Free Republic

President Biden departed for his first foreign trip abroad on Wednesday morning, telling reporters that his goal will be to demonstrate to Russia and China that the alliance between the U.S. and Europe is strong. “Strengthening the alliance, making clear to Putin and to China that Europe and the United States are tight,” Biden told reporters at Joint Base Andrews before departing for the United Kingdom when asked about the goal of the trip. Biden also said he would lay out a coronavirus vaccine strategy for the world and that cyberattacks would be a subject of his discussion with Russian...

WASHINGTON—At least two groups of China-linked hackers have spent months using a previously undisclosed vulnerability in virtual private networking devices to spy on the U.S. defense industry, researchers and the devices’ manufacturer said. Utah-based IT company Ivanti said in a statement on April 20 the hackers took advantage of the flaw in its Pulse Connect Secure suite to break into the systems of “a very limited number of customers.” Ivanti said that while mitigations are in place, a fix for the issue would be unavailable until early May. Ivanti provided no details about who might be responsible for the espionage...

Espionage is an old story. Long ago Moses dispatched twelve spies to explore the land of Canaan as a future home for the Israelite people. They reported they had found a land flowing with milk and honey. On December 8, 2020 it was disclosed that individuals, almost certainly Russian, had hacked the U.S. security firm Fire Eye, only one of the many targets compromised in the cybersecurity industry. It soon became apparent that foreign hackers had attacked both governmental and unofficial organizations. A large-scale espionage campaign has breached the U.S. Treasury and Commerce Departments and other government agencies. Microsoft and...

The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint alert urging critical infrastructure operators to take immediate measures to reduce the exposure of operational technology (OT) systems to cyberattacks. The NSA and CISA say it’s imperative that critical infrastructure asset owners and operators secure industrial control systems (ICS) and other OT systems due to the high risk of cyberattacks launched by foreign threat actors. The agencies say industrial systems are being increasingly exposed to the internet for remote operations and monitoring purposes, expanding the outsourcing of key skill areas,...

Prime Minister Scott Morrison has warned that the Australian government as well as private organisations have been subject to sustained cyber-attacks from a “sophisticated state-based cyber actor” on Friday morning during a news conference.The announcement comes just days after Foreign Affairs Minister Marise Payne called out online disinformation campaigns from China and Russia.Scott Morrison read a prepared statement to reporters in Canberra saying that the activity was targeting “Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers, and operators of other critical infrastructure.”“We know it is a sophisticated...

A prolific Chinese government-backed cyber group has recently stepped up its attacks on health care, pharmaceutical and other sectors, according to research released Wednesday by cybersecurity group FireEye. FireEye experts discovered that the Chinese cyber threat group known as APT41 had launched what they described as “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.” The group, which FireEye previously assessed with “high confidence” is state-sponsored, was found to have widely targeted companies in almost two dozen countries in a variety of sectors between January and March. Beyond health-related industries, APT41 also...

Former Democratic presidential nominee Hillary Clinton will serve as a keynote speaker at the Cyber Defense Summit 2019, the cybersecurity company FireEye announced on Thursday. "We are pleased to announce that Former U.S. Secretary of State Hillary Rodham Clinton will be a featured keynote at our FireEyeSummit in October! Secretary Clinton will engage in an intimate Q&A keynote discussion," a tweet from the company read. The event is designed to inform executives on cybersecurity, as well as security practitioners on how to "mitigate, detect, and respond to cyber attacks."

The incident is certain to spark further debate on how cyberattacks and live conflict should mix. It’s an important distinction as countries including the United States grow increasingly concerned at the possibility a cyberattack on the electric grid, water supply or other infrastructure could lead to loss of human life, and create norms for how they will respond to those threats, either immediately or preemptively. The North Atlantic Treaty Organization (NATO) has been the preeminent world group involved in creating rules and norms for how cyber conflict and “kinetic,” or live physical conflict, should intersect. NATO’s role at the forefront...

WASHINGTON — The Obama White House’s chief cyber official testified Wednesday that proposals he was developing to counter Russia’s attack on the U.S. presidential election were put on a “back burner” after he was ordered to “stand down” his efforts in the summer of 2016. The comments by Michael Daniel, who served as White House “cyber security coordinator” between 2012 and January of last year, provided his first public confirmation of a much-discussed passage in the book, “Russian Roulette: The Inside Story of Putin’s War on America and the Election of Donald Trump,” co-written by this reporter and David Corn,...

The Pentagon has quietly empowered the United States Cyber Command to take a far more aggressive approach to defending the nation against cyberattacks, a shift in strategy that could increase the risk of conflict with the foreign states that sponsor malicious hacking groups. The U.S. Cyber Command was created partly in response to a Russian hacking attack that long predated the 2016 election. In the fall of 2008, Russian intelligence agencies penetrated SIPRNet, the Pentagon’s secret internal network; that led to a rush to consolidate several cyberprograms into a command. The Chinese, meanwhile, were stealing weapons designs, including blueprints for...

Bank robberies aren’t as exciting as they used to be when they were the stuff of Ocean’s Eleven style, or the coarser Bonnie and Clyde. No more black balaclavas or dead president masks. No more guns, no more physical threats. This is the age of the cyber thief, and Mexico’s recent $110-million bank heist didn’t even require a criminal to touch the money at all. With a push of a button it was gone--almost. Gone, too, is the excitement of getting caught up in a bank robbery as dramatized on television. But the lack of physical excitement also means that...

WASHINGTON — President Trump on Monday officially designated North Korea as a state sponsor of terrorism, returning the rogue nation to a list from which it had been removed during the George W. Bush administration. North Korea had been removed from the list under the George W. Bush administration in an attempt to salvage negotiations for a nuclear deal. The president made the announcement at the White House on Monday morning. North Korea will join Sudan, Syria and Iran as countries that the State Department identifies as ones that have “repeatedly provided support for acts of international terrorism.” Administration officials...

Computer systems from Russia to the United States were struck on Tuesday in an international cyberattack that bore similarities to a recent assault that crippled tens of thousands of machines worldwide. As reports of the attack spread quickly, the Ukrainian government said that several of its ministries, radiation monitoring at the Chernobyl nuclear facility, local banks and metro systems had been affected. A number of companies — including the Danish shipping giant Maersk; Rosneft, the Russian energy giant; Saint-Gobain, the French construction materials company; and WPP, the British advertising agency — also said they had been targeted.

The nation's top state election officials say they'll keep fighting a Department of Homeland Security order that designates state and local election systems as "critical infrastructure," and aren't happy with the message they got this week that the designation will remain. For the moment, that fight means lobbying congressional delegations to use whatever power is at their disposal to make DHS back off. Barring that, a separation of powers lawsuit may be their last option, but it's not clear yet if any state or coalition of states is willing to take that step just yet. Week Twenty-Two of the Trump...

arly last August, an envelope with extraordinary handling restrictions arrived at the White House. Sent by courier from the CIA, it carried “eyes only” instructions that its contents be shown to just four people: President Barack Obama and three senior aides. Inside was an intelligence bombshell, a report drawn from sourcing deep inside the Russian government that detailed Russian President Vladi­mir Putin’s direct involvement in a cyber campaign to disrupt and discredit the U.S. presidential race.

Critical American infrastructure like the electric grid will remain vulnerable to catastrophic cyber attacks from Russia and China for at least 10 years, according to a Pentagon study.A report by a Defense Science Board task force concludes that the decade-long cyber vulnerabilities must be mitigated while the Pentagon quickly creates new cyber deterrence capabilities, including offensive cyber weapons designed to inflict damage on adversaries and their leaders.The 44-page report, "Task Force on Cyber Deterrence" was made public Feb. 28. It is based on a two-year study by a panel of military and defense experts.The report presents a dire picture of weaknesses...

WASHINGTON -- Hillary Rodham Clinton's private email server, which stored some 55,000 pages of emails from her time as secretary of state, was the subject of attempted cyberattacks originating in China, South Korea and Germany after she left office in early 2013, according to a congressional document obtained by The Associated Press. While the attempts were apparently blocked by a "threat monitoring" product that Clinton's employees connected to her network in October 2013, there was a period of more than three months from June to October 2013 when that protection had not been installed, according to a letter from Sen....

President Obama warned Russia on Friday not to wage cyberwarfare against the United States, saying, “We can do stuff to you” as he defended his handling of Moscow’s alleged hacking of Democrats’ emails to influence the 2016 election. “Our goal continues to be to send a clear message to Russia or others not to do this to us, because we can do stuff to you,” Obama told reporters at his final press conference of 2016.

Obama administration officials sought on Monday to reassure the public that it was taking steps to counter new types of cyber attacks such as the one Friday that rendered Twitter, Spotify, Netflix and dozens of other major websites unavailable. The Department of Homeland Security said it had held a conference call with 18 major communication service providers shortly after the attack began and was working to develop a new set of “strategic principles” for securing internet-connected devices. DHS said its National Cybersecurity and Communications Integration Center was working with companies, law enforcement and researchers to cope with attacks made possible...

This is serious and genuinely alarming. Bruce Schneider is an expert in cyber-security, the Chief Technology Officer of Resilient, an IBM Company, a fellow at Harvard’s Berkman Center, and a board member of Electronic Frontier Foundation — an organization defending our rights in the digital world. In a blog post, Schneider sounds the alarm that in the past year, the websites of major companies that provide the Internet’s basic services repeatedly have been attacked, each time more sophisticated than the last, which suggests “someone” is practicing how to take down the Internet by learning from the companies’ defensive moves. Below...