FBI
Latest
FBI seizes site dedicated to selling data breach information
Following an international operation, the FBI has seized and shut down a website called WeLeakInfo that sold private user data from over 10,000 data breaches. As part of the operation, police in the Netherlands and Northern Ireland arrested two 22-year old believed to be connected to the site. Meanwhile the FBI, working in coordination with police forces in Europe,took down the domain for the site and redirected it to a seizure notice (above).
Attorney General asks Apple to unlock naval base shooter's iPhones
Attorney General William Barr has joined the FBI in asking Apple to unlock two iPhones belonging to the man who attacked a naval base in Pensacola, Florida, in December. Barr also declared the shooting "an act of terrorism." Apple has given investigators details from Mohammed Saeed Alshamrani's iCloud account, but it rejected a plea from the FBI to unlock the phones. The company has claimed complying with such a request could set a precedent that may compel it to unlock a device whenever a federal agency asks it to. The Justice Department wants access to Alshamrani's phones so it can view encrypted messages on apps such as WhatsApp and Signal. It's hoping to determine whether he was acting alone or if others knew of his plans. Barr noted that both phones were damaged in the attack, but said FBI crime lab experts were able to make them operational. The attorney general claimed at a press conference Monday Apple "has not given us any substantive assistance" when it came to unlocking the devices. "This situation perfectly illustrates why it is critical that investigators be able to get access to digital evidence once they have obtained a court order based on probable cause," he said. "We call on Apple and other technology companies to help us find a solution so that we can better protect the lives of Americans and prevent future attacks."
FBI asks Apple to help unlock iPhones of suspected naval station shooter
The FBI is once again asking Apple to help it access iPhones for the sake of an investigation. The bureau has sent a letter to Apple's general counsel requesting the company's help in unlocking the two iPhones of Mohammed Saeed Alshamrani, the man believed responsible for killing three people at Naval Air Station Pensacola. FBI officials have requested help from other agencies and countries as well as "familiar contacts in the third-party vendor community," but are hoping Apple will make their lives easier. One of those contacts might be CelleBrite, which reportedly helped the FBI crack San Bernardino shooter Syed Farook's iPhone 5c.
FBI program helps companies fool hackers with 'decoy data'
The FBI thinks it has a way for companies to limit the damage from data breaches: lure thieves into taking the wrong data. Ars Technica has learned of an FBI program, IDLE (Illicit Data Loss Exploitation), that has companies plant "decoy data" to confuse intruders looking to steal valuable info. Think of it as a honeypot for would-be fraudsters and corporate spies.
Senators ask credit agencies why they don't report FBI data requests
Tech companies have long disclosed the number of national security letters (NSLs) they get from authorities, but the credit reporting agencies that often dictate your financial future have been silent -- and Congress wants answers. Senators Elizabeth Warren, Ron Wyden and Rand Paul have sent letters to the CEOS of Equifax, Experian and TransUnion asking why the companies don't divulge how many NSLs they receive from the FBI, or release those requests once the non-disclosure orders end. These companies have the "responsibility" to come clean about their information handling when they have loads of "potentially sensitive data," the senators said.
DOJ charges two Russians with using malware to steal millions
Officials are offering a $5 million reward for information that leads to the capture of Maksim Yakubets of Moscow. Yakubets is one of two Russian nationals charged with cybercrimes that resulted in tens of millions in losses. The $5 million reward is the largest amount offered for a cyber criminal's capture to date.
ACLU sues to reveal the FBI's uses of facial recognition
The ACLU is unsurprisingly concerned about the FBI's use of facial recognition, and it wants to force the agency to divulge its practices. It just filed a lawsuit against the FBI, the Justice Department and the DEA ordering them to turn over records showing "when, where and how" they use facial recognition tech. The civil liberties group was concerned that these systems could "fundamentally alter" society and lead to constant surveillance, and pointed to the FBI's history and public stances as reasons to be concerned.
FISA court: FBI use of NSA's electronic surveillance data was illegal
A US court ruled that some of the FBI's electronic surveillance activities violated the constitutional privacy rights of Americans. The Foreign Intelligence Surveillance Court (FISC) deemed that FBI officials improperly searched a National Security Agency (NSA) intelligence database for info on Americans. The ruling was made last year but just revealed by the intelligence community today.
Justice Department sets rules for using genealogy sites to solve crimes
Investigators have used genealogy sites to solve a string of cold cases in recent years, but the US hasn't really had a firm stance on how and when to use those sites. There's now a basic framework in place, however. The Justice Department has established interim rules that determine how this forensic genetic genealogy can be used to tackle unsolved violent crimes. Officials portray it as striking a balance between the desire to solve crimes with the protection of privacy and civil freedoms.
Russia reportedly breached encrypted FBI comms in 2010
When the Obama administration kicked out Russian operatives and seized compounds, it might have been for more than their meddling in the 2016 presidential election. Unnamed officials talking to Yahoo News say that some of those diplomats were involved in a counterintelligence strategy that breached FBI communications starting in 2010. Reportedly, the Russians had "dramatically improved" their decryption of some secure comms technology, including the radios used by mobile surveillance teams and the push-to-talk cellphones used as backups. The Russians could track and intercept the chats between agents, though it's not clear if that was possible in real-time.
Facebook, Google meet intelligence agencies to talk 2020 election security
Both intelligence agencies and tech companies are gearing up to secure the 2020 US election, and that apparently includes some heart-to-heart conversations between the two. Bloomberg sources have learned that Facebook, Google, Microsoft and Twitter are meeting members of the FBI, Homeland Security and the Office of the Director of National Intelligence to discuss the industry's security strategy. This reportedly includes plans for tighter coordination between tech and government, as well as curbing disinformation campaigns.
Huawei accuses the US of cyberattacks and other ‘unscrupulous’ behavior
Today, Huawei accused the US of carrying out cyberattacks, attempted entrapment, unlawful searches and more. The company says the US has "been using every tool at its disposal" including "unscrupulous means" to disrupt the business operations of Huawei and its partners. The accusations, which were made without evidence, come one day after the US and Poland signed an agreement to rigorously investigate 5G network equipment from foreign providers like Huawei.
Here’s how AG Barr is going to get encryption 'backdoors'
If you heard the reverberation of a few thousand heads exploding last week, it was the sound of information security professionals reacting to US Attorney General Barr saying that Big Tech "can and must" put backdoors into encryption. In his speech for a cybersecurity conference at Fordham University, Barr warned tech companies that time was running out for them to develop ways for the government to break encryption. FBI Director Christopher Wray agreed with him.
US senator calls for probe into FaceApp over privacy concerns
Remember when FaceApp went viral for all the wrong reasons? That happened again recently, though this time, the controversy became big enough for a US Senator to get involved. New York Democratic Senator Chuck Schumer has asked the FBI and the FTC to launch a probe into the Russian-developed selfie-editing app after it was discovered that it uploads users' photos to the cloud and that it requires "full and irrevocable access to their personal photos and data."
The FBI plans more social media surveillance
The FBI wants to gather more information from social media. Today, it issued a call for contracts for a new social media monitoring tool. According to a request-for-proposals (RFP), it's looking for an "early alerting tool" that would help it monitor terrorist groups, domestic threats, criminal activity and the like.
FBI and ICE use DMV photos as 'gold mine' for facial recognition data
Cities and companies might be turning away from facial recognition, but federal agents are embracing it -- whether or not the public is fully aware of what's happening. Georgetown Law researchers and the Washington Post have discovered that FBI and ICE investigators have been using state DMVs as a "gold mine" for facial recognition data, scanning hundreds of millions of photos to create an unofficial surveillance infrastructure. Officers routinely use the info to help track down suspects in "low-level" crimes like petty theft, and they use it frequently -- the FBI by itself conducts 4,000 facial recognition searches per month.
The FBI wants help from victims of QuadrigaCX's cryptocurrency collapse
Remember that wild cryptocurrency story from earlier this year? The one where a Canadian exchange shut down shortly after co-founder and CEO Gerald Cotten died, claiming he was the only one who could access its wallets. Wallets that should've stored assets for 76,000 customers with a value of around $200 million (CAD). If any of that was your digital money then yeah, you probably do remember. Investigations into the company, QuadrigaCX, have suggested it did not have the money to satisfy its deposits, and naturally, law enforcement is sniffing around. Its customers were located around the world, and the FBI is circulating a form for customers to get in touch with it, the IRS, the Washington D.C. AG's office and the DoJ's Computer Crime and Intellectual Property Section.
US charges China-based hacking group for massive 2015 Anthem breach
Four years after hackers committed one of the worst data breaches in history, the US Justice Department has charged a "sophisticated China-based hacking group" with the attacks. An indictment released yesterday charges two members of the group, Fuji Wang and another listed as John Doe, with four counts of conspiracy and intentional damage. According to the indictment, Wang and Doe allegedly broke into and stole data from computer networks in four distinct business sectors. The most high-profile hit was the 2015 Anthem breach, in which prosecutors say the hackers stole personal information from nearly 80 million people.
A ransomware attack is holding Baltimore's networks hostage
A ransomware attack brought Baltimore city government's computers to a halt yesterday. The hackers are reportedly holding the city's files hostage, demanding up to 13 Bitcoins (about $76,280) to free the city's systems. As of this afternoon, the city has quarantined the ransomware, the Baltimore Sun reports. But, in a press conference, the city said it is not sure when all of the systems will be functioning again.
Microbiome testing startup faces FBI investigation over billing
Another lab testing startup is facing legal scrutiny, albeit not for the same reasons as Theranos. The Wall Street Journal has learned that the FBI is investigating uBiome, a firm that tests microbiomes (the communities of organisms in your body) to inform your health decisions, over its "billing practices." Agents reportedly conducted a search of uBiome's offices on April 26th, with the FBI confirming that it had visited the address.
