cyberwarfare
Latest
Microsoft blocked Russian cyberattacks targeting Ukraine
Microsoft said it has disrupted cyberattacks from a Russia-linked group called Strontium (aka APT28 and Fancy Bear) targeting Ukraine and the West.
Ukraine faces more cyberattacks amid Russian invasion fears
Ukraine has faced cyberattacks against defense ministry and bank websites as fears of an imminent Russian invasion mount.
Ukraine blames Russia for cyberattack against government websites
Ukraine has pinned a major cyberattack on Russia, and the malware involved is built to do serious damage.
SolarWinds hack may have been much wider than first thought
The SolarWinds hack may have compromised many more networks than first thought, and might have taken advantage of weaknesses in the US and Europe.
Trump administration proposes splitting Cyber Command from the NSA
The Trump administration has proposed splitting Cyber Command leadership from the NSA, although it's not clear if the division is ready.
Trump confirms cyberattack against Russian trolls during 2018 midterms
Trump has confirmed a rumored cyberattack against Russia that was meant to thwart disinformation during the 2018 midterm elections.
Huge cyberattack against country of Georgia knocks out 15,000 websites
The country of Georgia is reeling from a particularly vicious cyberattack. Officials are investigating after intruders striking on October 28th defaced over 15,000 websites hosted on local provider Pro-Service, including those for the President of Georgia's administration, mayoral offices, the courts and private companies like newspapers. In each case, the defacement left a picture of former President Mikheil Saakashvili (shown above) with the English text "I'll be back." The attack hit three TV stations and even forced two, TV Imedi and TV Maestro, to go off the air.
US cyberattack reportedly knocked out Iran missile control systems
The US may have withheld a physical military response to Iran shooting down a drone, but it might not have shown similar restraint with a digital campaign. Washington Post sources say the President greenlit a long-in-the-making cyberattack that took down Iranian missile control computers on the night of June 20th. The exact impact of the Cyber Command operation isn't clear, but it was described as "crippling" -- Iran couldn't easily recover, one tipster said.
The US planted offensive malware in Russia's power grid
The US appears to be acting on its promise to aggressively respond to cyberwarfare threats. New York Times sources say Cyber Command has planted offensive malware in Russia's electrical grid, not just reconnaissance as has been the case since "at least" 2012. It's not certain just how deep the infiltration goes or what malware is capable of doing. The intention, however, is clear -- this is meant both to serve as a deterrent as well as a weapon in case the US and Russia trade blows.
Israel is the first to respond to a cyberattack with immediate force
It's no longer novel for militaries to respond to cyberattacks with physical force (the US used a drone strike in 2015), but now they're being treated with the same urgency as real-world bullets and missiles. Israel Defense Forces have launched an airstrike on a Gaza Strip building believed to house Hamas digital warfare operatives after the militant group reportedly failed in an attempted "cyber offensive." Details of the virtual attack weren't available, but the IDF said it was "ahead of them all the time."
NSA official: China is preparing for possible high-profile hacks
NSA official Rob Joyce told guests at a Wall Street Journal security conference that hacking-related Chinese activity had been climbing in recent months. He was concerned the country was "prepositioning" itself to attack "critical infrastructure" such as energy, health care, finance and transportation. China's hacking as of late has revolved around spying and swiping trade secrets, so this would be out of the norm.
US targets individual Russians in fight against election interference
The US isn't limited to fighting election interference campaigns on its own soil. The New York Times has learned that Cyber Command is conducting the country's first known overseas operation to protect American voting against online meddling. The initiative reportedly entails deterring individual Russian operatives spreading disinformation by making it clear that US agents are tracking their activity. In theory, this will force the Russians to change their behavior without prompting an escalation that could lead to power grid attacks and other much more serious campaigns.
In time for hacking season, the US has no cybersecurity coordinator
Picture the scene: John Bolton stands proudly against a backdrop of an American flag, smiling beneath his pruriently confrontative mustache, dusting his hands off as befits a man who's just completed a task of wistfully virile middle-management. John Bolton just eradicated the White House positions (and people) who would stand between the United States and cyberattacks against our voting processes, our infrastructure and the tatters of our democracy. John Bolton grips his red stapler. John Bolton is in his happy place.
US elevates the role of Cyber Command
After months of talk and planning, US Cyber Command is now just as important as the rest of the Pentagon's commands -- at least, on paper. The military has officially elevated its cyberwarfare division to a "unified command" that operates independently of the NSA. It's not a complete split. General Paul Nakasone (shown above) will run both Cyber Command and the NSA, replacing Admiral Michael Rogers.
Hackers shut down plant by targeting its safety system
Hackers have already attacked critical infrastructure, but now they're launching campaigns that could have dire consequences. FireEye reported that a plant of an unmentioned nature and location (other firms believe it's in the Middle East) was forced to shut down after a hack targeted its industrial safety system -- it's the first known instance of a breach like this taking place. While the digital assault was clearly serious in and of itself, there are hints that it could have been much worse.
Iran blamed for cyberattack on UK parliament
When hackers attacked UK parliament email accounts in June, it was tempting to blame Russia. After all, it's been rather busy lately. However, it looks like people were pointing their fingers in the wrong direction. The Times has learned that British intelligence has pinned the campaign on Iran -- it'd be the country's first cyberattack against the UK, in fact. While the actual damage was relatively limited (about 30 Members of Parliament were compromised out of roughly 9,000 total accounts), the intrusion supports beliefs that Iran has become a serious player in cyberwarfare after years of being little more than a target. Officials aren't commenting on the attack, but there are a few theories as to why Iran would take this risk.
Russia is hacking the phones of NATO soldiers
Russia's digital warfare campaign isn't limited to targeting distant servers. The Wall Street Journal has learned that Russian hackers are targeting individual NATO soldiers near, such as those deployed to Poland and the Baltic states. The intruders are compromising phones or Facebook accounts, in some cases grabbing data from handsets and erasing contacts. And while the Russian government has historically denied involvement in any hacking campaign, officials have little doubt that it's behind the attacks.
US pressured North Korea by overwhelming hackers with data traffic
The US is no stranger to hacking North Korea, but it's usually in a bid to directly thwart the country's military ambitions. Now, however, those attacks are being used as a diplomatic strategy. The Washington Post has learned that President Trump ordered a broad pressure campaign against North Korea that led to the US conducting a denial of service attack against North Korea's spying office, the Reconnaissance General Bureau. The move flooded the RGB's servers with traffic that effectively strangled their internet access, including the Bureau 121 group responsible for the North's hacking campaigns. And while it clearly didn't change Kim Jong Un's mind, it does appear to have had a practical effect.
US Cyber Command may be splitting off from the NSA
It sounds as though the United States' Cyber Command will break off from the National Security Agency and be more aligned with the military in the future. The move would "eventually" cleave Cyber Command from the intelligence-focused NSA and instead align it more with the military, according to the Associated Press. "The goal is to give Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA," AP reports. The NSA's core task of intelligence gathering sometimes is at odds with military cyber warfare operations, hence the proposed separation. Prior to this, the two had clashed on getting intel from Islamic State networks (the NSA's task) and attacking (Cyber Command's).
The US military might let its IT warriors skip boot camp
The commander of US Cyber Command (US CYBERCOM) told the Senate Armed Services Committee today that they're having difficulty raising a number of "cyber-warriors." They're in such a hurry to field a force of information technology- and digital security-trained soldiers that they're considering letting them skip boot camp. If America is to sally forth into the future with its arsenal of digital weapons, it desperately needs personnel to wield them.