Tag Archive for: FBI’s

FBI’s Chris Wray warns Chinese hackers preparing to attack US infrastructure ‘to induce panic’

/in


FBI Director Christopher Wray warned Thursday that a hacking group linked to the Chinese government is waiting for the right moment to “deal a devastating blow” to U.S. critical infrastructure.

Wray delivered a keynote speech at the Vanderbilt Summit on Modern Conflict and Emerging Threats in Nashville, and told national security and intelligence experts that the risks posed by the government of China to U.S. national and economic security are “upon us now.”

The director said a recent bureau investigation found that the Chinese government had gained illicit access to networks within America’s “critical telecommunications, energy, water, and other infrastructure sectors.”

“The PRC [People’s Republic of China] has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist,” Wray said — the FBI explained “these vital sectors—everything from water treatment facilities and energy grids to transportation and information technology—form the backbone of our society.”

“The fact is, the PRC’s targeting of our critical infrastructure is both broad and unrelenting,” he added. “It’s using that mass, those numbers, to give itself the ability to physically wreak havoc on our critical infrastructure at a time of its choosing,”

Wray said CCP-sponsored cyber actors “prepositioned” themselves to potentially mount cyber offenses against American energy companies in 2011—targeting 23 different pipeline operators, with Wray saying this helps understand current motivations.

“When one victim company set up a honeypot—essentially, a trap designed to look like a legitimate part of a computer network with decoy documents—it took the hackers all of 15 minutes to steal data related to the control and monitoring systems, while ignoring financial and business-related information, which suggests their goals were even more sinister than stealing a leg up economically,” he said.

The CCP also targeted critical infrastructure organizations through more…

Source…

FBI’s Qakbot operation opens door for more botnet takedowns

/in


The FBI’s recent takedown of the QakBot botnet sent shockwaves throughout the cybersecurity community when it was first announced last week. QakBot had become the malware of choice for dozens of hacking groups and ransomware outfits that used it to set the table for devastating attacks.

Since emerging in 2007 as a tool used to attack banks, the malware evolved into one of the most commonly-seen strains in the world, luring an ever-increasing number of machines into its powerful web of compromised devices. Justice Department officials said their access to the botnet’s control panel revealed it was harnessing the power of more than 700,000 machines, including over 200,000 in the U.S. alone.

But almost as interesting as the takedown was the way law enforcement agencies pulled off the disruption.

Senior FBI and Justice Department officials — who called it “the most significant technological and financial operation ever led by the Department of Justice against a botnet” — explained in a briefing that they managed to infiltrate the botnet’s infrastructure and take a range of actions to shut it down.

Using a court order, the law enforcement agencies deployed the botnet’s auto-updating feature against itself to send out a custom application that uninstalled QakBot and disabled the feature on devices in the U.S.

“It’s as if the boss gave the order, ‘leave this workplace and don’t come back,’” said John Hammond, principal security researcher at the cybersecurity intelligence firm Huntress.

Chester Wisniewski, field CTO of applied research at Sophos, said the tactic reminded him of NotPetya, where a software downloader feature was abused by Russian hackers to download malware instead of updates.

“Almost all modern botnets have auto update functionality and if you can gain control of the communications channels you can essentially make them self-destruct,” Wisniewski said. “If we start having success with that though, criminals could start using digital signatures to make this more difficult.”

Other botnets

The FBI and other law enforcement agencies have conducted similar operations in the past to take down botnet networks.

The FBI’s targeting of the…

Source…

I was FBI’s most wanted hacker ‘Mafiaboy’ – I’m now terrified cyber attacks can bring down entire CITIES

/in


A BORED teenager “broke the internet” in one of the most infamous hacking attacks of all time – turning him overnight into one of the world’s most wanted men.

Michael Calce was just 15 when he brought down the biggest sites on the web, became the target of an FBI manhunt, and landed himself in prison.

Michael Calce was the infamous hacker known as 'Mafiaboy'

2

Michael Calce was the infamous hacker known as ‘Mafiaboy’Credit: MICHAEL CALCE
As a 15-year-old he masterminded one of the worst cyberattacks America had ever seen

2

As a 15-year-old he masterminded one of the worst cyberattacks America had ever seenCredit: Getty

The teenager managed to temporarily topple some of the world’s largest websites, including Amazon, eBay and Yahoo!

Now 39-years-old, Michael told The Sun Online how since breaking the internet, he’s spent the rest of his life trying to protect it.

The former hacker turned cybersecurity chief warned the world is not ready for a new terrifying frontier in cyber-warfare, which “scares the living daylights” out of him.

The need for protection of online services is greater than ever, with so many critical services and systems dependent on the tech.

I was a hacker raided by FBI - US is going to throw the book at Pentagon leaker
Inside the internet underworld where nerds are paid thousands to become hackers

He warned that hackers now have the power to weaponize infrastructure against whole populations – something as simple as hacking into a water treatment centre could poison thousands.

“The shock factor of a missile hitting a power grid has an immediate effect,” Calce explains. “A hacker sitting behind a computer and shutting down the grid doesn’t have the same effect, but the reality is the same.”

These current threats, he says, are far more serious than his own “internet breaking” onslaught back in 2000.

Michael’s hack attack caused an estimated $1.2billion worth of damage and landed him in a youth prison for eight months.

But havoc-causing aside, he exposed just how weak and vulnerable those early years of the internet were.

In a little less than a few minutes, a talented kid playing around on his computer had sent America spiralling with the knowledge that a new frontier of warfare had arrived – cyberattacks. 

“Imagine you’re 15 years old, and the president of the United States is talking about you and saying that they’re looking for you,” he tells The Sun Online.

Michael, who went by the online alias of Mafiaboy, had become public enemy number one in North…

Source…

Hacking the Hackers: The FBI’s Takedown of the Hive Ransomware Gang

/in


The FBI is the lead agency tasked with investigating cybercrime, including defending hospitals and health systems from frequent cyberattacks. Hear the dramatic story of their recent takedown of the Hive ransomware gang, whose criminal enterprise threatened patient safety.

View Transcript
 

 

00;00;00;21 – 00;00;24;25
Tom Haederle
Defending hospitals and health systems from frequent cyber attacks is a battle largely fought in the shadows out of the public eye. And when the good guys score a big win, as the FBI recently did with its takedown of a criminal gang whose cyber mischief threaten caregivers and patients, some of the operational details must remain in the shadows. Nonetheless, the following is a great story, with a lesson for cybercriminals everywhere: mess with health care and you will pay.

 

 

00;00;25;04 – 00;01;03;18
Tom Haederle
Welcome to Advancing Health, a podcast from the American Hospital Association. I’m Tom Haederle with AHA Communications, The HIVE Ransomware gang operated by what law enforcement calls a double extortion model. That is, it had two very effective ways to extort money from hospitals and health systems, and if one didn’t work, it would just switch to the other.

00;01;03;29 – 00;01;25;00
Tom Haederle
How the FBI put a stop to this is the subject of today’s podcast. The story is told by an FBI supervisor in charge of the HIVE investigation, in conversation with John Riggi AHA’s national advisor for Cybersecurity and Risk. John knows the FBI in these types of cases well, having spent nearly 30 years at the FBI. John, over to you.

00;01;25;27 – 00;01;50;25
John Riggi
Thanks, Tom. Great to be here again with you and all our listeners. This again is John Riggi, your national advisor for Cybersecurity and Risk. And what a special episode we have today, an exclusive interview with the FBI supervisory special agent Justin Crenshaw, who will be here to give us an inside look at the HIVE ransomware gang takedown.

00;01;51;04 – 00;02;19;08
John Riggi
Really an extraordinary opportunity. And we certainly appreciate Justin and the FBI making themselves available to speak with us about this very, very important takedown concerning this ransomware gang, which had been targeting, among others, hospitals and health systems….

Source…