| Welcome to The Cybersecurity 202! Consider this your public service announcement that holiday travelers can carry ricotta-filled cannoli through airport security, but not cannoli shells with the filling in a separate piping bag. Below: Trump allies and conspiracy theorists are seeking election jobs across the country, and a Chinese province is planning a surveillance system for journalists. | Russia is harboring hackers wanted by the United States |  FBI Director Christopher Wray discussing actions against hackers. Mandatory Credit: Photo by SHAWN THEW/EPA-EFE/Shutterstock | | | Yevgeniy Polyanin is wanted by the U.S. government in connection with some of the most damaging ransomware attacks ever to strike U.S. companies. But that hasn't crimped his lifestyle. The 28-year-old member of the REvil hacking gang is driving a $74,000 Toyota Land Cruiser and living in a trendy housing complex in the Russian city of Barnaul, the British tabloid newspaper the Daily Mail reported. He's living at ease without apparent fear of being arrested by Russian law enforcement, the Daily Mail reported, visiting his mother, neighbors and friends. Polyanin's wife recently launched a business selling novelty cakes online — some of them erotic. | | The story underscores a major roadblock to U.S. efforts to curb a barrage of ransomware attacks: The Russian hackers responsible for those attacks, which lock up victims' computers until they pay a ransom, are still profiting handsomely and face few consequences so long as they remain on Russian soil. |  A handout from the FBI shows a wanted poster for Polyanin, who has been indicted in connection with a series of ransomware attacks. (FBI/AFP/Getty Images) | | | During a June summit, President Biden pressed Russian President Vladimir Putin to crack down on cybercriminals operating in Russian territory. But there's no evidence Putin has taken the demands seriously. | | | | ADVERTISEMENT | | Content from Darktrace | | Cyber Security: A New Era of Threat |  | | Cyber-criminals are outsmarting human security teams. But with Darktrace, organizations can regain the upper hand, using Self-Learning AI that autonomously interrupts novel threats, without disrupting day-to-day business. | | | |  | | | | | That's left the Justice Department to do what it can without Russian cooperation. But a series of aggressive moves against Polyanin and his crew haven't seemed to do the trick. | - The department indicted Polyanin earlier this month and orchestrated arrests of three REvil hackers who were located outside of Russia.
- The department seized more than $6 million from bitcoin accounts linked to ransoms paid to Polyanin.
- The State Department added REvil to a bounty program that offers up to $10 million for information leading to the identification or location of its leaders.
| | Polyanin is an extremely prolific hacker. He's responsible for roughly 2,500 ransomware attacks where REvil demanded a total of $767 million from victims, according to the indictment. In addition to the Kaseya hack, REvil was behind a blockbuster hack against the meat processor JBS that resulted in an $11 million ransom. But his lifestyle is nothing compared to the luxurious standards set by some of his Russian hacker brethren. Consider the hacking group Evil Corp.: U.S. and United Kingdom indictments against the group in 2019 revealed a smorgasbord of excess, including Evil Corp leader Maksim Yakubets racing Lamborghinis, flashing stacks of cash and playing with a lion cub. Yakubets's lavish wedding cost more than $325,000, according to the U.K.'s National Crime Agency. The aggressive moves against hackers are part of a multi-prong effort by the Biden administration to limit the damage from ransomware. The administration is also working to limit hackers' ability to transfer large ransoms using cryptocurrency and urging allies to join the United States in law enforcement actions against hacking groups. The most challenging prong of the administration's strategy is raising the cyber protections of companies in vital sectors that could damage the economy or national security if they were hacked. Government agencies have mandated that a handful of industries alert the government if they're hacked, but mostly stopped short of more aggressive cyber mandates. | | |  | The keys | | Trump allies are using false claims of election interference to seek election jobs across the country |  One activist shared an IT job posting in the office of Colorado Secretary of State Jena Griswold (D). (David Zalubowski/AP) | | | They've launched a nationwide effort to replace poll watchers, precinct judges, county clerks and attorneys general, Amy Gardner, Tom Hamburger and Josh Dawsey report. The effort comes a year after Trump pressured state and local officials to overturn the results of the 2020 presidential election by claiming without evidence it was rigged against him. | | The push includes IT jobs, which have cybersecurity implications. In Colorado, activist Barb Crossman, a member of a Telegram channel called "Colorado Election Audit News," shared a job listing for an "IT Technical Project Manager" position in the office of Colorado Secretary of State Jena Griswold (D). Crossman declined to comment on the position. Griswold is "aware that election conspiracists are encouraging people to apply for jobs in our office," she told my colleagues. But she says there are safeguards — like background checks, references and high levels of skill and expertise — that help screen out those applicants. The nationwide effort is aimed at casting doubt on future elections, Griswold said. "The attacks right now are no longer about 2020," she said. "They're about 2022 and 2024. It's about chipping away at confidence and chipping away at the reality of safe and secure elections. And the next time there's a close election, it will be easier to achieve their goals. That's what this is all about." A Trump spokesman did not respond to a request for comment. | China's third most populous province planned a surveillance system |  China's government has for years expanded its facial recognition systems. (Gilles Sabrie/Bloomberg) | | | Officials in China's Henan province awarded a contract for a system that promised to connect 3,000 facial recognition cameras with government databases to assemble files on people of interest, Reuters reports. The system is intended to target journalists, international students and "suspicious people." Chinese tech company Neusoft was awarded the contract in September and was required to complete the system within two months of signing the contract. It's not clear if the system is operational. Neusoft and the Henan provincial government didn't respond to requests for comment from Reuters. Though China's government has for years expanded the country's facial recognition systems, experts say this contract is different. "While the [People's Republic of China] has a documented history of detaining and punishing journalists for doing their jobs, this document illustrates the first known instance of the PRC building custom security technology to streamline state suppression of journalists," Donald Maye, the head of operations of surveillance research firm IPVM, told Reuters. | A U.K. regulator wants to fine facial recognition firm Clearview AI nearly $23 million | | The firm, whose facial recognition system is built off images from social media websites, "appears to have failed to comply with UK data protection laws in several ways," the Information Commissioner's Office (ICO) said. But whether the "preliminary sanction will go the distance and turn into an actual fine and data processing cessation order against Clearview remains to be seen," TechCrunch's Natasha Lomas writes. The ICO expects to make a final decision on the issue in mid-2022. | | The regulator alleged that Clearview AI does not: | - Process U.K. citizens' data in a fair or predictable process
- Have a lawful reason to collect their data
- Have a way to ensure that data isn't stored indefinitely
| | Clearview AI disputes the allegations. CEO Hoan Ton-That is "deeply disappointed that the UK Information Commissioner has misinterpreted my technology and intentions," the company told TechCrunch. The company only uses "public data from the open Internet" and complies with "all standards of privacy and law," he said. The company is "considering an appeal and further action," Kelly Hagedorn, an attorney working for the firm, told TechCrunch. | | |  | Chat room | | | There haven't been any national-security shaking ransomware attacks in a while, but the attacks are still crushing smaller victims. Recorded Future Director of Threat Intelligence Allan Liska: | | |  | Government scan | | CISA Director Jen Easterly penned an op-ed calling for Americans to be vigilant on Cyber Monday | | Her advice is good all other days of the year as well. Easterly urged CNN readers to: | - Install updates on devices
- Turn on multi-factor authentication
- Be on the lookout for phishing emails
| | Easterly's op-ed came halfway through CISA's rollout of its 12-day cybersecurity carol: | | |  | Industry report | | Alan Paller, who died this month, was an early advocate for cybersecurity regulations |  Alan Paller worked to build a cybersecurity talent pipeline and called for the public and private sectors to adopt cybersecurity standards. (John Bright/The Washington Post) | | | Paller, who died Nov. 9, "combined idealism with a cut-to-the-chase pragmatism," my colleague Ellen Nakashima writes in an obituary. Paller sounded the alarm about cyberthreats and was an early advocate for government-imposed cybersecurity regulations, Ellen writes. The New York Times's Nicole Perlroth also wrote an obituary of Paller. | | |  | Privacy patch | | FBI search warrants let agents guess how to unlock devices | | Recent warrants have language that allows agents to "compel the subject [of the warrant] to provide biometric features, including pressing fingers (including thumbs) against and/or putting a face before the sensor, or any other security feature requiring biometric recognition," Forbes's Thomas Brewster reports. They stop short of allowing agents to force people to reveal which biometric feature will unlock the device, Brewster reports. | | |  | Global cyberspace | | | |  | Cyber insecurity | | | |  | Hill happenings | | | |  | Daybook | | - The Senate Homeland Security Committee hosts a roundtable discussion on changes to the FedRAMP cloud security program today at 2:30 p.m.
- Technologist Matt Devost discusses his behind-the-scenes experience on the film "Blackhat" at a Columbia University School of International and Public Affairs event today at 7 p.m.
- State Department Deputy Coordinator for Cyber Issues Michele Markoff discusses cyber norms at a Columbia University School of International and Public Affairs event on Wednesday at noon.
- The House Transportation Committee holds a cybersecurity hearing on Thursday at 10 a.m.
- The House Science Committee holds a hearing on microelectronics on Thursday at 10 a.m.
- Markoff and Amb. Andrey Krutskikh, who leads the Russian foreign ministry's international information security department, speak at a United Nations Institute for Disarmament Research conference on Friday at 11 a.m.
- Robert Cardillo, the former director of the National Geospatial-Intelligence Agency, speaks at a Center for Strategic and International Studies event on open-source intelligence on Friday at 2 p.m.
| | |  | Secure log off | | | Thanks for reading. See you tomorrow. | | |
No comments:
Post a Comment