Tag Archive for: department

Pegasus spyware on State Department phones: What you need to know


smartphone surveillance graphic

Angela Lang/CNET

It’s a doozy of a case in digital spying. Security researchers have revealed evidence of attempted or successful installations of Pegasus, software made by Israel-based cybersecurity company NSO Group, on 37 phones belonging to activists, rights workers, journalists and businesspeople. They appear to have been targets of secret surveillance by software that’s intended to help governments pursue criminals and terrorists.

One of the most powerful objections to Pegasus came from the US government, and now one reason for the wrath could have emerged Friday: The spyware was found on the phones of at least nine State Department employees whom Apple notified about the hack, Reuters reported. The officials were either based in Uganda or involved in matters associated with the African country, but it’s unclear who hacked the phones, the report said, citing unnamed sources. The New York Times corroborated the report, saying at least 11 employees were affected.

Pegasus has been a politically explosive issue that’s put Israel under pressure from activists and from governments worried about misuse of the software. In November, the US federal government took much stronger action, blocking sale of US technology to NSO by putting the company on the government’s Entity List. NSO has suspended some countries’ Pegasus privileges but has sought to defend its software and controls it tries to place on its use. 

Apple sued NSO Group in November, seeking to bar the company’s software from being used on Apple devices, require NSO to locate and delete any private data its app collected, and disclose the…

Source…

Audit Finds OR Consumer, Business Services Department Needs Cybersecurity Improvements


(Salem, OR) — A new report finds the Oregon Department of Consumer and Business Services needs to improve cybersecurity safeguards. An audit by the Oregon Secretary of State finds the agency has failed to implement basic steps to protect the agency’s computer systems from hackers. Audits in 2016 and 2018 also found the problems and the most recent audit shows the agency still has work to do. In a response, the head of DCBS says they agree with the audit and they’ve formed an executive oversight committee to track compliance with the necessary steps to increase computer security.

Source…

Justice Department indicts two men over ransomware scheme : NPR


Attorney General Merrick Garland announced indictments against two men connected with ransomware attacks last summer.

Andrew Harnik/AP


hide caption

toggle caption

Andrew Harnik/AP

Attorney General Merrick Garland announced indictments against two men connected with ransomware attacks last summer.

Andrew Harnik/AP

The Justice Department says authorities have indicted two men in connection with a wave of ransomware attacks that, among other targets, shut down a meat processing company and an internet software provider earlier this year.

Attorney General Merrick Garland says one of the men, Yaroslav Vasinskyi, 22, a Ukrainian, was arrested when he traveled to Poland. The second man was identified as Yevgeniy Polyanin, a 28-year-old Russian. Garrick says the U.S. seized some $6.1 million from Polyanin.

Both men are said to be behind the REvil ransomware attacks that encrypt the data of companies and demand payments to unblock them.

Polyanin is believed to be abroad, the department says.

Garland asserted that the “U.S. government will continue to aggressively pursue the entire ransom ware ecosystem and increase our nations resilience to cyber threats.”

The Justice Department says that Vasinskyi was allegedly responsible for the July 2 ransomware attack against Kaseya, “which resulted in the encryption of data on computers of organizations around the world that used Kaseya software.”

It says that Vasinskyi and Polyanin are charged in separate indictments with conspiracy to commit fraud and related activity in connection with computers, substantive counts of…

Source…

New York Department Of Financial Services Questions Its Regulated Entities On Responses To And Lessons Learned From The SolarWinds Cyberattack – Technology


In December 2020, a cybersecurity company alerted the world to a
major cyberattack against the U.S. software development company,
SolarWinds, through the company’s Orion software product
(“SolarWinds Attack”). The SolarWinds Attack went
undetected for months, as it has been reported that the hackers
accessed the source code for Orion as early as March
2020.1 Orion is widely used by companies to manage
information technology resources, and according to SolarWinds Form
8-K filed with the Securities and Exchange Commission, SolarWinds
had 33,000 customers that were using Orion as of December 14,
2020.

It is alleged that the SolarWinds Attack was one part of a
widespread, sophisticated cyber espionage campaign by Russian
Foreign Intelligence Service actors which focused on stealing
sensitive information held by U.S. government agencies and
companies that use Orion.2 The hack was perpetuated
through SolarWinds sending its customers routine system software
updates.3 SolarWinds unknowingly sent out software
updates to its customers that included the hacked code that allowed
the hackers to have access to customer’s information technology
and install malware that helped them to spy on SolarWinds’
customers, including private companies and government entities,
thereby exposing up to 18,000 of its customers to the
cyberattack.

The New York Department of Financial Services (“DFS”)
alerted DFS-regulated entities of the SolarWinds Attack on December
18, 2020 through the “Supply Chain Compromise
Alert.”4 The Supply Chain Compromise Alert included
guidance from the U.S. Department of Homeland Security’s
Cybersecurity and Infrastructure Security Agency, SolarWinds, and
other sources, and reminded the regulated entities of their
obligations under the New York Cybersecurity Regulation
(“Cybersecurity Regulation”), adopted in 2017, which
requires DFS-regulated entities, including New York banks,
insurance companies and producers and other financial services
firms, to develop a comprehensive cybersecurity program, implement
specific cybersecurity controls, assess cybersecurity risks posed
by third-party service providers, and notify the DFS of
“cybersecurity…

Source…