Gabby Petito’s Disappearance: a Timeline

The authorities said on Sept. 19 that they had found human remains consistent with a description of Ms. Petito, 22 in Wyoming. She had traveled to national parks with her fiancé, Brian Laundrie. Their social media accounts provide a glimpse into their trip.

#arches-national-park-utah, #federal-bureau-of-investigation, #florida, #grand-teton-national-park-wyo, #laundrie-brian, #missing-persons, #national-park-service, #national-parks-monuments-and-seashores, #petito-gabrielle

Brian Laundrie’s Sister Says She Hasn’t Spoken to Him Since Gabby Petito Disappeared

Police want to question Brian Laundrie after his fiancée, Gabrielle Petito, disappeared on a cross-country trip. Mr. Laundrie’s sister said she hadn’t heard from him since he returned.

#federal-bureau-of-investigation, #florida, #instagram-inc, #laundrie-brian, #missing-persons, #north-port-fla, #petito-gabrielle

Trump-Era Special Counsel Secures Indictment of Lawyer

The defendant, Michael Sussmann, is accused of lying to the F.B.I. in a meeting about Trump and Russia. He denies wrongdoing.

#alfa-group-consortium, #baker-james-e, #democratic-party, #durham-john-h, #federal-bureau-of-investigation, #justice-department, #presidential-election-of-2016, #russia, #russian-interference-in-2016-us-elections-and-ties-to-trump-associates, #special-prosecutors-independent-counsel, #sussmann-michael, #trump-organization, #trump-donald-j, #united-states-politics-and-government

Fiancé Is a ‘Person of Interest’ in the Disappearance of Gabrielle Petito

Gabrielle Petito and her fiancé, Brian Laundrie, left on July 2 for an adventure in their outfitted van. Now, the police say, she is missing and her fiancé is “a person of interest” in her disappearance.

#federal-bureau-of-investigation, #florida, #grand-teton-national-park-wyo, #instagram-inc, #laundrie-brian, #long-island-ny, #missing-persons, #petito-gabrielle, #police-department-nyc, #utah

Durham Is Said to Seek Indictment of Lawyer at Firm With Democratic Ties

The lawyer, Michael Sussmann, is accused of lying to the F.B.I. in a 2016 meeting about Trump and Russia. He denies wrongdoing.

#alfa-group-consortium, #baker-james-e, #clinton-hillary-rodham, #democratic-national-committee, #durham-john-h, #elias-marc-e, #federal-bureau-of-investigation, #justice-department, #michael-sussmann, #presidential-election-of-2016, #russian-interference-in-2016-us-elections-and-ties-to-trump-associates, #special-prosecutors-independent-counsel, #trump-organization, #trump-donald-j, #united-states-politics-and-government

Biles, Raisman, Maroney and Nichols Testify in Nassar Hearing

Simone Biles, Aly Raisman, McKayla Maroney and Maggie Nichols are testifying at a Senate Judiciary Committee review of the Lawrence G. Nassar sexual abuse investigation.

#biles-simone, #child-abuse-and-neglect, #federal-bureau-of-investigation, #gymnastics, #justice-department, #maroney-mckayla, #nassar-lawrence-g-1963, #raisman-aly

‘I’m Part of Something That’s Really Evil’

The story of Terry Albury, an F.B.I. agent so disillusioned by the war on terror that he was willing to leak classified documents.

#albury-terry-j, #audio-negative-sad, #audio-neutral-informative, #classified-information-and-state-secrets, #federal-bureau-of-investigation, #september-11-2001, #united-states

Howard University cancels classes after ransomware attack

Washington D.C’s Howard University has canceled classes after becoming the latest educational institution to be hit by a ransomware attack.

The incident was discovered on September 3, just weeks after students returned to campus, when the University’s Enterprise Technology Services (ETS) detected “unusual activity” on the University’s network and intentionally shut it down in order to investigate.

“Based on the investigation and the information we have to date, we know the University has experienced a ransomware cyberattack,” the university said in a statement. While some details remain unclear — it’s unknown who is behind the attack or how much of a ransom was demanded — Howard University said that there is no evidence so far to suggest that personal data of its 9,500 undergraduate and graduate students been accessed or exfiltrated. 

“However, our investigation remains ongoing, and we continue to work toward clarifying the facts surrounding what happened and what information has been accessed,” the statement said.

In order to enable its IT team to fully assess the impact of the ransomware attack, Howard University has canceled Tuesday’s classes, opening its campus to essential employees only. Campus Wi-Fi will also be down while the investigation is underway, though cloud-based software will remain available to students and teachers. 

“This is a highly dynamic situation, and it is our priority to protect all sensitive personal, research and clinical data,” the university said. “We are in contact with the FBI and the D.C. city government, and we are installing additional safety measures to further protect the University’s and your personal data from any criminal ciphering.”

But the university warned that that remediation will be “a long haul — not an overnight solution.”

Howard University is the latest in a long line of educational institutions to be hit by ransomware since the start of the pandemic, with the FBI’s Cyber Division recently warning that cybercriminals using this type of attack are focusing heavily on schools and universities due to the widespread shift to remote learning. Last year, the University of California paid $1.14 million to NetWalker hackers after they encrypted data within its School of Medicine’s servers, and the University of Utah paid hackers $457,000 to prevent them from releasing data stolen during an attack on its network. 

According to Emsisoft threat analyst Brett Callow last month, ransomware attacks have disrupted 58 U.S. education organizations and school districts, including 830 individual schools, so far in 2021. Emsisoft estimates that in 2020, 84 incidents disrupted learning at 1,681 individual schools, colleges, and universities.

“We’ll likely see a significant increase in ed sector incidents in the coming weeks,” Callow tweeted on Tuesday.

#california, #cloud-based-software, #crime, #crimes, #cyberattacks, #cybercrime, #federal-bureau-of-investigation, #ransomware, #security, #united-states, #university-of-california, #utah, #washington

At Least 10 of Deshaun Watson’s Accusers Have Filed Police Reports

The women said Deshaun Watson, the Houston Texans quarterback, sexually assaulted them or touched them inappropriately.

#buzbee-tony-g, #federal-bureau-of-investigation, #football, #hardin-rusty, #harris-county-tex, #houston-tex, #houston-texans, #national-football-league, #police-department-houston-tex, #suits-and-litigation-civil, #watson-deshaun-1995

Biden Moves to Declassify Some Documents Related to Sept. 11

In an executive order, the president instructed Attorney General Merrick B. Garland to publicly release the declassified documents over the next six months.

#al-qaeda, #barr-william-p, #biden-joseph-r-jr, #classified-information-and-state-secrets, #federal-bureau-of-investigation, #garland-merrick-b, #justice-department, #saudi-arabia, #september-11-2001, #terrorism, #trump-donald-j

FBI says Chinese authorities are hacking US-based Uyghurs

The FBI has warned that the Chinese government is using both in-person and digital techniques to intimidate, silence and harass U.S.-based Uyghur Muslims. 

The Chinese government has long been accused of human rights abuses over its treatment of the Uyghur population and other mostly Muslim ethnic groups in China’s Xinjiang region. More than a million Uyghurs have been detained in internment camps, according to a United Nations human rights committee, and many other Uyghurs have been targeted and hacked by state-backed cyberattacks. China has repeatedly denied the claims.

In recent months, the Chinese government has become increasingly aggressive in its efforts to shut down foreign critics, including those based in the United States and other Western democracies. These efforts have now caught the attention of the FBI.

In an unclassified bulletin, the FBI warned that officials are using transnational repression — a term that refers to foreign government transgression of national borders through physical and digital means to intimidate or silence members of diaspora and exile communities — in an attempt to compel compliance from U.S.-based Uyghurs and other Chinese refugees and dissidents, including Tibetans, Falun Gong members, and Taiwan and Hong Kong activists.

“Threatened consequences for non-compliance routinely include detainment of a U.S.-based person’s family or friends in China, seizure of China-based assets, sustained digital and in-person harassment, Chinese government attempts to force repatriation, computer hacking and digital attacks, and false representation online,” the FBI bulletin warns. 

The bulletin was reported by video surveillance news site IPVM.

The FBI highlighted four instances of U.S.-based individuals facing harassment. In one case from June, the Chinese government imprisoned dozens of family members of six U.S.-based Uyghur journalists in retaliation for their continued reporting on China and its repression of Uyghurs for the U.S. government-funded news service Radio Free Asia. The bulletin said that between 2019 and March 2021, Chinese officials used WeChat to call and text a U.S.-based Uyghur to discourage her from publicly discussing Uyghur mistreatment. Members of this person’s family were later detained in Xinjiang detention camps. 

“The Chinese government continues to conduct this activity, even as the U.S. government has sanctioned Chinese officials and increased public and diplomatic messaging to counter China’s human rights and democratic abuses in Xinjiang over the past year,” the FBI states. “This transnational repression activity violates US laws and individual rights.

The FBI has urged U.S. law enforcement personnel, as well as members of the public, to report any suspected incidents of Chinese government harassment.

Read more:

#china, #cybersecurity, #falun-gong, #federal-bureau-of-investigation, #hacking, #mobile-security, #privacy, #security, #us-government, #uyghurs, #xinjiang

Joining Plastic, Glass and Metal on the Recycle List: Fake Art

Experts say discredited works of art often resurface on the market again and again, in part because their owners just won’t take no for an answer.

#art, #dedalus-foundation, #federal-bureau-of-investigation, #forgery, #frauds-and-swindling, #knoedlerco

‘I Helped Destroy People’

Terry Albury, an idealistic F.B.I. agent, grew so disillusioned by the war on terror that he was willing to leak classified documents — and go to prison for doing it.

#classified-information-and-state-secrets, #content-type-personal-profile, #espionage-and-intelligence-services, #ethics-and-official-misconduct, #federal-bureau-of-investigation, #human-rights-and-human-rights-violations, #muslim-americans, #race-and-ethnicity, #september-11-2001, #surveillance-of-citizens-by-government, #terrorism, #terry-albury, #united-states-defense-and-military-forces, #wiretapping-and-other-eavesdropping-devices-and-methods

Intelligence Review Yields No Firm Conclusion on Origins of Virus

Declassified portions of a report presented to President Biden revealed divisions among federal agencies over whether the virus came from a lab leak or natural processes.

#biden-joseph-r-jr, #coronavirus-2019-ncov, #espionage-and-intelligence-services, #federal-bureau-of-investigation, #laboratories-and-scientific-equipment, #national-intelligence-council, #office-of-the-director-of-national-intelligence, #wuhan-china, #wuhan-institute-of-virology-china

Spies for Hire: China’s New Breed of Hackers Blends Espionage and Entrepreneurship

The state security ministry is recruiting from a vast pool of private-sector hackers who often have their own agendas and sometimes use their access for commercial cybercrime, experts say.

#chengdu-china, #china, #commerce-department, #computer-security, #computers-and-the-internet, #cyberwarfare-and-defense, #defense-and-military-forces, #espionage-and-intelligence-services, #federal-bureau-of-investigation, #hainan-island-china, #industrial-espionage, #justice-department, #ministry-of-state-security-of-the-peoples-republic-of-china, #peoples-liberation-army-china, #politics-and-government, #xi-jinping

Defendant in Plot to Kidnap Michigan’s Governor Whitmer Sentenced

Ty G. Garbin, 25, had pleaded guilty to taking part in an extremist plot driven by anger at the governor’s efforts to slow the spread of the coronavirus.

#antrim-county-mich, #boogaloo-movement, #federal-bureau-of-investigation, #storming-of-the-us-capitol-jan-2021, #whitmer-gretchen, #wolverine-watchmen

Pearson to pay $1M fine for misleading investors about 2018 data breach

Pearson, a London-based publishing and education giant that provides software to schools and universities has agreed to pay $1 million to settle charges that it misled investors about a 2018 data breach resulting in the theft of millions of student records.

The U.S. Securities and Exchange Commission announced the settlement on Monday after the agency found that Pearson made “misleading statements and omissions” about its 2018 data breach, which saw millions of student usernames and scrambled passwords stolen, along with the administrator login credentials of 13,000 schools, district and university customer accounts.

The agency said that in Person’s semi-annual review filed in July 2019, the company referred to the incident as a “hypothetical risk,” even after the data breach had happened. Similarly, in a statement that same month, Pearson said the breach may include dates of birth and email addresses, when it knew that such records were stolen, according to the SEC.

Pearson also said that it had “strict protections” in place when it actually took the company six months to patch the vulnerability after it was notified.

“As the order finds, Pearson opted not to disclose this breach to investors until it was contacted by the media, and even then Pearson understated the nature and scope of the incident, and overstated the company’s data protections,” said Kristina Littman, chief of the SEC Enforcement Division’s Cyber Unit. “As public companies face the growing threat of cyber intrusions, they must provide accurate information to investors about material cyber incidents.”

While Pearson did not admit wrongdoing as part of the settlement, Pearson agreed to pay a $1 million penalty — a small fraction of the $489 million in pre-tax profits that the company raked in last year.

A Pearson spokesperson told TechCrunch: “We’re pleased to resolve this matter with the SEC. We also appreciate the work of the FBI and the Justice Department to identify and charge those responsible for a global cyberattack that affected Pearson and many other companies and industries, including at least one government agency.”

Pearson said the breach related to its AIMSweb1.0 web-based software for entering and tracking students’ academic performance, which it retired in July 2019. “Pearson continues to enhance its cybersecurity efforts to minimize the risk of cyberattacks in an ever-changing threat landscape,” the spokesperson added.

#articles, #computer-security, #cyberattack, #cybercrime, #data-breach, #data-security, #federal-bureau-of-investigation, #pearson, #security, #u-s-securities-and-exchange-commission

A Lawyer’s Deathbed Confession About a Sensational 1975 Kidnapping

Samuel Bronfman, heir to the Seagram fortune, was abducted by two men who confessed to the crime. But then their story evolved wildly, and the jury believed it. Was it all a lie?

#bronfman-edgar-m-sr-1929-2013, #deblasio-peter-a-1960, #federal-bureau-of-investigation, #flatbush-brooklyn-ny, #homosexuality-and-bisexuality, #kidnapping-and-hostages, #purchase-ny, #seagram-company-limited-the, #westchester-county-ny, #yorktown-heights-ny

Apple says it will begin scanning iCloud Photos for child abuse images

Later this year, Apple will roll out a technology that will allow the company to detect and report known child sexual abuse material to law enforcement in a way it says will preserve user privacy.

Apple told TechCrunch that the detection of child sexual abuse material (CSAM) is one of several new features aimed at better protecting the children who use its services from online harm, including filters to block potentially sexually explicit photos sent and received through a child’s iMessage account. Another feature will intervene when a user tries to search for CSAM-related terms through Siri and Search.

Most cloud services — Dropbox, Google, and Microsoft to name a few — already scan user files for content that might violate their terms of service or be potentially illegal, like CSAM. But Apple has long resisted scanning users’ files in the cloud by giving users the option to encrypt their data before it ever reaches Apple’s iCloud servers.

Apple said its new CSAM detection technology — NeuralHash — instead works on a user’s device, and can identify if a user uploads known child abuse imagery to iCloud without decrypting the images until a threshold is met and a sequence of checks to verify the content are cleared.

News of Apple’s effort leaked Wednesday when Matthew Green, a cryptography professor at Johns Hopkins University, revealed the existence of the new technology in a series of tweets. The news was met with some resistance from some security experts and privacy advocates, but also users who are accustomed to Apple’s approach to security and privacy that most other companies don’t have.

Apple is trying to calm fears by baking in privacy through multiple layers of encryption, fashioned in a way that requires multiple steps before it ever makes it into the hands of Apple’s final manual review.

NeuralHash will land in iOS 15 and macOS Monterey, slated to be released in the next month or two, and works by converting the photos on a user’s iPhone or Mac into a unique string of letters and numbers, known as a hash. Any time you modify an image slightly, it changes the hash and can prevent matching. Apple says NeuralHash tries to ensure that identical and visually similar images — such as cropped or edited images — result in the same hash.

Before an image is uploaded to iCloud Photos, those hashes are matched on the device against a database of known hashes of child abuse imagery, provided by child protection organizations like the National Center for Missing & Exploited Children (NCMEC) and others. NeuralHash uses a cryptographic technique called private set intersection to detect a hash match without revealing what the image is or alerting the user.

The results are uploaded to Apple but cannot be read on their own. Apple uses another cryptographic principle called threshold secret sharing that allows it only to decrypt the contents if a user crosses a threshold of known child abuse imagery in their iCloud Photos. Apple would not say what that threshold was, but said — for example — that if a secret is split into a thousand pieces and the threshold is ten images of child abuse content, the secret can be reconstructed from any of those ten images.

Read more on TechCrunch

It’s at that point Apple can decrypt the matching images, manually verify the contents, disable a user’s account and report the imagery to NCMEC, which is then passed to law enforcement. Apple says this process is more privacy mindful than scanning files in the cloud as NeuralHash only searches for known and not new child abuse imagery. Apple said that there is a one in one trillion chance of a false positive, but there is an appeals process in place in the event an account is mistakenly flagged.

Apple has published technical details on its website about how NeuralHash works, which was reviewed by cryptography experts.

But despite the wide support of efforts to combat child sexual abuse, there is still a component of surveillance that many would feel uncomfortable handing over to an algorithm, and some security experts are calling for more public discussion before Apple rolls the technology out to users.

A big question is why now and not sooner. Apple said its privacy-preserving CSAM detection did not exist until now. But companies like Apple have also faced considerable pressure from the U.S. government and its allies to weaken or backdoor the encryption used to protect their users’ data to allow law enforcement to investigate serious crime.

Tech giants have refused efforts to backdoor their systems, but have faced resistance against efforts to further shut out government access. Although data stored in iCloud is encrypted in a way that even Apple cannot access it, Reuters reported last year that Apple dropped a plan for encrypting users’ full phone backups to iCloud after the FBI complained that it would harm investigations.

The news about Apple’s new CSAM detection tool, without public discussion, also sparked concerns that the technology could be abused to flood victims with child abuse imagery that could result in their account getting flagged and shuttered, but Apple downplayed the concerns and said a manual review would review the evidence for possible misuse.

Apple said NeuralHash will roll out in the U.S. at first, but would not say if, or when, it would be rolled out internationally. Until recently, companies like Facebook were forced to switch off its child abuse detection tools across the bloc after the practice was inadvertently banned. Apple said the feature is technically optional in that you don’t have to use iCloud Photos, but will be a requirement if users do. After all, your device belongs to you but Apple’s cloud does not.

#apple, #apple-inc, #cloud-applications, #cloud-services, #computing, #cryptography, #encryption, #facebook, #federal-bureau-of-investigation, #icloud, #ios, #iphone, #johns-hopkins-university, #law-enforcement, #macos, #privacy, #security, #technology, #u-s-government, #united-states, #webmail

A Silicon Valley VC firm with $1.8B in assets was hit by ransomware

Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, was hit by a ransomware attack in July that saw cybercriminals steal personal information on the company’s private investors, or limited partners (LPs).

In a letter to the Maine attorney general’s office, ATV said it became aware of the attack on July 9 after its servers storing financial information had been encrypted by ransomware. By July 26, the ATV learned that data had been stolen from the servers before the files were encrypted, a common “double extortion” tactic used by ransomware groups, which then threaten to publish the files online if the ransom to decrypt the files is not paid.

The letter said ATV believes the names, email addresses, phone numbers and Social Security numbers of the individual investors in ATV’s funds were stolen in the attack. Some 300 individuals were affected by the incident, including one person in Maine, according to a listing on the Maine attorney general’s data breach notification portal.

Venture capital firms often do not disclose all of their LPs — the investors who have thrown millions into an investment vehicle — to the public. A number of pre-approved names may be included in an announcement, but overall, a company’s private investors try to stay that way: private. The reasons vary, but it comes down to secrecy and a degree of competitive advantage: The firm may not want competitors to know who is backing them, and an investor may not want others to know where their money is going. This particular attack likely stole key information on a hush-hush part of how venture money works.

ATV said it notified the FBI about the attack. A spokesperson for the FBI did not immediately comment when reached by TechCrunch. ATV’s managing director Mike Carusi did not respond to questions sent by TechCrunch on Monday.

The venture capital firm, based in Menlo Park, California with offices in Boston, was founded in 1979 and invests largely in technology, communications, software and services, and healthcare technology. The company was an early investor in many of the startups from the last decade, like software library Fandango, Host Analytics (now Planfun) and Apptegic (now Evergage). Its more recent investments include Tripwire, which was later sold to cybersecurity company Belden for $710 million; Cedexis, a network traffic monitoring startup acquired by Cisco in 2018; and Actifo, which was sold to Google in 2020.

Natasha Mascarenhas contributed reporting. Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send TechCrunch files or documents using our SecureDrop.

#attorney-general, #atv, #boston, #california, #cedexis, #cisco, #cybercrime, #encryption, #fandango, #federal-bureau-of-investigation, #google, #healthcare-technology, #maine, #private-equity, #ransomware, #securedrop, #security, #signal, #software, #spokesperson, #venture-capital

Court orders US Capitol rioter to unlock his laptop ‘with his face’

A federal judge in Washington DC has ordered a man accused of participating in the U.S. Capitol riot on January 6 to unlock his laptop “with his face,” after prosecutors argued that the laptop likely contains video footage that would incriminate him in the attempted insurrection.

Guy Reffitt was arrested in late January, three weeks after he participated in the riot, and has been in jail since. He has pleaded not guilty to five federal charges, including bringing a firearm to the Capitol grounds and a charge of obstructing justice. His Windows laptop was one of several devices seized by the FBI, which investigators said was protected with a password, but that it could also be unlocked using Reffitt’s face.

Prosecutors said forensic evidence suggested that the laptop contained gigabytes of footage from Reffitt’s helmet-worn camera that he allegedly used to record some of the riot, and asked the court if it could compel Reffitt to sit in front of the computer to unlock it.

Reffitt’s lawyer told the court that his client could “not remember” the password, but the court sided with the government and granted the motion to compel his biometrics. Reffitt’s lawyer told CNN, which first reported the court order, that the laptop is now unlocked.

The government took advantage of a loophole in the Fifth Amendment, a constitutional right that grants anyone in the U.S. the right to remain silent, which includes the right to not turn over information that could implicate themselves in a crime, such as a password. But some courts have ruled that those protections don’t extend to a person’s physical attributes that can be used in place of a password, such as a face scan or fingerprint.

In Reffitt’s indictment, the FBI said as such, arguing that compelling Reffitt to unlock his computer by sitting in front of it “would not run afoul of the defendant’s Fifth Amendment right against self-incrimination.”

Courts across the U.S. are still divided on the reading of the Fifth Amendment and whether or not it applies to the compelled use of a person’s biometrics. The U.S. Supreme Court isn’t likely to address the issue any time soon, rejecting two petitions in as many years to rule on the matter, leaving it largely up to the states to decide.

#articles, #digital-forensics, #federal-bureau-of-investigation, #laptops, #law, #lawyer, #password, #politics, #security, #united-states, #washington-dc

Details on F.B.I. Inquiry Into Kavanaugh Draw Fire From Democrats

The F.B.I. said some of the 4,500 tips it received about Justice Brett Kavanaugh were given to the Trump White House, leading some Democrats to call the process a sham.

#coons-christopher-a, #federal-bureau-of-investigation, #kavanaugh-brett-m, #senate, #senate-committee-on-the-judiciary, #supreme-court-us, #united-states-politics-and-government, #whitehouse-sheldon, #wray-christopher-a

US blames China for Exchange server hacks and ransomware attacks

The Biden administration has formally accused China of the mass-hacking of Microsoft Exchange servers earlier this year, which prompted the FBI to intervene as concerns rose that the hacks could lead to widespread destruction.

The mass-hacking campaign targeted Microsoft Exchange email servers with four previously undiscovered vulnerabilities that allowed the hackers — which Microsoft already attributed to a China-backed group of hackers called Hafnium — to steal email mailboxes and address books from tens of thousands of organizations around the United States.

Microsoft released patches to fix the vulnerabilities, but the patches did not remove any backdoor code left behind by the hackers that might be used again for easy access to a hacked server. That prompted the FBI to secure a first-of-its-kind court order to effectively hack into the remaining hundreds of U.S.-based Exchange servers to remove the backdoor code. Computer incident response teams in countries around the world responded similarly by trying to notify organizations in their countries that were also affected by the attack.

In a statement out Monday, the Biden administration said the attack, launched by hackers backed by China’s Ministry of State Security, resulted in “significant remediation costs for its mostly private sector victims.”

“We have raised our concerns about both this incident and the [People’s Republic of China’s] broader malicious cyber activity with senior PRC Government officials, making clear that the PRC’s actions threaten security, confidence, and stability in cyberspace,” the statement read.

The National Security Agency also released details of the attacks to help network defenders identify potential routes of compromise. The Chinese government has repeatedly denied claims of state-backed or sponsored hacking.

The Biden administration also blamed China’s Ministry of State Security for contracting with criminal hackers to conduct unsanctioned operations, like ransomware attacks, “for their own personal profit.” The government said it was aware that China-backed hackers have demanded millions of dollars in ransom demands against hacked companies. Last year, the Justice Department charged two Chinese spies for their role in a global hacking campaign that saw prosecutors accuse the hackers of operating for personal gain.

Although the U.S. has publicly engaged the Kremlin to try to stop giving ransomware gangs safe harbor from operating from within Russia’s borders, the U.S. has not previously accused Beijing of launching or being involved with ransomware attacks.

“The PRC’s unwillingness to address criminal activity by contract hackers harms governments, businesses, and critical infrastructure operators through billions of dollars in lost intellectual property, proprietary information, ransom payments, and mitigation efforts,” said Monday’s statement.

The statement also said that the China-backed hackers engaged in extortion and cryptojacking, a way of forcing a computer to run code that uses its computing resources to mine cryptocurrency, for financial gain.

The Justice Department also announced fresh charges against four China-backed hackers working for the Ministry of State Security, which U.S. prosecutors said were engaged in efforts to steal intellectual property and infectious disease research into Ebola, HIV and AIDS, and MERS against victims based in the U.S., Norway, Switzerland and the United Kingdom by using a front company to hide their operations.

“The breadth and duration of China’s hacking campaigns, including these efforts targeting a dozen countries across sectors ranging from healthcare and biomedical research to aviation and defense, remind us that no country or industry is safe. Today’s international condemnation shows that the world wants fair rules, where countries invest in innovation, not theft,” said deputy attorney general Lisa Monaco.

#attorney-general, #biden, #biden-administration, #china, #computer-security, #computing, #cyberattacks, #cybercrime, #cyberwarfare, #department-of-justice, #doj, #federal-bureau-of-investigation, #government, #hacker, #hacking, #healthcare, #internet-security, #microsoft, #national-security-agency, #norway, #russia, #security, #switzerland, #technology, #united-kingdom, #united-states

Athan Theoharis, Chronicler of F.B.I. Abuses, Dies at 84

He found his way through the formerly unobtainable files of J. Edgar Hoover, whom he called “an insubordinate bureaucrat in charge of a lawless organization.”

#books-and-literature, #classified-information-and-state-secrets, #deaths-obituaries, #espionage-and-intelligence-services, #federal-bureau-of-investigation, #freedom-of-information-act, #history-academic-subject, #hoover-j-edgar, #surveillance-of-citizens-by-government, #theoharis-athan-1936-2021, #united-states-politics-and-government, #wiretapping-and-other-eavesdropping-devices-and-methods, #writing-and-writers

Oath Keepers Leader Sits for F.B.I. Questioning Against Legal Advice

In a bold move, Stewart Rhodes, the founder and leader of the right-wing militia group, sat for an interview with federal agents after they seized his phone in May.

#federal-bureau-of-investigation, #oath-keepers, #rhodes-stewart-1966, #storming-of-the-us-capitol-jan-2021, #trump-donald-j, #united-states-politics-and-government

To end cyberterrorism, the government should extend a hand to the private sector

It is said that the best way to lose the next war is to keep fighting the last one. The citadels of the medieval ages were an effective defense until gunpowder and cannons changed siege warfare forever. Battlefield superiority based on raw troop numbers ceded to the power of artillery and the machine gun.

During World War I, tanks were the innovation that literally rolled over fortifications built using 19th-century technology. Throughout military history, innovators enjoyed the spoils of war while those who took too long to adapt were left crushed and defeated.

Cyberwarfare is no different, with conventional weapons yielding to technologies that are just as deadly to our economic and national security. Despite our military superiority and advances on the cyber front, America is still fighting a digital enemy using analog ways of thinking.

Despite our military superiority and advances on the cyber front, America is still fighting a digital enemy using analog ways of thinking.

This must change, and it begins with the government making some difficult choices about how to wield its offensive powers against an enemy hidden in the shadows, how to partner with the private sector and what it will take to protect the nation against hostile actors that threaten our very way of life.

Colonial Pipeline was one step forward, two steps back

In the aftermath of the ransomware attack against Colonial Pipeline, the Russia-linked hacking group known as DarkSide reportedly shuttered and the Federal Bureau of Investigation recovered part of the $4.4 million ransom that was paid. These are positive developments and an indicator that our government is taking these types of attacks seriously. But it does not change the fact that cyberterrorists, acting with impunity in a hostile foreign country using a technique that has been known for years, managed to shut down the country’s largest oil pipeline and walk away with millions of dollars in ransom payments. They will likely never face justice, Russia will not face any real consequences and these attacks will no doubt continue.

The reality is that while companies can get smarter about cyber defenses and users can get more vigilant in their cyber hygiene practices, only the government has the power to bring this behavior to a halt.

Countries that permit cybercriminals to operate within their borders should be made to hand them over or be subject to crippling economic sanctions. Those found providing sanctuary or other assistance to such individuals or groups should face material support charges like anyone who assists a designated terrorist organization.

Regulators should insist that cryptocurrency exchanges and wallets help track down illicit transactions and parties or be cut off from the U.S. financial system. Law enforcement, the military and the intelligence community should be aggressively working to make it so difficult, so unsafe and so unprofitable for cyberterrorists to operate that they would not dare attempt another attack against American industry or critical infrastructure.

Government must facilitate cooperation with private actors

Our biggest vulnerability and missed opportunity is the inability of public and private entities to form a unified front against cyberwar. It is essential from both a defensive and offensive perspective that the government and private sectors share cyber risk and incident information in real time. This is not currently happening.

Companies are too scared that in revealing vulnerabilities they will be sued, investigated and further victimized by the very government that is supposed to help them defend against attack. The federal government still has no answer for the problems of overclassification of information, overlapping bureaucracies and cultural barriers that provide no incentive to proactively engage with private industry to share information and technologies.

The answer is not to strong-arm companies into coming to the table and expect one-way information flow. Private actors should be able to come forward voluntarily and share information without having to fear plaintiff litigation and regulatory action. Self-disclosed cyber data made in real time should be kept confidential and used to defend and fight back, not to further punish the victim. That is no basis for a mutual partnership.

And if federal agencies, the military or the intelligence community have intelligence about future attacks and how to prevent them, they should not sit on it until long after it will do any good. There are ways to share information with private industry that are safe, timely and mutually beneficial.

Cooperation should also go beyond the exchange of cyber event information. The private sector and academia account for a massive amount of advancement in the cyber space, with total research and development spending split roughly 90%-10% between the private and public sector over the past two decades.

Our private sector — with technology companies employing the best and brightest spanning from Silicon Valley to Austin, Texas, to the technology corridor of Northern Virginia — has a tremendous amount to offer to the government yet remains a largely untapped resource. The same innovations driving private-sector profit should be used to strengthen national security.

China has already figured this out, and if we cannot find a way to leverage private-sector innovation and young talent in the United States, we will fall behind. If there has ever been a call to action where the Biden administration, Democrats and Republicans in Congress can set politics aside and embrace bipartisan solutions, this is it.

Look to the military-defense industry model

Thankfully, there is a model public-private dynamic that in many ways is working. Weapons systems today are almost exclusively manufactured by the Defense Industrial Base, and when deployed to the battlefield there is constant two-way communication with warfighters about vulnerabilities, threats and opportunities to improve effectiveness. This relationship was not forged overnight and is far from perfect. But after decades of efforts, secure collaboration platforms were developed, security clearance standards were established and trust was formed.

We must do the same between cyber authorities in the federal government and actors throughout the private sector. Financial institutions, energy companies, retailers, manufacturers and pharmaceuticals must be able to engage the government to share real-time cyber data in both directions. If the federal government learns of a threat group or technique, it should not only take the offensive to shut it down but also push that information securely and quickly to the private sector.

It is not practical for the FBI, the Department of Homeland Security or the military to assume the burden of defending private networks against cyberattacks, but the government can and should be a shoulder-to-shoulder partner in the effort. We must adopt a relationship that recognizes this is both a joint battle and burden, and we do not have years to get it right.

Call to action

When you look at the history of war, the advantage has always gone to those who innovate first. With respect to cyberwarfare, the solution does not lie solely in advanced technologies like artificial intelligence, quantum computing or blockchain. The most powerful development in today’s war against cyberterrorism might be as simple as what we all learned in preschool: the value of sharing and cooperation.

The government, the technology industry and the broader private sector must come together not only to maintain our competitive edge and embrace advances like cloud computing, autonomous vehicles and 5G, but to ensure that we defend and preserve our way of life. We have been successful in building public and private partnerships in the past and can evolve from an analog relationship to a digital one. But the government must take the reins and lead the way.

#biden-administration, #colonial-pipeline, #column, #cyberattack, #cyberterrorism, #cyberwarfare, #department-of-homeland-security, #federal-bureau-of-investigation, #national-security, #opinion, #russia, #security, #tc

U.S. Blocks Websites Linked to Iran at Key Point in Nuclear Talks

Officials seized the domains of about three dozen websites just days after Iran elected a new, hard-line president, and at a critical moment in nuclear negotiations.

#biden-joseph-r-jr, #commerce-department, #federal-bureau-of-investigation, #iran, #islamic-revolutionary-guards-corps, #khamenei-ali, #press-tv, #raisi-ebrahim, #trump-donald-j, #united-states-international-relations

I’ve Cracked Zodiac Killer Code, a French Engineer Claims

Fayçal Ziraoui caused an online uproar after saying he had cracked unsolved ciphers attributed to the Zodiac killer in California and identified him, potentially ending a 50-year-old quest.

#california, #cryptography-codes-and-ciphers, #faycal-ziraoui, #federal-bureau-of-investigation, #france, #serial-murders

F.B.I. Is Pursuing ‘Hundreds’ in Capitol Riot Inquiry, Wray Tells Congress

In two separate hearings, the F.B.I. director and Pentagon officials answered questions about the failure to adequately prepare for and respond to the Jan. 6 attack.

#attacks-on-police, #bolton-michael-a, #defense-department, #federal-bureau-of-investigation, #flynn-charles, #goodwin-gretta-l, #government-accountability-office, #homeland-security-department, #house-committee-on-oversight-and-government-reform, #maloney-carolyn-b, #national-guard, #piatt-walter, #right-wing-extremism-and-alt-right, #storming-of-the-us-capitol-jan-2021, #united-states-capitol-police, #united-states-defense-and-military-forces, #united-states-politics-and-government, #wray-christopher-a

Bitcoin and Encryption: A Race Between Criminals and the F.B.I.

The F.B.I. scored two major victories, recovering a Bitcoin ransom and tricking lawbreakers with an encryption app. But criminals may still have the upper hand.

#apple-inc, #australia, #bitcoin-currency, #colonial-pipeline-co, #computer-security, #cyberattacks-and-hackers, #data-mining-and-database-marketing, #federal-bureau-of-investigation, #google-inc, #justice-department, #organized-crime, #police, #surveillance-of-citizens-by-government, #united-states, #united-states-politics-and-government, #virtual-currency

Perceived Grievances Drove Virginia Beach Gunman to Kill 12, F.B.I. Finds

DeWayne Craddock, a city engineer who went on a shooting rampage in 2019, had been “fixated for years” on criticism at work, the F.B.I. said.

#craddock-dewayne, #federal-bureau-of-investigation, #mass-shootings, #virginia-beach-va, #virginia-beach-va-shooting-2019, #workplace-hazards-and-violations

Hunting Leaks, Trump Officials Focused on Democrats in Congress

The Justice Department seized records from Apple for metadata of House Intelligence Committee members, their aides and family members.

#classified-information-and-state-secrets, #cnn, #federal-bureau-of-investigation, #house-committee-on-intelligence, #house-of-representatives, #justice-department, #new-york-times, #news-sources-confidential-status-of, #russian-interference-in-2016-us-elections-and-ties-to-trump-associates, #united-states-politics-and-government, #washington-post

JBS Paid $11 Million Ransom to Hackers

The breach was the latest in a string of attacks targeting businesses critical to American infrastructure.

#bribery-and-kickbacks, #cyberattacks-and-hackers, #extortion-and-blackmail, #federal-bureau-of-investigation, #jbs-sa, #meat, #revil-hacking-group, #shutdowns-institutional

Man Pleads Guilty to Plotting to Bomb Amazon Data Center

Prosecutors said that Seth Aaron Pendley, 28, of Wichita Falls, Texas, had also boasted that he was at the Capitol on Jan. 6 when Trump supporters stormed the building.

#amazon-com-inc, #ashburn-va, #bombs-and-explosives, #computers-and-the-internet, #data-centers, #federal-bureau-of-investigation, #fort-worth-tex, #justice-department, #pendley-seth-aaron, #storming-of-the-us-capitol-jan-2021, #united-states-politics-and-government

Bitcoin Is Actually Traceable, Pipeline Investigation Shows

The F.B.I.’s recovery of Bitcoins paid in the Colonial Pipeline ransomware attack showed cryptocurrencies are not as hard to track as it might seem.

#banking-and-financial-institutions, #bitcoin-currency, #blockchain-technology, #colonial-pipeline-co, #computers-and-the-internet, #crime-and-criminals, #cyberattacks-and-hackers, #darkside-hacking-group, #extortion-and-blackmail, #federal-bureau-of-investigation, #justice-department, #search-and-seizure, #start-ups, #virtual-currency

Wisconsin Pharmacist Who Tampered With Vaccine Gets 3-Year Sentence

The pharmacist, Steven R. Brandenburg, believed in conspiracy theories and thought vaccines were dangerous, the authorities said.

#brandenburg-steven-1974, #conspiracy-theories, #coronavirus-2019-ncov, #drugs-pharmaceuticals, #federal-bureau-of-investigation, #food-and-drug-administration, #grafton-wis, #united-states, #vaccination-and-immunization, #wisconsin

Emma Coronel Aispuro Set to Plead Guilty to Helping Run Drug Empire

Emma Coronel Aispuro is scheduled to appear in court in Washington on Thursday to admit her role in her husband’s criminal activities.

#coronel-aispuro-emma, #drug-cartels, #federal-bureau-of-investigation, #guzman-loera-joaquin, #mexico, #prison-escapes, #sinaloa-cartel, #united-states-politics-and-government

Capitol Riot Security Failures Detailed in Senate Report

A 127-page joint report is the most comprehensive and detailed account to date on the intelligence, communications and policing failures around the Capitol riot.

#blunt-roy-d, #federal-bureau-of-investigation, #fringe-groups-and-movements, #homeland-security-department, #klobuchar-amy, #peters-gary, #portman-rob, #senate-committee-on-homeland-security-and-governmental-affairs, #storming-of-the-us-capitol-jan-2021, #trump-donald-j, #united-states-capitol-police, #united-states-politics-and-government

Hundreds Arrested in Global Sting Using App Run by F.B.I.

Global law enforcement officials revealed a three-year operation in which they said they had intercepted over 20 million messages. Hundreds of arrests were made in more than a dozen countries.

#australia, #europe, #europol, #federal-bureau-of-investigation, #informers, #organized-crime, #united-states

‘Does Anybody Have a Plan?’ Senate Report Details Jan. 6 Security Failures.

A 127-page joint report is the most comprehensive and detailed account to date on the intelligence, communications and policing failures around the Capitol riot.

#blunt-roy-d, #federal-bureau-of-investigation, #fringe-groups-and-movements, #homeland-security-department, #klobuchar-amy, #peters-gary, #portman-rob, #senate-committee-on-homeland-security-and-governmental-affairs, #storming-of-the-us-capitol-jan-2021, #trump-donald-j, #united-states-capitol-police, #united-states-politics-and-government

Who is Hacking the U.S. Economy?

In the past few weeks, cyberattacks have taken major industries hostage. Who are the perpetrators and why are the infiltrations becoming so common?

#audio-neutral-informative, #computers-and-the-internet, #cyberattacks-and-hackers, #darkside-hacking-group, #east-coast-us, #extortion-and-blackmail, #federal-bureau-of-investigation, #pipelines, #russia, #united-states-politics-and-government

U.S. Seizes Share of Ransom From Hackers in Colonial Pipeline Attack

Investigators traced 75 Bitcoins worth more than $4 million through nearly two dozen cryptocurrency accounts.

#biden-joseph-r-jr, #bitcoin-currency, #colonial-pipeline-co, #cyberattacks-and-hackers, #cyberwarfare-and-defense, #darkside-hacking-group, #extortion-and-blackmail, #federal-bureau-of-investigation, #justice-department, #revil-hacking-group, #russia, #shutdowns-institutional, #united-states-politics-and-government, #virtual-currency

F.B.I. Director Compares Ransomware Danger to 9/11 Threat

The Biden administration is taking steps to counter the growing threat of cyberattacks on U.S. businesses, and encouraging companies to do more to protect themselves.

#colonial-pipeline-co, #computer-security, #cyberattacks-and-hackers, #cyberwarfare-and-defense, #extortion-and-blackmail, #federal-bureau-of-investigation, #jbs-sa, #wall-street-journal

Giuliani and Prosecutors Agree on Former Judge to Review Seized Materials

Barbara S. Jones conducted a similar screening during the investigation into Michael D. Cohen.

#bracewellgiuliani, #federal-bureau-of-investigation, #giuliani-rudolph-w, #jones-barbara-s, #manhattan-nyc, #presidential-election-of-2020

Trump Administration Secretly Seized Phone Records of Times Reporters

The admission by the Biden Justice Department followed similar recent disclosures to The Washington Post and CNN.

#biden-joseph-r-jr, #classified-information-and-state-secrets, #cnn, #comey-james-b, #federal-bureau-of-investigation, #justice-department, #new-york-times, #newspapers, #trump-donald-j, #united-states-politics-and-government, #washington-post

The FISA Court’s Unnecessary Secrecy

Many of the decisions of the Foreign Intelligence Surveillance Court have not seen the light of day. That’s irreconcilable with the Constitution.

#american-civil-liberties-union, #constitution-us, #espionage-and-intelligence-services, #federal-bureau-of-investigation, #first-amendment-us-constitution, #foreign-intelligence-surveillance-court, #freedom-of-speech-and-expression, #privacy, #suits-and-litigation-civil, #supreme-court-us, #surveillance-of-citizens-by-government, #united-states, #united-states-politics-and-government, #usa-freedom-act, #usa-patriot-act

Retired FBI Agent Is Accused of Swindling Woman Out of $800,000

The former agent told the woman she was on “secret probation” over drug crimes and at one point proposed marriage, federal prosecutors said.

#austin-tex, #dallas-tex, #drug-enforcement-administration, #federal-bureau-of-investigation, #frauds-and-swindling, #granbury-tex, #inspectors-general, #justice-department, #texas, #united-states

Prosecutors Investigating Whether Ukrainians Meddled in 2020 Election

The Brooklyn federal inquiry has examined whether former and current Ukrainian officials tried to interfere in the election, including funneling misleading information through Rudolph W. Giuliani.

#artemenko-andrii-v, #biden-joseph-r-jr, #brooklyn-nyc, #derkach-andriy, #federal-bureau-of-investigation, #foreign-agents-registration-act, #frauds-and-swindling, #giuliani-rudolph-w, #impeachment, #kyiv-ukraine, #mueller-robert-s-iii, #politics-and-government, #presidential-election-of-2016, #presidential-election-of-2020, #russian-interference-in-2016-us-elections-and-ties-to-trump-associates, #telizhenko-andrii, #trump-ukraine-whistle-blower-complaint-and-impeachment-inquiry, #united-states-international-relations

Asian Homeowners Were Targeted in Burglary Ring, Prosecutors Say

Eight men were charged in federal court with burglarizing 50 homes in four states after identifying the residents as Asian.

#clark-james-b-jr, #federal-bureau-of-investigation, #new-jersey, #robberies-and-thefts, #university-of-pittsburgh

Burglary Ring Targeted 50 Asian Homeowners, Prosecutors Say

Eight men were charged in federal court with burglarizing 50 homes in four states after identifying the residents as Asian.

#clark-james-b-jr, #federal-bureau-of-investigation, #new-jersey, #robberies-and-thefts, #university-of-pittsburgh