Search Results for “The Hill”


August 23, 2019
Maggie Miller / The Hill

Maggie Miller / The Hill  
CISA Chief Says How Federal Civilian Agencies Manage Cyber Risks Is ‘Unsustainable,’ Outlines Shift to Shared Services Model

The current model of how federal civilian agencies manage cyber risks, which tasks all federal agencies with taking care of their own cybersecurity risks, is “unsustainable” and will change dramatically in the next five years, with some agencies embracing shared services, Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) said in a presentation at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. There may be a completely different architecture for that protection across the 99 federal civilian agencies CISA is responsible for advising, Krebs said.  He also spelled out other key priorities for the agency including election security and the “persistent threat” posed by China, among other goals, outlined in a strategic intent document the Department released this week.

August 2, 2019
Jack Stubbs / Reuters

Jack Stubbs / Reuters  
Facebook Takes Down More Than 350 Accounts and Pages With 1.4 Million Followers in Propaganda Operation Tied to Saudi Government

In its ongoing efforts to combat “coordinated inauthentic behavior,” Facebook said it had suspended more than 350 accounts and pages with about 1.4 million followers connected to the government of Saudi Arabia, the company. The accounts and pages promoted state propaganda and attacked regional rivals, primarily targeting countries in the Middle East and North Africa, including Qatar, the UAE, Egypt Palestine, the first such network tied to the Saudi government on Facebook. The operation created accounts to look like local news operations and spent $100,000 on Facebook advertising. The Saudi government denies any involvement in the operation.

Related: SecurityWeek, CNN.com, The Hill: Cybersecurity, Tech Insider, Ad Week, Facebook Newsroom, Mashable, iTnews – Security, EJ Insight, Reuters, Ad Week, Digital Trends, The Hill, Cyberscoop, Daily Beast, Al Jazeera


September 25, 2019
Maggie Miller / The Hill

Maggie Miller / The Hill  
U.S. Signs Joint Statement on Advancing Responsible State Behavior in Cyberspace, Twenty-Seven Countries Agree to Work Together to Hold States Accountable for Bad Behavior

As part of the United National General Assembly, the United States joined 26 other mostly European countries in signing a fairly general joint resolution aimed at advancing responsible state behavior in cyberspace. The statement affirmed the “international rules-based order” in cyberspace, including the protection of human rights both online and offline. One essential part of the resolution states that when “necessary, we will work together on a voluntary basis to hold states accountable when they act contrary to this framework, including by taking measures that are transparent and consistent with international law. There must be consequences for bad behavior in cyberspace.”

Related: Infosecurity Magazine, Esseum, State Department, Circle ID, Meritalk, Forbes

Tweets:@StateDepartment @ericgeller @US2EU @UnderSecT @maurertim @MichaelOwensGA

Infosecurity Magazine: 27 Countries Sign Pledge to Play Nice Online
Esseum : 27 Countries Sign Pledge to Play Nice Online
State Department: Joint Statement on Advancing Responsible State Behavior in Cyberspace
Circle ID: Joint Statement on Advancing Responsible State Behavior in Cyberspace
Meritalk: U.S. and 26 Countries Release Joint Statement on Cybersecurity
Forbes: Russian Secret Weapon Against U.S. 2020 Election Revealed In New Cyberwarfare Report

@StateDepartment: Today, 26 countries joined the United States to sign a statement highlighting their joint commitment to ensuring greater accountability and stability in cyberspace at a ministerial meeting co-hosted by the United States, the @DutchMFA , and @DFAT . https://go.usa.gov/xVpV6 #UNGA74
@ericgeller: Fairly boilerplate joint statement here from the U.S. and 26 other countries after ministerial meeting on cyber norms:
@US2EU: Yesterday on the margins of #UNGA74, 2?6? countries joined the U.S. to sign a statement highlighting their joint commitment to ensuring greater accountability & stability in #cyberspace. Full text ????
@UnderSecT: Great conversation at the 2nd Ministerial on Advancing Responsible State Behavior in Cyberspace. The joint statement provides a compelling vision for how we can work together to achieve peace and security in cyberspace. #cyberdiplomacy
@maurertim: Not sure what’s new here except “When necessary, we’ll work together on a voluntary basis to hold states accountable...incl by taking measures that are transparent & consistent with internat law. There must be consequences for bad behavior in cyberspace”
@MichaelOwensGA: Twenty-seven countries have signed a joint agreement on what constitutes fair and foul play in cyberspace. It also condemns the actions of China and Russia. Here is the joint statement on Advancing Responsible State Behavior in Cybersecurity #CyberSecurity


August 22, 2019
Marc Cota-Robles and ABC7.com staff / ABC7 Los Angeles

Marc Cota-Robles and ABC7.com staff / ABC7 Los Angeles  
Federal Prosecutors Unveil 252-Count Indictment Against 80, Mostly Nigerian, People for “Massive Conspiracy” to Steal $40 Million Through Business Email Compromise, Romance and Other Fraud Schemes

After search warrants were executed at multiple locations across L.A. County, federal prosecutors announced a 252-count indictment that charges 80 people in the U.S. and Nigeria with participating in a “massive conspiracy to steal millions of dollars through a variety of fraud schemes.” The total illicit haul was around $40 million, prosecutors say. The defendants allegedly laundered the funds through a Los Angeles-based money laundering network and eleven of them were arrested in Southern California. Two defendants were already in federal custody while three others were taken into custody elsewhere in the U.S. The rest are believed to be abroad, mostly in Nigeria. According to the indictment, the accused used business email compromise frauds, romance scams and schemes targeting the elderly to defraud victims out of millions of dollars. The alleged co-conspirators contacted Valentine Iro, 31, of Carson, and Chukwudi Christogunus Igbokwe, 38, of Gardena, both Nigerian citizens, for bank and money-service accounts that could receive funds fraudulently obtained from victims.

Related: CBS Los Angeles, The Hill, DOJ (PDF), TechCrunch, Good Morning America, Daily Mail, iAfrikan, Al Jazeera


August 19, 2019
Kate Conger / New York Times

Kate Conger / New York Times  
Facebook and Twitter Delete Accounts Originating in China That Attempted to Sow Political Discord in Hong Kong and Undermine Protesters on the Ground

Facebook and Twitter accounts that originated in China acted in a coordinated fashion to deliberately and specifically attempt to sow political discord in Hong Kong and undermine the legitimacy and political positions of the protest movement on the ground the two social media giants said. The companies took down the accounts, the first such actions against accounts linked to disinformation in China although the removal of yet another coordinated state-backed disinformation campaign darkly hints that these kinds of propaganda campaigns are now the “new normal” and a permanent fixture during times of political turmoil. Many of the tweets were in English, indicating an effort to sway public opinion globally. Facebook said it eliminated seven pages, three Facebook Groups and five accounts involved in the disinformation campaign about Hong Kong protesters. Twitter deleted 936 accounts and said it would ban state-backed media from promoting tweets after China Daily and other state-backed publications placed ads on its service that suggested the protesters were sponsored by Western interests and were becoming violent.

Related: The Verge,  Global Voices, ZDNet Security, Lawfare , Tweets Influencers, Cyberscoop, AP Top News, TIME, TechCrunch, City A.M. – Technology, Facebook Newsroom, Zero HedgeFortune, The Hill: Cybersecurity, Global Times, Twitter, CNN.com, ABCNews.com, BBC News, Yahoo Finance, Bloomberg

Tweets:@TechCrunch @rj_gallagher

The Verge : Facebook and Twitter uncover Chinese trolls spreading doubts about Hong Kong protests
Global Voices: Mainland Chinese netizens face ‘pink terror’ of patriotic trolls amid Hong Kong protests
ZDNet Security: Twitter bans 936 accounts managed by the Chinese state, aimed at Hong Kong protests
Channel News Asia : China accused of using Twitter, Facebook against HK protests
Lawfare : Today’s Headlines and Commentary
Cyberscoop: Twitter, Facebook scrub coordinated activity targeting Hong Kong demonstrations
AP Top News: China lashes out at Taiwan over Hong Kong asylum offer
TIME: Chinese K-Pop Stars Voice Support for Beijing’s One-China Policy on Hong Kong
TechCrunch: Twitter says accounts linked to China tried to ‘sow political discord’ in Hong Kong
City A.M. – Technology: Twitter and Facebook shut down network of Hong Kong misinformation accounts linked to Chinese state
Facebook Newsroom: Removing Coordinated Inauthentic Behavior From China
Zero Hedge: Twitter, Facebook Shutter 100s Of Accounts Intended To “Sow Discord” In Hong Kong
Fortune: Chinese Pop Stars Publicly Back Beijing on Hong Kong
The Hill: Cybersecurity: Twitter, Facebook accuse China of misinformation targeting Hong Kong protests
Global Times : HK youth deceived by West
Ecns: HK government, police condemn Saturday’s illegal acts
Twitter: Information operations directed at Hong Kong
CNN.com: Twitter bans advertising from state-run media after detailing effort from Chinese accounts to undermine Hong Kong protestors
ABCNews.com: Facebook, Twitter remove accounts they say Chinese government was using to undermine in Hong Kong protests
BBC News: Hong Kong protests: Twitter and Facebook remove Chinese accounts
Yahoo Finance: Facebook and Twitter accuse China of disinformation campaign
Bloomberg: Twitter, Facebook Say China Used Fake Accounts to Target Hong Kong Protests

@TechCrunch: Twitter is blocked in China, but its state news agency is buying promoted tweets to portray Hong Kong protestors as violent https://tcrn.ch/2KImaoU by @catherineshu
@rj_gallagher: Here's one of the Chinese govt propaganda tweets Twitter promoted to its users. Contains a video describing Xinjiang camps as "vocational education & training centers" & attacks European politicians & media, whose "hands are in a way soiled with blood"


August 18, 2019
Trey Shaar / KUT

Trey Shaar / KUT  
Coordinated Ransomware Attack Hits At Least 23 Government Entities in Texas, State Mobilizes Emergency Management, Military Department, Texas A&M Cyber-Response and Security Operations Center

A coordinated ransomware attack has affected at least 23 local government entities in Texas, the Texas Department of Information Resources said, but would not specify which governments had been hit by the attack. The attack began on Friday morning. The department said the Texas Division of Emergency Management is coordinating support from other state agencies through the Texas State Operations Center at DPS headquarters in Austin. DIR said the Texas Military Department and the Texas A&M University Systems’ Cyber-Response and Security Operations Center teams are deploying resources to “the most critically impacted jurisdictions.”

Related: Stars and Stripes, MSSP Alert, Daily Mail, The Hill, DataBreaches.net, TexasDIR, Newsweek, Spectrum Local News, FOX News, Zero Hedge, ZDNet, BleepingComputer.com, Engadget, BBC News, CNET, Security Affairs, The Next Web, Infosecurity Magazine, IT Pro, SecurityWeek, Security Magazine, Forbes, Enterprise Times, Slashdot, SC Magazine, CNBC

Tweets:@TexasDIR @gossithedog @campuscodi @katefazzini

Stars and Stripes: Hackers breach 20 Texas government agencies in ransomware cyber attack
MSSP Alert: Texas Ransomware Attacks: 20 Government Entities Hit
Daily Mail: Texas is hit with ransomware attacks against at least 20 local governments
The Hill: Officials say at least 20 Texas government entities targeted in cyber attack
DataBreaches.net: Coordinated Ransomware Attack Hits at Least 20 Local Governments In Texas
TexasDIR: Ransomware Attack Hits Texas Government Entities
Newsweek: 20 Texas Cities Hit by Coordinated Ransomware Attack, State’s IT Department Says
Spectrum Local News : Cyber Attack Targets Texas Government Agencies – Spectrum News
FOX News: Ransomware attack cripples at least 20 local Texas agencies, state government says
Zero Hedge: Austin Slammed By Crippling Ransomware Attack
ZDNet: Over 20 Texas local governments hit in ‘coordinated ransomware attack’
BleepingComputer.com: ‘Coordinated Ransomware Attack’ in Texas Hits 23 Local Governments
Engadget: Ransomware attack in Texas targets local government agencies
BBC News: Texas government organisations hit by ransomware attack
CNET: Ransomware attack paralyzes 23 computer systems in Texas
Security Affairs: At least 23 Texas local governments targeted by coordinated ransomware attacks
The Next Web: 23 state agencies across Texas succumb to a ‘coordinated ransomware attack’
Infosecurity Magazine: Texas Ransomware Blitz: 23 Local Governments Affected
IT Pro: Texas government sites hit by coordinated ransomware attack
SecurityWeek: Ransomware Hits Texas Local Governments
Security Magazine: Ransomware Attack Hits 20 Local Texas Government Agencies
Forbes : Texas Cyber Attack Has Taken 23 Government Agencies Offline – Forbes
Enterprise Times: Ransomware hits 23 local government entities in Texas
Slashdot: Massive Ransomware Attack Hits 23 Local Texas Government Offices
SC Magazine: Ransomware attack hits mostly small, local Texas government orgs | SC Media
CNBC: Alarm in Texas as 23 towns hit by ‘coordinated’ ransomware attack

@TexasDIR: We are leading the response to a ransomware attack on at least 20 Texas local government entities. For more information, including #ransomware facts and cybersecurity tips see our attached guides and visit our website at https://dir.texas.gov/View-About-DIR/Article-Detail.aspx?id=206
@gossithedog: Oh dear, ZDnet has a source saying it’s ‘.jse files’ delivering. That’s ransomware tactics from 5 years ago, you shouldn’t be allowing JSE files through email and web proxies.
@campuscodi: 23 Texas local governments hit in 'coordinated ransomware attack'-infection blamed on ".JSE ransomware" -dropped by Nemucod??? -no ransom note -damage minimal -quick and impressive response from Texas authoritieshttps://zdnet.com/article/at-lea
@katefazzini: I will be updating this throughout the day as we learn more, but, I think more than most other attacks, this is one where we will really want to see attribution and a solid "why" behind the criminals' actions.


August 16, 2019
Katie Paul / Reuters

Katie Paul / Reuters  
Users Sue Facebook for Failing to Warn Them of Risks Tied to Single Sign-On Tool Which Led to the Theft of 29 Million Access Tokens

In a heavily redacted section of a filing in the U.S. District Court for the Northern District of California, Facebook users are suing the social media network over a 2018 data breach alleging the company failed to warn them about risks tied to its single sign-on tool, even though it protected its employees from those same risks. The lawsuit stems from Facebook’s worst-ever security breach last September when hackers stole login codes, or “access tokens,” that allowed them to access nearly 29 million accounts. The lawsuit combines several legal actions. In January, Judge William Alsup told Facebook he was willing to allow “bone-crushing discovery” in the case to uncover how much user data was stolen in connection with this litigation.

Kate Brumback / Associated Press

Kate Brumback / Associated Press  
Judge Bars Georgia From Using Insecure Paperless Touchscreen Voting Machines, Management System Beyond This Year

In a challenge to Georgia’s outdated voted system plagued with security vulnerabilities, U.S. District Judge Amy Totenberg ordered the state of Georgia from using its paperless touchscreen machines and election management system beyond this year. She also said the state must be ready to use hand-marked paper ballots if its new system isn’t in place for the March 24 presidential primary election. In late July, Georgia agreed to buy new voting machines from Denver-based Dominion Voting Systems that also print a paper record for each vote using a QR code. Voting activists contend that the new machines suffer from the same vulnerabilities as the old machines, although that issue was not before Totenberg in this specific challenge. Totenberg ordered election officials to develop a contingency plan in case the new system isn’t in place before the primary election. She also ordered a pilot of that contingency plan during elections this November and ordered state officials to develop a plan by January 3 to address errors and discrepancies in the state’s voter registration database.

August 13, 2019
Mary Clare Jalonick / Associated Press

Mary Clare Jalonick / Associated Press  
As Many as 16 Million People Will Vote on Paperless Voting Equipment in 2020, Raising Security Concerns Due to Lack of Auditability, Brennan Center

At least eight states will use some paperless voting systems in 2020, down from 14 in 2016, but still raising security concerns according to a report evaluating the state of the country’s election security published by the Brennan Center for Justice at NYU School of Law.  The Brennan Center estimates that as many as 12% of voters, or around 16 million people, will vote on paperless equipment in November 2020. Paperless voting machines are considered a check on any malicious digital election interference because they create a record that voters can review before casting their ballots and election workers can use to audit results.The report also finds that around a third of all local election jurisdictions were using voting machines that are at least a decade old, despite recommendations they be replaced after 10 years.