shimazaki from Pexels

YEARS AGO, WHILE stationed in Moscow as the bureau chief for a major news magazine, I was approached by a representative of a multinational company and presented with a tantalizing offer. He said he had highly sensitive materials exposing possible criminal activity by a Russian competitor. The documents were mine with one condition: advance notice so he could be out of the country when any story was published.

I had every reason to think the materials came from a private intelligence operative hired by the company—there were many such operatives in Moscow—but I didn’t ask my source for his source. Instead I embarked on a somewhat harrowing investigation of my own, and on corroborating the materials, I was able to publish a splashy story.

 

Lula Norman

Photographer

Christine Ford

Product Management

This episode came back to me while reading Barry Meier’s new book, Spooked: The Trump Dossier, Black Cube, and the Rise of Private Spies. A former New York Times investigative reporter, Meier casts a harsh light on both “private spies” and journalists who make frequent use of nuggets unearthed by these operatives. In the book’s afterword, he revives an idea for “a kind of ‘spy registry’ in which operatives for hire would have to disclose the names of their clients and assignments,” just as Congress now requires of lobbyists hired to influence legislators.

Is this truly a problem in need of a solution? Or would a spy registry create worse problems?

It’s tempting to conclude that there is really nothing new here and that private spies may even supply a public service. In the original, late-19th-century Gilded Age, the Pinkerton Detective Agency devoted itself to the art of subterfuge. In 1890, a Pinkerton man went undercover on behalf of his client, the governor of North Dakota, and confirmed from rigorous barroom investigation that a fair amount of “boodle,” bribe money, was being dispensed by advocates of a state lottery opposed by the governor. The governor revealed the dirty dealings to the public, and the lottery scheme failed—all perhaps to the civic good.

Today’s circumstances are far different. Inexpensive, off-the-shelf technologies for surveillance, hacking, and spoofing make the spy game easier to play than ever before. What hired sleuth doesn’t now travel with one of those metallic-fabric bags that blocks cellphone GPS signals, like the GoDark Faraday model that sells online for $49.97? It’s an insignificant item on the expense report.

Continue reading “Private Espionage Is Booming…”

How to Protect Your Files From Ransomware

source; WIRED.COM

It’s a growing threat for individual users and businesses alike—but there are ways to protect yourself.

MOVE OVER VIRUSES, step aside worms: Ransomware has the spotlight and isn’t about to give it up. From taking down entire fuel pipelines to hijacking hospital networks, it’s the cyberattack du jour. Not only do you have the potentially disastrous consequences of being locked out of your most important files and systems, you also have to decide if you’re willing to pay cold, hard cash to get access to them again, if you even get access after paying.

That’s where the name comes from—ransomware attacks literally hold your data for ransom. There are a few variations on the theme, but it’s usually very recognizable. Malware is used to encrypt your files (in some cases even double-encrypt them) so they require a specific key to be unlocked. The damage can quickly spread across computers and networks. In some cases you might be locked out of your system completely, along with any other systems on the same network.

Continue reading “How to Protect Your Files From Ransomware”

FBI Opens a Case on Chinese Activity ‘Every 10 Hours,’ Intel Chiefs Say

The threat from China, multi-faceted and severe, is foremost in a pack that includes Russian actions in Ukraine, Iranian nuclear efforts, and North Korea’s existing nukes, U.S. intelligence leaders told the Senate Intelligence Committee on Wednesday.

“We have now over 2,000 investigations that tie back to the Chinese government,” FBI Director Chris Wray said at the hearing. “On the economic espionage side alone, it’s a 1,300 percent increase over the last several years. We’re opening a new investigation on China every ten hours and I assure the committee it’s not because our folks don’t have anything to do with their time.”

Continue reading “FBI Opens a Case on Chinese Activity…”

Russian foreign intelligence service exploiting five publicly known vulnerabilities to compromise U.S. and allied networks

source: securitymagazine.com

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities. This advisory is being released alongside the U.S. government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them.  

Continue reading “Russian Foreign Intelligence Service Exploiting U.S. Vulnerabilities”

image - hacking

Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack

source:  nytimes.com

The broad Russian espionage attack on the U.S. government and private companies, underway since spring and detected only a few weeks ago, is among the greatest intelligence failures of modern times.

 

WASHINGTON — Over the past few years, the United States government has spent tens of billions of dollars on cyberoffensive abilities, building a giant war room at Fort Meade, Md., for United States Cyber Command, while installing defensive sensors all around the country — a system named Einstein to give it an air of genius — to deter the nation’s enemies from picking its networks clean, again.

It now is clear that the broad Russian espionage attack on the United States government and private companies, underway since spring and detected by the private sector only a few weeks ago, ranks among the greatest intelligence failures of modern times.

Einstein missed it — because the Russian hackers brilliantly designed their attack to avoid setting it off. The National Security Agency and the Department of Homeland Security were looking elsewhere, understandably focused on protecting the 2020 election.

The new American strategy of “defend forward” — essentially, putting American “beacons” into the networks of its adversaries that would warn of oncoming attacks and provide a platform for counterstrikes — provided little to no deterrence for the Russians, who have upped their game significantly since the 1990s, when they launched an attack on the Defense Department called Moonlight Maze.

Something else has not changed, either: an allergy inside the United States government to coming clean on what happened.

Continue reading “Billions Spent on U.S. Defenses Failed to Detect Giant Russian Hack”

source: wired.com

The so-called lamphone technique allows for real-time listening in on a room that’s hundreds of feet away. 

THE LIST OF sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even bouncing lasers off of a building’s glass to pick up conversations inside. Now add another tool for audio spies: Any light bulb in a room that might be visible from a window.

Researchers from Israeli’s Ben-Gurion University of the Negev and the Weizmann Institute of Science today revealed a new technique for long-distance eavesdropping they call “lamphone.” They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $400 electro-optical sensor—to listen in on any sounds in a room that’s hundreds of feet away in real-time, simply by observing the minuscule vibrations those sounds create on the glass surface of a light bulb inside. By measuring the tiny changes in light output from the bulb that those vibrations cause, the researchers show that a spy can pick up sound clearly enough to discern the contents of conversations or even recognize a piece of music.

“Any sound in the room can be recovered from the room with no requirement to hack anything and no device in the room,” says Ben Nassi, a security researcher at Ben-Gurion who developed the technique with fellow researchers Yaron Pirutin and Boris Zadov, and who plans to present their findings at the Black Hat security conference in August. “You just need line of sight to a hanging bulb, and this is it.”

In their experiments, the researchers placed a series of telescopes around 80 feet away from a target office’s light bulb, and put each telescope’s eyepiece in front of a Thorlabs PDA100A2 electro-optical sensor. They then used an analog-to-digital converter to convert the electrical signals from that sensor to digital information. While they played music and speech recordings in the faraway room, they fed the information picked up by their set-up to a laptop, which analyzed the readings.

side by side images of telescope pointing to window and aerial of bridge

The researchers’ experimental setup, with an electro-optical sensor behind the eyepiece of a telescope, pointing at a lightbulb inside an office building more than 80 feet away.COURTESY OF BEN NASSI

The researchers found that the tiny vibrations of the light bulb in response to sound—movements that they measured at as little as a few hundred microns—registered as a measurable changes in the light their sensor picked up through each telescope. After processing the signal through software to filter out noise, they were able to reconstruct recordings of the sounds inside the room with remarkable fidelity: They showed, for instance, that they could reproduce an audible snippet of a speech from President Donald Trump well enough for it to be transcribed by Google’s Cloud Speech API. They also generated a recording of the Beatles’ “Let It Be” clear enough that the name-that-tune app Shazam could instantly recognize it.

Continue reading “SPIES EAVESDROP BY WATCHING LIGHT BULB VIBRATE”

source: threatpost.com

The DarkHotel group could have been looking for information on tests, vaccines or trial cures.

The World Health Organization (WHO) has attracted the notice of cybercriminals as the worldwide COVID-19 pandemic continues to play out, with a doubling of attacks recently, according to officials there. Problematically, evidence has also now apparently surfaced that the DarkHotel APT group has tried to infiltrate its networks to steal information.

Alexander Urbelis, cybersecurity researcher/attorney at Blackstone Law Group, told Reuters that he personally observed a malicious site being set up on March 13 that mimicked the WHO’s internal email system. Its purpose was to steal passwords from multiple agency staffers, and Urbelis noted that he realized “quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic.”

The attack appeared to be aimed at achieving a foothold at the agency rather than being an end unto itself: “The targeting infrastructure seems to focus on certain types of healthcare and humanitarian organizations that are uncommon for cybercriminals,” Costin Raiu, researcher at Kaspersky, told Threatpost. “This could suggest the actor behind the attacks are more interested in gathering intelligence, rather than being financially motivated.”

As for the “why” of the attack, which was thwarted, Raiu said that information about remediation for coronavirus – such as cures, tests or vaccines – would be invaluable to any nation-state’s intelligence officials.

Continue reading “WHO Targeted in Espionage Attempt, COVID-19 Cyberattacks Spike”