Search Results for “RAPHAEL SATTER”

April 17, 2020
Raphael Satter, Christopher Bing / Reuters

Raphael Satter, Christopher Bing / Reuters  
FBI Official Says That Foreign Government Hackers Have Broken Into Companies Conducting COVID-19 Treatment Research

FBI Deputy Assistant Director Tonya Ugoretz said that foreign government hackers have broken into companies conducting research into treatments for COVID-19. Ugoretz said during an online panel discussion hosted by the Aspen Institute that the bureau had recently seen state-backed hackers poking around a series of healthcare and research institutions and that hackers had often targeted the biopharmaceutical industry.

Related: Reddit – cybersecurity, Forbes, Security News | Tech TimesWashington Examiner, Daily Mail,, Silicon UK, Tickle The Wire,

March 23, 2020
Raphael Satter, Jack Stubbs, Christopher Bing / Reuters

Raphael Satter, Jack Stubbs, Christopher Bing / Reuters  
Hackers Tried to Break into World Health Organization as Agency Comes Under Two-Fold Increase in Cyberattacks

Elite hackers tried to break into the World Health Organization earlier this month, part of what a senior agency official said was a more than two-fold increase in cyberattacks. WHO Chief Information Security Officer Flavio Aggio said the identity of the hackers was unclear, and the effort was unsuccessful. Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, which tracks suspicious internet domain registration activity, brought the attempted WHO break-in to Reuters’ attention. He picked up on the activity around March 13 when a group of hackers he had been following activated a malicious site mimicking the WHO’s internal email system. The same malicious web infrastructure belonging to a hacking group known as DarkHotel had also been used to target other healthcare and humanitarian organizations in recent weeks, although it’s unclear if DarkHotel is connected to the WHO hacking.

Related:,, Slashdot, Boing Boing, The Hill: Cybersecurity, Business Insider

Tweets:@bing_chris @bing_chris @bing_chris @bing_chris

April 22, 2020
Raphael Satter / Reuters

Raphael Satter / Reuters  
Senators Ask CISA, Cyber Command to Consider ‘Defend Forward’ Hacking to Protect Against Cyberattacks on Health and Research Organizations

Democratic Senator Richard Blumenthal, Republican Senator Tom Cotton, and three other senators sent a letter to Christopher Krebs, who heads up DHS’ Cybersecurity and Infrastructure Security Agency (CISA), and General Paul Nakasone, director of the Department of Defense’s National Security Agency and head of the U.S. military’s Cyber Command, asking them to aggressively protect health and research organizations from potential hacking and other attacks during the coronavirus pandemic. The letter urges the officials to consider operations to “defend forward,” a phrase often used as a euphemism for proactive hacking in advance of attacks.

Jack Stubbs, Raphael Satter / Reuters

Jack Stubbs, Raphael Satter / Reuters  
Vietnam’s APT32 Has Tried to Compromise Email Accounts of China’s Ministry of Emergency Management, Government of Wuhan, Underscoring COVID-19’s Intelligence Priority

A Vietnamese government-backed hacking group known as APT32 has tried to compromise the personal and professional email accounts of staff at China’s Ministry of Emergency Management and the government of Wuhan, the Chinese city at the center of the global coronavirus pandemic, researchers at FireEye report. The attackers targeted a small group of people with emails that included tracking links to notify the hackers when they were opened and planned to send further emails with malicious attachments containing a virus called METALJACK that would give them access to their victims’ computers. FireEye’s Mandiant threat intelligence unit believes the attacks speak to the illness being an intelligence priority among nations.

Related: FireEye

Tweets:@jc_stubbs @razhael @cglyer @johnhulquist

May 13, 2020
Raphael Satter / Reuters

Raphael Satter / Reuters  
FBI and DHS Issue Official Warning That Chinese Hackers Are Targeting U.S. COVID-19 Research

As widely expected, the U.S. government warned that Chinese hackers are targeting healthcare research facilities and other institutions to gain access to COVID-19 research. The Federal Bureau of Investigation and the Department of Homeland Security said the FBI was investigating digital break-ins at U.S. organizations by China-linked “cyber actors” that it had monitored “attempting to identify and illicitly obtain valuable intellectual property (IP) and public health data related to vaccines, treatments, and testing from networks and personnel affiliated with COVID-19-related research.” Earlier this month, reports indicated that hackers targeted U.S. drugmaker Gilead Sciences, whose antiviral drug remdesivir is the only treatment so far proven to help COVID-19 patients. Earlier, reports stated that hackers had targeted the World Health Organization.

Related:, The Hill: Cybersecurity, ic3, ProPublica, Bloomberg, Task & Purpose, Slashdot, Techmeme,NBC News Top Stories, Cyberscoop, TechCrunch,Business Insider, – Politics,, Boing Boing, Politico, US-CERT Current Activity US warns of Chinese hackers targeting COVID-19 research orgs
The Hill: Cybersecurity: Officials warn Chinese hackers targeting groups developing coronavirus treatments
ic3 : People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations
ProPublica: Pence’s “Special Envoy” in Foreign Aid Office Sparked an Ethics Complaint Just Weeks After He Started His Job
Bloomberg: U.S. Warns That Chinese Hackers Are Targeting Virus Research
Task & Purpose: US accuses China-linked hackers of stealing COVID-19 vaccine research
Slashdot: US Warns That Chinese Hackers Are Targeting Virus Research
NBC News Top Stories: Feds warn that Chinese attempts to hack health-care, drug firms threaten U.S. COVID-19 response
Cyberscoop: U.S. accuses Chinese hackers of trying to steal coronavirus vaccine research
TechCrunch: FBI and DHS accuse Chinese hackers of targeting U.S. COVID-19 research
Business Insider: US federal agencies warn that Chinese hackers are targeting COVID-19 research on vaccines and treatments – Politics: US expected to officially warn China is launching cyberattacks to steal coronavirus research
Washington Examiner: US accuses Chinese hackers of attempting to steal coronavirus vaccine research
Boing Boing: FBI and DHS’s CISA warn China-backed hackers are targeting U.S. COVID-19 research
Politico: Feds warn Chinese hackers targeting U.S. coronavirus research
US-CERT Current Activity: CISA-FBI Joint Announcement on PRC Targeting of COVID-19 Research Organizations

April 1, 2019
Raphael Satter / Associated Press

Raphael Satter / Associated Press  
Victims of International Espionage Campaigns Are Almost Never Notified by the FBI, Inspector General

Advisory letters typically sent by the FBI to victims of cybercrime were almost never issued in “national security cyber cases,” according to an audit of the FBI’s Cyber Victim Notification Process conducted by the Justice Department’s Inspector General. The failure to notify these victims that they are victims of international espionage campaigns leaves them in the dark. Out-of-date guidelines were among the problems that kept American victims of foreign spies from getting timely advice, according to the audit report, and the FBI said agreed with the audit’s recommendation to strengthen its procedures.

April 17, 2019
Raphael Satter / Associated Press

Raphael Satter / Associated Press  
Mysterious Spy Sought to Unearth Evidence of Anti-Kaspersky Campaign by Meeting With Cybersecurity Experts

A mysterious man who called himself Lucas Lambert spent several months last year investigating critics of Kaspersky Lab, organizing at least four meetings with cybersecurity experts in London and New York, according to an AP investigation. In what appeared to be an undercover operation, Lambert met with Keir Giles, a Russia specialist with London’s Chatham House think tank and other experts and queried them about whether anyone had been paid to publicly undermine Kaspersky Lab. Kasperksy Lab has been embroiled in controversy and litigation in the U.S. and other countries over its possible ties to the Russian government. Lambert also targeted Michael Daniel, who served as former president Barack Obama’s cybersecurity czar. The operation appears linked to another operation carried out last year by Black Cube, an Israeli private intelligence firm, although Black Cube denies it conducted either operation. Kaspersky Lab denies any connection with Lambert.

May 14, 2019
Raphael Satter / Associated Press

Raphael Satter / Associated Press  
Iran-Linked ‘Endless Mayfly’ Ephemeral Disinformation Campaign Uses Inauthentic Websites, Internet Personas to Seed Fake News Stories

An Iran-linked, years-old, multilingual campaign aimed at seeding fake anti-Saudi, anti-Israel and anti-American stories via inauthentic websites and false personas, was discovered by Citizen Lab, based at the University of Toronto’s Munk School. John Scott-Railton and his colleagues at Citizen Lab identified 135 fake articles that were published as part of the campaign, dubbed “Endless Mayfly” because, like the short-lived insect, the bogus stories tended to disappear soon after they began to spread. The false and divisive stories were spread on websites that impersonate legitimate media outlets with the fake personas then using the articles to amplify them into social media conversations. Once the false content achieved social media dissemination, they were deleted, leading Citizen Lab to dub this kind of effort “ephemeral disinformation.” Endless Mayfly is still active although it has shifted its tactics.

August 27, 2018
Raphael Satter / Associated Press

Raphael Satter / Associated Press  
Russia’s Fancy Bear Hacking Group Targeted Ukraine’s Orthodox Christian Leaders, Other Religious Groups of Interest to the Kremlin

The hacking group Fancy Bear, also known by other names including APT 28, which is part of Russia’s military intelligence unit GRU, have spent years trying to steal the private correspondence of some of the world’s most senior Orthodox Christian figures, an analysis of security firm Secureworks’ data by the Associated Press reveals. Fancy Bear is most famously known for targeting the Democratic party during the 2016 presidential election. The targets of the Orthodox Christian hacking efforts include top aides to Ecumenical Patriarch Bartholomew I, a leader in the Eastern Orthodox Christian Church who claims the exclusive right to grant a “Tomos of Autocephaly,” or full ecclesiastic independence, sought by the Ukrainians as the country seeks a religious “divorce” from Russia. The malicious hackers’ religious targeting also included Muslims, Jews, and Catholics whose activities might conceivably be of interest to the Russian government.

October 29, 2019
Raphael Satter, Elizabeth Culliford / Reuters

Raphael Satter, Elizabeth Culliford / Reuters  
Facebook Sues NSO Group for Allegedly Hacking Users of Its WhatsApp Messaging Platform, Spyware Maker Accused of Targeting 1,400 WhatsApp Users

Facebook sued notorious Israeli cyber surveillance firm NSO Group, alleging it hacked users of its messaging platform WhatsApp earlier this year. In its lawsuit filed in the U.S. District Court in San Francisco, Facebook said the hacking spree targeted journalists, diplomats, human rights activists, political dissidents, senior government officials, and others. WhatsApp, also a plaintiff in the suit, said the attack exploited its video calling system to send surveillance malware to the mobile devices of many users. It said it believed 1,400 users were targeted. Facebook wants NSO barred from accessing or attempting to access WhatsApp and Facebook’s services and is seeking unspecified damages.

Related: Washington Post, New York Times, NewsBytes App, Channel News Asia, Daily Mail, Threatpost, France24, TechCrunchThe Hill: Cybersecurity, CNET News, The Guardian, The Register – Security, The Verge, The Citizen LabCyberscoop, Haaretz.comZDNet, Reuters, RAPPLER, Financial Times, Financial Times, Jerusalem Post,  SecurityWeek, The Korea Herald, Wall Street Journal, MashableSlashdot, CNBC, iTnews , RT News, Startups News | Tech News, Fortune, CBC, EJ InsightJapan Today, Channel News Asia, The Hacker News, New Yorker,, Ars Technica, The New Daily, Gizmodo, The Hill: Cybersecurity, TechCrunch, Technology Review, Wired

Tweets:@wcathcart @nicoleperlroth @billmarczak @HowellOneill @thegrugq @josephfcox @josephfcox @josephfcox @josephmenn @notdan @sarahfrier @profdeibert @bing_chris @RonanFarrow @iblametom @a_greenberg @razhael

Washington Post: Why WhatsApp is pushing back on NSO Group hacking
New York Times: WhatsApp Says Israeli Firm Used Its App in Spy Program
NewsBytes App: WhatsApp for iPhone gets group privacy controls and more features
Channel News Asia: WhatsApp sues Israel’s NSO for allegedly helping spies hack phones around the world
Daily Mail : WhatsApp sues Israeli firm that used messaging service to hijack phones
Threatpost : Facebook Sues NSO Group Over Alleged WhatsApp Hack
France24 : WhatsApp sues Israeli firm NSO over cyberespionage – FRANCE 24
TechCrunch : WhatsApp blames — and sues — mobile spyware maker NSO Group over its zero-day calling exploit
The Hill: Cybersecurity: Facebook sues Israeli cyber surveillance firm over WhatsApp hack
CNET News: Facebook sues surveillance company NSO Group over alleged WhatsApp hack – CNET
The Guardian: WhatsApp sues Israeli firm, accusing it of hacking activists’ phones
The Register – Security: WhatsApp slaps app hacker chaps on the rack for booby-trapped chat: NSO Group accused of illegal hacking by Facebook
The Verge : WhatsApp is suing an infamous spyware vendor for allegedly hacking its users
The Citizen Lab: NSO Group / Q Cyber Technologies: Over One Hundred New Abuse Cases
Cyberscoop: Facebook sues NSO Group for alleged WhatsApp hack
The Citizen Lab: NSO Group / Q Cyber Technologies: Over One Hundred New Abuse Cases Facebook sues Israel’s NSO Group over alleged WhatsApp hack
ZDNet: Facebook sues Israeli surveillance vendor over WhatsApp zero-day
Reuters: Facebook sues Israel’s NSO Group over alleged WhatsApp hack
RAPPLER: Facts about NSO Group, the Israeli firm accused of cyber espionage
Jerusalem Post: Facebook sues Israeli firm NSO over using WhatsApp to target human rights activists
Financial Times: WhatsApp hack led to targeting of 100 activists
SecurityWeek: WhatsApp Sues Israeli Firm NSO Over Cyberespionage
The Korea Herald: WhatsApp sues Israeli firm NSO over cyberespionage
Wall Street Journal: Facebook Sues Israel’s NSO Group Over Alleged WhatsApp Attack
Mashable: Facebook sues WhatsApp developer that allegedly put spyware on phones of journalists and political dissidents
Slashdot: Facebook Sues Israel’s NSO Group Over Alleged WhatsApp Hack
CNBC: Facebook sues Israeli cybersecurity company NSO and claims it helped hack WhatsApp
iTnews : Facebook sues Israel’s NSO Group over alleged WhatsApp hack
RT News: Protecting monopoly on spying? Facebook sues Israeli cyber firm for exploiting WhatsApp vulnerability
Startups News | Tech News: Top tech startup news for today, Tuesday, October 29, 2019
Fortune: Facebook Sues Israeli Company Over Alleged WhatsApp Malware Attack
CBC: WhatsApp sues Israeli surveillance firm over alleged cyber espionage
EJ Insight: WhatsApp sues Israel firm over govt hacking sprees
Japan Today: WhatsApp sues Israel’s NSO for allegedly helping spies hack phones around the world
Channel News Asia: WhatsApp sues Israel’s NSO for allegedly helping spies hack phones around the world
The Hacker News: Facebook Sues Israeli NSO Spyware Firm For Hacking WhatsApp Users
New Yorker: WhatsApp Sues an Israeli Tech Firm Whose Spyware Targeted Human-Rights Activists and Journalists Facebook sues Israeli company over WhatsApp spyware
Ars Technica: WhatsApp suit says Israeli spyware maker exploited its app to target 1,400 users
The New Daily: WhatsApp sues surveillance firm over spying
Gizmodo: Facebook Sues Shadowy Israeli Cyberweapons Firm NSO Group Over WhatsApp Malware
The Hill: Cybersecurity: Facebook sues Israeli cyber surveillance firm over WhatsApp hack
TechCrunch: WhatsApp blames — and sues — mobile spyware maker NSO Group over its zero-day calling exploit
Technology Review : WhatsApp is suing the world’s top hacking company
Wired: WhatsApp’s Case Against NSO Group Hinges on a Tricky Legal Argument

@wcathcart: Today @WhatsApp is taking a stand against the dangerous use of spyware. NSO Group claims they responsibly serve governments, but we found more than 100 human rights defenders and journalists targeted in an attack last May. This abuse must be stopped. …
@nicoleperlroth: NEW: In a first of its kind case, WhatsApp is suing NSO Group for abusing its product and human rights abuse after discovering 1400 WhatsApp users were targeted with NSO's spyware, including- no surprise here-- 100 journalists, human rights activists. …
@billmarczak: Some major new news about the WhatsApp "missed call" hack from May 2019: WhatsApp generated a list of 1,400 users who they suspect were hacked using the method, and they're suing NSO Group under CFAA. On their list? At least 100 members of civil society:
@HowellOneill: WhatsApp/Facebook says NSO targeted "1,400" phones and devices with "malware designed to infect with the purpose of conducting surveillance on specific WhatsApp users." Here's the complaint:
@thegrugq: 1400 attacks. “at least 100 ‘not obviously criminals’.” That means Facebook just blew 1300 counter terrorism and criminal investigations? Is that right? Cause that seems to be incredibly irresponsible. …
@josephfcox: Plenty of people have been asking for some evidence on how much tools like NSO are used in legitimate investigations. This data isn't perfect, but it's one of the best indicators yet that NSO etc is not as black and white as sometimes made out.
@josephfcox: The decision process of deciding to inform targets who perhaps aren't journalists, dissidents, etc, is... a thorny one at least. The approach of 'all users are users and deserve notification' may be pretty controversial here.
@josephfcox: NSO sells to some truly authoritarian clients. But 100 people in civil society out of 1,400 total impacted is less than 10%? That 10% is still serious abuse, but we do need to acknowledge that these tools are probably being used in legit investigations too …
@josephmenn: Why haven't there been more suits against for-profit hacking firms? Even when working mainly for governments, they are ongoing enterprises that often depend on criminal acts in jurisdictions where the end victims reside. Aren't there lawyers who would try to make something stick?
@notdan: Facebook doesnt give a shit the NSO was spying, they give a shit that NSO dragged the Facebook brand into a negative sentiment news cycle. EOF.
@sarahfrier: "At WhatsApp, we believe people have a fundamental right to privacy and that no one else should have access to your private conversations, not even us." WhatsApp, which is owned by Facebook, has a very different take on user data
@profdeibert: Over One Hundred New Abuse Cases involving NSO Group spyware by @citizenlab
@bing_chris: Good point here. The notification process must be complex to think through. Imagine the downstream effect a notification could have if the WhatsApp account belongs to a senior foreign leader. Will they retaliate? And will that retaliation be accurately aimed?
@RonanFarrow: Important news and also kind of a spoiler for Catch and Kill.
@iblametom: Devil's advocate question: If WhatsApp contacted 1,400 people hit by NSO attack to tell them they were likely targeted, would they've tipped off criminals that they were under surveillance?
@a_greenberg: I spoke to some cybersecurity lawyers about WhatsApp's lawsuit against NSO, and the challenges it might face as it tries to apply a hacking law usually used to protect a company's own computers to protecting its users instead: Noble, but complicated!
@razhael: #FF @TalBeerySec for tidbits about NSO employees allegedly losing access to their Facebook and Instagram accounts — presumably for TOS violations. Interesting wrinkle to this story out yesterday: