Jump to content

Search the Community

Showing results for tags 'doj'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station


  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions


  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 22 results

  1. DoJ says SolarWinds hackers breached its Office 365 system and read email Department discovered the intrusion 9 days after SolarWinds hack came to light. Enlarge Gregory Varnum 72 with 41 posters participating The US Justice Department has become the latest federal agency to say its network was breached in a long and wide-ranging hack campaign that’s believed to have been backed by the Russian government. In a terse statement issued Wednesday, Justice Department spokesman Marc Raimondi said that the breach wasn’t discovered until December 24, which is nine days after the hack campaign came to light. The hackers, Raimondi said, took control of the department’s Office 365 system and accessed email sent or received from about 3 percent of accounts. The department has more than 100,000 employees. Investigators believe the campaign started when the hackers took control of the software distribution platform of SolarWinds, an Austin, Texas-based maker of network management software that’s used by hundreds of thousands of organizations. The attackers then pushed out a malicious update that was installed by about 18,000 of those customers. Only a fraction of the 18,000 customers received a follow-on attack that used the backdoored SolarWinds software to view, delete, or alter data stored on those networks. So far, about a half-dozen federal agencies have said they were among those singled out. Private companies including Microsoft and security firm FireEye have also said they were part of this group. On Tuesday, officials with the National Security Agency, FBI, Cybersecurity and Infrastructure Security Agency, and Office of the Director of National Intelligence issued a joint statement saying that the Kremlin was ”likely” behind the hack, which began no later than October 2019. Wednesday’s statement said that investigators have no indication that the department’s classified network has been breached. While that’s good news, sensitive information routinely flows through non-classified systems. A second software maker investigated While SolarWinds software has been widely suspected as the initial way hackers got in, The New York Times on Wednesday reported that investigators are examining the role another software supplier, JetBrains, may have played. The company, which was founded by three Russian engineers in the Czech Republic, makes a tool called TeamCity that helps developers test and manage software code. TeamCity is used by developers at 300,000 organizations, including SolarWinds and 79 of the Fortune 100 companies. The Wall Street Journal reported that investigators believe the hackers gained access to a TeamCity server used by SolarWinds but that it was unclear how the system was accessed. In a statement, JetBrains co-CEO Maxim Shafirov said it hasn’t been contacted by SolarWinds or any government agency about any role TeamCity may have played. DoJ says SolarWinds hackers breached its Office 365 system and read email
  2. The antitrust pressure against both companies may increase early next year. It’s only been a few months since the US Department of Justice filed an antitrust lawsuit against Google, but it sounds legal battles are on the horizon. According to The Wall Street Journal, both federal and state antitrust authorities will be filing new lawsuits against Google and Facebook. This would mark the first time that Facebook has been sued by the government on antitrust grounds. Google has made plenty of statements in the past defending its practices, essentially saying that consumers aren’t forced to use Google products and services and that they exist as part of a competitive technology marketplace. Broadly speaking, the case against Google is that it uses its dominance in search and search advertising to box out potential competitors; among its tactics is paying to have Android phone manufacturers set Google search as default and pre-loading devices with Google apps. The company also pays to have Google set as the default search engine on the iPhone, as well. A potential case against Facebook would likely delve into whether the company abuses its position to stifle competition or puts user data at risk — the former claim will likely take a close look at the company’s acquisitions of Instagram and WhatsApp. While these new cases may not be filed until early January, Google is already preparing to battle the antitrust suit filed in October, and the FTC could file charges against Facebook quite soon as well. Reports indicated an FTC suit could arrive by late November, but that timeline seems unlikely at this point. But there’s no doubt that Facebook will soon come under close scrutiny, especially when you consider that President-elect Joe Biden has made it clear that he has issues with Facebook’s propensity for spreading fake news. Source
  3. It seems that the Department of Justice has thoughts on whether Netflix movies should be eligible for Oscars. Variety reports that the DOJ has sent the Academy of Motion Picture Arts and Sciences a letter expressing concern about potential changes to the eligibility requirements for the awards. Why is this something the DOJ would worry about? Apparently the letter says, “In the event that the Academy — an association that includes multiple competitors in its membership — establishes certain eligibility requirements for the Oscars that eliminate competition without procompetitive justification, such conduct may raise antitrust concerns.” This comes after Netflix’s “Roma” was seen as a frontrunner for this year’s Best Picture award. And although it ultimately lost out to “Green Book,” the movie still took home Oscars for Best Director, Best Foreign Language Film and Best Cinematography. Director Steven Spielberg is reportedly pushing for changes to the Oscar rules, perhaps by creating a requirement that movies play exclusively in theaters for four weeks in order to be eligible. Spielberg hasn’t said anything publicly about these reports, and movie executive Jeffrey Katzenberg claimed that Spielberg told him, “I absolutely did not say that.” But it’s spurred a broader discussion about Netflix’s impact on the film business, and seems to have prompted Netflix to declare in a tweet, “We love cinema” — while also highlighting some of the ways the service makes movies more accessible. Variety says the Academy confirmed that it has received a letter. (Update: The Academy has confirmed this to us as well.) Its Board of Governors will hold its annual award rules meeting on April 23. We’ve reached out to the DOJ for comment and will update if we hear back. Source
  4. U.K. entrepreneur turned billionaire investor Mike Lynch has been charged with fraud in the U.S. over the 2011 sale of his enterprise software company. Lynch sold Autonomy, the big data company he founded back in 1996, to computer giant HP for around $11 billion some seven years ago. But within a year around three-quarters of the value of the business had been written off, with HP accusing Autonomy’s management of accounting misrepresentations and disclosure failures. Lynch has always rejected the allegations, and after HP sought to sue him in U.K. courts he countersued in 2015. Meanwhile, the U.K.’s own Serious Fraud Office dropped an investigation into the Autonomy sale in 2015 — finding “insufficient evidence for a realistic prospect of conviction.” But now the DoJ has filed charges in a San Francisco court, accusing Lynch and other senior Autonomy executives of making false statements that inflated the value of the company. They face 14 counts of conspiracy and fraud, according to Reuters — a charge that carries a maximum penalty of 20 years in prison. We’ve reached out to Lynch’s fund, Invoke Capital, for comment on the latest development. The BBC has obtained a statement from his lawyers, Chris Morvillo of Clifford Chance and Reid Weingarten of Steptoe & Johnson, which describes the indictment as “a travesty of justice,” The statement also claims Lynch is being made a scapegoat for HP’s failures, framing the allegations as a business dispute over the application of U.K. accounting standards. Two years ago we interviewed Lynch onstage at TechCrunch Disrupt London and he mocked the morass of allegations still swirling around the acquisition as “spin and bullshit.” Following the latest developments, the BBC reports that Lynch has stepped down as a scientific adviser to the U.K. government. “Dr. Lynch has decided to resign his membership of the CST [Council for Science and Technology] with immediate effect. We appreciate the valuable contribution he has made to the CST in recent years,” a government spokesperson told it. Source
  5. An HBO blackout in and of itself is notable since it’s never happened before in the network’s more than 40 years. But it could have deeper implications as AT&T plans to fight off a challenge to its Time Warner merger. Over the summer, Judge Richard Leon ruled that AT&T could proceed as planned with its $85 billion acquisition of Time Warner, and he placed no conditions on the deal. That decision flew in the face of the U.S. Justice Department’s attempt the block the transaction, a move that garnered support from rival pay TV providers like Dish Network. The DOJ has since filed to appeal that decision and oral arguments for that appeal are scheduled to take place Dec. 6. In the lead up to that court date, AT&T has a PR crisis on its hands. This week, HBO and Cinemax—both part of AT&T’s WarnerMedia—went dark on Dish Network and Sling TV. A war of words quickly erupted between Dish and HBO. Dish accused AT&T of using its new market power to shut out pay TV competitors (AT&T owns Dish satellite rival DirecTV) and harm consumers. "Plain and simple, the merger created for AT&T immense power over consumers," said Andy LeCuyer, senior vice president of programming at Dish, in a statement. "It seems AT&T is implementing a new strategy to shut off its recently acquired content from other distributors.” HBO countered, accusing Dish of being “extremely difficult” and not negotiating in good faith. “Past behavior shows that removing services from their customers is becoming all too common a negotiating tactic for them,” said HBO in a statement. Now WarnerMedia and the DOJ have weighed in on the impasse, which has affected a reported 2.5 million HBO subscribers on Dish Network. “This behavior, unfortunately, is consistent with what the Department of Justice predicted would result from the merger,” a DOJ representative told Reuters. “We are hopeful the Court of Appeals will correct the errors of the District Court.” WarnerMedia came back with an accusation that the DOJ-Dish collaboration that took place during the first attempt to block the Time Warner merger is continuing with Dish making the “tactical decision” to drop HBO. History seems to side with HBO in this argument. HBO has never gone dark on a distributor before and likely wouldn’t want to pull its service since it would instantly cost it every subscriber it has on a distributor’s platform. On the other hand, Dish has an extensive reputation for taking carriage disputes to the channel blackout stage. During the AT&T-Time Warner trial, AT&T’s lawyers dug up numerous comments Dish Network Chairman Charlie Ergen had made in the past regarding channel blackouts, including a quote about how “real negotiation starts when we go dark.” But HBO going dark on an AT&T competitor’s pay TV service just months after AT&T completed its acquisition and for the first time in HBO’s history certainly does look like the kind of issue the DOJ and opponents like Dish said might happen. Consumer group Public Knowledge echoed this sentiment, noting that AT&T has the incentive to black out popular channels like HBO on competitors since it could drive consumers to DirecTV. “In ruling against the DOJ, Judge Richard Leon dismissed this concern. While it is difficult from the outside to determine the different factors at play in any particular DOJ dispute, the circumstances suggest that the government's case was correct. This is another reason the DC Court of Appeals should reverse the decision allowing the merger,” said John Bergmayer, senior counsel at Public Knowledge, in a statement. For now, Dish is offering credits to affected subscribers and HBO is pointing people toward its direct-to-consumer services to help mitigate the initial fallout. But in the meantime, AT&T is facing a significant bump in the road and a big potential headache once the DOJ’s appeal officially kicks off next month. Source
  6. DOJ to approve T-Mobile/Sprint merger despite 13 states trying to block it DOJ could announce merger approval and related spinoff to Dish this week. Enlarge Getty Images | NurPhoto The Justice Department plans to approve the T-Mobile/Sprint merger as part of a settlement involving the sale of spectrum licenses, wholesale access, and a prepaid wireless business to Dish Network, The Wall Street Journal reported today. "The companies have spent weeks negotiating with antitrust enforcers and each other over the sale of assets to Dish to satisfy concerns that the more than $26 billion merger of the No. 3 and No. 4 wireless carriers by subscribers would hurt competition," the Journal wrote, citing people familiar with the matter. As a result of those negotiations, the DOJ is "poised to approve" the merger and could announce a settlement with T-Mobile and Sprint "as soon as this week, but the timing remains uncertain," the Journal wrote. Even if the DOJ approves the merger, T-Mobile and Sprint will still have to defend it in court because of a lawsuit filed against them by 13 states and the District of Columbia. Dish, the second-biggest satellite TV provider after AT&T's DirecTV, has been buying spectrum for years without ever launching cellular phone and data service. Previous reports about a settlement involving Dish said that Dish would get wholesale access to the T-Mobile/Sprint network, spectrum, and prepaid wireless carrier Boost Mobile. Boost is owned by Sprint and is a network reseller. Today's Journal report said the pending settlement "provides for Dish to acquire prepaid subscribers," but didn't say whether those will come from Boost. Boost's involvement seems likely, given that Federal Communications Commission Chairman Ajit Pai's approval of the T-Mobile/Sprint merger is contingent on the divestiture of Boost Mobile and a guarantee that Boost will have access to the T-Mobile/Sprint network. "Dish would also get a multiyear agreement to use the wireless companies' network while it builds dedicated infrastructure," the Journal wrote. The report didn't say how much spectrum Dish will get. Dish to pay $5 billion Bloomberg reported last night that Dish "agreed to pay $5 billion for wireless assets" in its deal with T-Mobile and Sprint. The deal includes $1.5 billion for prepaid mobile assets and $3.5 billion for spectrum licenses. "Under the terms of the deal, Dish can't sell the assets or hand over control of the agreement to a third party for three years," Bloomberg wrote. Dish becoming a major carrier could solve the problem caused by the T-Mobile/Sprint merger, that it would reduce the number of major nationwide competitors from four to three. But Dish has famously dragged its feet in using its assets to build a wireless network, with T-Mobile CEO John Legere calling Dish a spectrum hoarder in February of this year. Even under a best-case scenario presented by the settlement with the government, it sounds like it could take Dish several years to build its own network and become a major threat to AT&T, Verizon, and the combined T-Mobile/Sprint. Source: DOJ to approve T-Mobile/Sprint merger despite 13 states trying to block it (Ars Technica)
  7. Last week, Attorney General William Barr and FBI Director Christopher Wray chose to spend some of their time giving speeches demonizing encryption and calling for the creation of backdoors to allow the government access to encrypted data. You should not spend any of your time listening to them. Don’t be mistaken; the threat to encryption remains high. Australia and the United Kingdom already have laws in place that can enable those governments to undermine encryption, while other countries may follow. And it’s definitely dangerous when senior U.S. law enforcement officials talk about encryption the way Barr and Wray did. The reason to ignore these speeches is that DOJ and FBI have not proven themselves credible on this issue. Instead, they have a long track record of exaggeration and even false statements in support of their position. That should be a bar to convincing anyone—especially Congress—that government backdoors are a good idea. Barr expressed confidence in the tech sector’s “ingenuity” to design a backdoor for law enforcement that will stand up to any unauthorized access, paying no mind to the broad technical and academic consensus in the field that this risk is unavoidable. As the prominent cryptographer and Johns Hopkins University computer science professor Matt Green pointed out on Twitter, the Attorney General made sweeping, impossible-to-support claims that digital security would be largely unaffected by introducing new backdoors. Although Barr paid the barest lip service to the benefits of encryption—two sentences in a 4,000 word speech—he ignored numerous ways encryption protects us all, including preserving not just digital but physical security for the most vulnerable users. For all of Barr and Wray’s insistence that encryption poses a challenge to law enforcement, you might expect that that would be the one area where they’d have hard facts and statistics to back up their claims, but you’d be wrong. Both officials asserted it’s a massive problem, but they largely relied on impossible-to-fact-check stories and counterfactuals. If the problem is truly as big as they say, why can’t they provide more evidence? One answer is that prior attempts at proof just haven’t held up. Some prime examples of the government’s false claims about encryption arose out of the 2016 legal confrontation between Apple and the FBI following the San Bernardino attack. Then-FBI Director James Comey and others portrayed the encryption on Apple devices as an unbreakable lock that stood in the way of public safety and national security. In court and in Congress, these officials said they had no means of accessing an encrypted iPhone short of compelling Apple to reengineer its operating system to bypass key security features. But a later special inquiry by the DOJ Office of the Inspector General revealed that technical divisions within the FBI were already working with an outside vendor to unlock the phone even as the government pursued its legal battle with Apple. In other words, Comey’s statements to Congress and the press about the case—as well as sworn court declarations by other FBI officials—were untrue at the time they were made. Wray, Comey’s successor as FBI Director, has also engaged in considerable overstatement about law enforcement’s troubles with encryption. In congressional testimony and public speeches, Wray repeatedly pointed to almost 8,000 encrypted phones that he said were inaccessible to the FBI in 2017 alone. Last year, the Washington Post reported that this number was inflated due to a “programming error.” EFF filed a Freedom of Information Act request, seeking to understand the true nature of the hindrance encryption posed in these cases, but the government refused to produce any records. But in their speeches last week, neither Barr nor Wray acknowledged the government’s failure of candor during the Apple case or its aftermath. They didn’t mention the case at all. Instead, they ask us to turn the page and trust anew. You should refuse. Let’s hope Congress does too. Source: The EFF
  8. U.S. Senator Mark Warner is drafting a bill that would make companies like Facebook and Google inform users on the value of their data Billion-dollar industries are built around the collection, compilation and protection of consumers’ personal data — from social-media platforms to e-commerce sites to data brokers. While the federal government gears up for possible antitrust scrutiny on the data-driven business models of tech giants Facebook , Apple , Amazon and Google, there’s a twist: Many courts are still grappling with the basic question of whether someone’s data even has monetary value. The Wall Street Journal reported that the Justice Department is preparing an antitrust investigation into Alphabet Inc.’s Google . The House Judiciary Committee is launching a bipartisan investigation into a small number of “dominant and unregulated platforms,” the committee said in a statement on Monday. Some 2.5 quintillion bytes of data are created every day. If 2.5 quintillion pennies would be laid out flat, they would cover Earth five times, MarketWatch previously reported. Most of the data is harvested, stored and owned by large companies. When Facebook, Instagram and Twitter sell this data to advertising companies — in the form of billions of dollars a year in collective revenue — users get nothing in return except the free use of the social-media platform. However, Facebook log-ins can be sold for as little as $5.20 each on the “dark web” because they afford criminals access to personal data that could potentially provide a gateway to other accounts. The credentials to a PayPal account with a relatively high balance can be sold on the dark web for $247, on average, according to a report by content-marketing agency Fractl, which analyzed all the fraud-related listings on three large “dark web” marketplaces. The value of data to companies and hackers provides insight into the contradictions on how much that data is actually worth. The market is grappling with putting a price tag on your data, but the courts have yet to decide the value of that information. “It’s definitely up in the air,” said privacy-law expert William McGeveran, a professor of law at the University of Minnesota. He said the issue of how much your data is actually worth comes up most frequently when consumers sue companies and organizations for data breaches. If breach lawsuits survive initial hurdles, like whether plaintiffs have standing to sue, they settle before judges and juries can rule on big picture questions including the value of data, according to McGeveran’s research. “There’s literally zero cases that go to a jury,” he told MarketWatch. The question of how much a consumer’s data is worth is crucial because consumers can only claim they were harmed by something like a data breach if they lost something of value — in other words, if their data had economic value. From judges to lawmakers to academics, McGeveran said the big debate boils down to this question: “Are privacy invasions wrong just because? Or are they only wrong when something bad happens as a result?” Government lawyers will want to know any court consensus on the worth of someone’s data if they ever opt to file antitrust lawsuits and have to convince a judge that Big Tech needs a breakup. If there’s little legal agreement on the value of data in the privacy context, there’s even less case law on the value of personal data in antitrust matters, said Avery Gardiner, a senior fellow at the Center for Democracy & Technology. Consumers don’t spend any money to access sites like Google or Facebook, but monetary cost — or the lack of it — isn’t the only way to think about possible anticompetitive practices, she said. Stifled innovation and poor product quality could also be examples of anti-competitive practices, Gardiner said. But before any cases get filed, Gardiner said any investigation would have to follow the facts to determine whether consumers or competitors were harmed. “Big isn’t bad,” she said. “Anticompetitive is bad.” Indeed, the antitrust matters in the news might never turn into any cases at all. Facebook, Amazon, and Apple did not reply to a request for comment and a Google spokesman declined to comment. On Tuesday, Tim Cook, Apple’s CEO, told CBS News CBS, +0.00% that government scrutiny was fair, but “we are not a monopoly.” Judges and lawyers aren’t the only ones grappling with the value of data. Senator Mark Warner, a Democrat from Virginia, is drafting a bill that would make companies like Facebook and Google inform users about the value of their data. Rachel Cohen, a spokeswoman for Warner, said the senator is aiming to introduce the bill by the end of June. In California — where stiff privacy rules take effect in 2020 — Gov. Gavin Newsom, a Democrat, is calling for a “data dividend” that could make businesses pay consumers for the personal data they provide. Last September, hackers attacked Facebook and exposed the personal information of approximately 29 million users. Some Facebook users turned around and sued the site. In court papers to dismiss the case, Facebook’s lawyers said the vulnerability was quickly patched and the stolen information could have included “basic contact information” users had on their profile, and, in other cases, extra information like religious views and relationship status. The lawsuit “spins a speculative tale” of all the harm that could theoretically happen, lawyers for the social-media platform said when they asked the judge to dismiss the case. The plaintiffs didn’t “assert that such data was actually stolen from any Facebook user or that plaintiffs actually suffered any cognizable harm in the wake of the attack, let alone a harm traceable to Facebook’s conduct,” the lawyers said. The dismissal bid was “cynical,” according to the plaintiffs’ lawyers. They said Facebook denigrates the personally identifiable information it coaxes consumers to provide, but then monetizes that data to generate billions of dollars in revenue, asserting that this information lacks any value to hackers. The Northern District of California case is pending before Judge William Alsup. Cases like the one unfolding in federal court are happening “in a world of ambiguity,” according to Katharina Pistor, a professor of comparative law at Columbia Law School and director of the school’s Center on Global Legal Transformation. Pistor, author of “The Code of Capital: How the Law Creates Wealth and Inequality,” said, “We are still in a world with a degree of uncertainty as to how to legally categorize data.” She later added, “Tech companies have exploited uncertainty around the sort of questions on what data is, and whether data has economic value. They basically use this ambiguity to collect this data, capture it and claim it as their own.” McGeveran noted that America’s privacy laws are piecemeal, with the presumption that data collection is allowed if no rule says it isn’t. In Europe, it works the opposite way — there, data collection is forbidden unless it’s expressly allowed by law. And many other industrialized countries follow the European model, he said. “The U.S. is definitely unique in its approach,” he observed. European regulators have been taking action against the big tech companies now being scrutinized in America. For example, in less than two years, European antitrust regulators have fined Google over $9 billion in three sanctioning instances. The company is appealing all three. Like the legal value of data, Gardiner said there are also plenty of question marks over how to build a case busting up a monopoly. “Antitrust law is like reading tarot cards,” she said. “You’re trying to say what will happen in the future of this market. It’s a guessing game.” Source
  9. The DOJ, FBI, and US Air Force to contact victims infected with the Joanap malware. The US Department of Justice announced today an effort to take down Joanap, a botnet built and operated by North Korea's elite hacker units. Efforts to disrupt the botnet have been underway for several months already, based on a court order and search warrant that the DOJ obtained in October 2018. Based on these court documents, the FBI's Los Angeles Field Office and the US Air Force Office of Special Investigations (AFOSI) have been operating servers mimicking infected computers part of the botnet, and silently mapping other infected hosts. This was possible because of the way the Joanap botnet was built, relying on a peer-to-peer (P2P) communications system where infected hosts relay commands introduced in the botnet's network from one to another, instead of reporting to one central command-and-control server. Now, after months of mapping fellow infected hosts, the DOJ says it plans to notify victims, directly and through their internet service providers, in an effort to have these systems disinfected, and indirectly disrupt one of North Korea's oldest cyber-weapons. The DOJ's effort today is a natural step in its process of countering the North Korean cyber threat after last fall US authorities charged a man they believed was part of North Korea's hacking units. The Joanap botnet is one of the tools North Korean hackers used many times in the past, which made it a prime target for the DOJ's takedown efforts. According to a Department of Homeland Security alert published in May 2018, and according to reports from cyber-security vendors, the Joanap botnet has been around since 2009, and has been built using a combination of two malware strains. The first is the Brambul malware, a SMB worm that spreads from Windows PC to other Windows PCs by brute-forcing Server Message Block (SMB) services running on remote computers using a list of common passwords. Once on an infected host, the Brambul worm downloads another malware strain, the Joanap backdoor, and then moves on to scan for other computes to infect. The Joanap backdoor trojan can download, upload, or execute files, manage local processes, and start a proxy to relay malicious traffic through the infected host. The Joanap botnet is the network of computers infected with this very potent and feature-rich backdoor. "Through this operation, we are working to eradicate the threat that North Korea state hackers pose to the confidentiality, integrity, and availability of data," said Assistant Attorney General for National Security John Demers. "This operation is another example of the Justice Department's efforts to use every tool at our disposal to disrupt national security threat actors." Source
  10. The Justice Department is planning to announce charges Thursday against North Korean nationals who U.S. authorities have accused of being behind the massive hack of Sony in 2014 and the Wannacry ransomware attack lack year, sources told ABC News. Earlier on Thursday, President Donald Trump praised North Korean ruler Kim Jong Un on Twitter. "Kim Jong Un of North Korea proclaims “unwavering faith in President Trump.” Thank you to Chairman Kim. We will get it done together!" Trump tweeted. This is a developing story. Check back for updates. Source
  11. Just when he thinks he’s out, they pull him back in. On Tuesday, the U.S. Department of Justice announced new legal action against exiled NSA whistleblower Edward Snowden. The DOJ hopes to recover any profits he makes from the sale of his new book. Ever since Snowden left his job as a contractor for the NSA, released classified documents exposing unprecedented data collection by the U.S. government, and landed himself under the protection of Russia, he’s been a vexing problem for American authorities. Now that he’s back in the media spotlight promoting his new book, Permanent Record, he presents a new issue for government lawyers: How do you prevent the release of a book when that pesky First Amendment exists? The answer seems to be that you can’t, but you can make the whole process a huge headache. In a new civil lawsuit, the DOJ claims that as a former employee of the CIA and contractor for the NSA, Snowden has violated his contracts’ non-disclosure agreements that stipulate he would need to submit the book to his former employers for review prior to its publication. Today is Permanent Record’s release date, and according to the lawsuit, that contractually obligated pre-vetting never took place. From the DOJ’s statement: The United States’ lawsuit does not seek to stop or restrict the publication or distribution of Permanent Record. Rather, under well-established Supreme Court precedent, Snepp v. United States, the government seeks to recover all proceeds earned by Snowden because of his failure to submit his publication for pre-publication review in violation of his alleged contractual and fiduciary obligations. The Supreme Court case the DOJ is referring to involved former CIA agent Frank Snepp’s publication of a memoir in 1977, which was not submitted to the agency for review. Snepp’s book, Decent Interval, recounted his time as an intelligence officer and told the story of a rejected report he submitted to his superiors that was critical of the CIA’s handling of the withdrawal from Saigon at the end of the Vietnam War. Snepp was ordered by the Supreme Court to divert the proceeds from the book’s sale to the CIA and was warned that any future publications would require a review by the agency before publishing. But with Snowden in Russia at the moment, there isn’t much that the U.S. government can force him to do. But that’s where his U.S.-based publishers, MacMillan and Holtzbrinck, come in. “The United States is suing the publisher solely to ensure that no funds are transferred to Snowden, or at his direction, while the court resolves the United States’ claims. Snowden is currently living outside of the United States,” the DOJ said in a statement. A spokesperson for MacMillan did not immediately respond to our request for comment on this story. Earlier this week, Snowden told the hosts of CBS This Morning that he’s willing to travel back to the United States and face charges under the condition that he be given a fair trial. The harsh treatment and sentencing of military whistleblower Chelsea Manning have made the expectation of a fair trial feel like a remote possibility for anyone who’s released classified U.S. government information. The fact that Manning is back in jail for refusing to answer questions relating to the crime she already served time for doesn’t make the situation any better. While losing those book royalties would pale in comparison to the conditions Manning faced—the United Nation’s torture specialist called it “cruel, inhuman and degrading”—Snowden could almost certainly use the money. He’s been in exile in Russia since 2013 with little to show regarding employment. In response to the DOJ’s lawsuit, he’s seizing the promotional opportunity. “This is the book the government does not want you to read,” he wrote on Twitter. He added, “It is hard to think of a greater stamp of authenticity than the US government filing a lawsuit claiming your book is so truthful that it was literally against the law to write.” Source
  12. It’s not that easy to retire “rich as f*ck” when the police become involved. The US Department of Justice (DoJ) has arrested three men in connection to a cryptocurrency Ponzi scheme that has allegedly defrauded investors out of $722 million. The emergence of cryptocurrency including Bitcoin (BTC) and Ethereum (ETH), in just a few short years, has exploded into an active ecosystem involving alt-coins, Initial Coin Offerings (ICOs) in which tokens are offered in exchange for money to push crypto projects off the ground, and everyone and their dog exploring the underlying blockchain as a potential business transformation tool. Enthusiasm surrounding the blockchain, which in itself is a valuable technology that does have business value, has been matched with consumers and investors seeking to cash in on virtual coins -- but not every scheme is legitimate. On Tuesday, three men were charged in connection to BitClub Network, a cryptocurrency mining scheme that operated through April 2014 to December 2018. The BitClub Network promised investors shares in mining pools, used to generate cryptocurrency, in return for funds made through wire, cash, checks, and cryptocurrency transfers. In addition, rewards were offered for the recruitment of new members, of which a membership fee of $99 was imposed. However, DoJ prosecutors say the men arrested -- Matthew Brent Goettsche, 37, Jobadiah Sinclair Weeks, 38, and Joseph Frank Abel, 49 -- provided "false and misleading figures" that participants were told were "Bitcoin mining earnings" -- despite no dedicated mining pools for members existing. Money obtained by users was not used to invest in mining equipment or resources. Instead, the trio allegedly spent the proceeds "lavishly" while quietly mocking the scheme's participants. According to law enforcement, Goettsche told Weeks and Abel the BitClub Network was built "on the backs of idiots," and also referred to investors as "sheep." The trio revealed in emails that daily earning numbers were tampered with beyond reasonable and believable rates -- such as a daily earnings increase of 60 percent -- and in September 2017, Goettsche suggested that the network "[d]rop mining earnings significantly starting now" so they could "retire RAF," or "rich as f*ck." The DoJ says the Ponzi scheme earned operators $722 million. Another complaint brought forward, this time by the US Securities and Exchange Commission (SEC), is that the BitClub Network did not register shares sold off with the agency. SEC believes these shares should be considered securities. Goettsche and Weeks are charged with conspiracy to commit wire fraud, whereas all three also face allegations of conspiracy to offer and sell unregistered securities. Wire fraud can result in a prison term of up to 20 years and a maximum fine of $250,000. The SEC charges carry up to five years behind bars and a fine of up to $250,000. Two other suspects have not been apprehended and their identities have not been revealed. "What they allegedly did amounts to little more than a modern, high-tech Ponzi scheme that defrauded victims of hundreds of millions of dollars," said US Attorney Carpenito. "Working with our law enforcement partners here and across the country, we will ensure that these scammers are held to account for their crimes." Source
  13. Former FBI attorney Lisa Page on Tuesday sued the Justice Department and FBI, accusing her former employers of violating her right to privacy by illegally leaking a cache of text messages she sent with a fellow FBI official. Image: Former FBI attorney Lisa Page Page became a target of frequent attacks by President Donald Trump and his supporters after the disclosure of anti-Trump texts she exchanged with former FBI agent Peter Strzok. Both Page and Strzok, who were engaging in an extramarital affair, got nicknames like “dirty cops” and the “lovers” from the president and became two faces of Trump’s claims that the Russia probe was tainted by political bias within DOJ. The lawsuit comes a day after the release of a second report from the department’s independent watchdog that found neither person's political opinions played a role in the Russia probe or in the high-profile investigation into Hillary Clinton's personal email server, which Page and Strzok both participated in. In the 23-page lawsuit filed in U.S. District Court for the District of Columbia nearly two years to the day after the disclosure in question, Page alleges DOJ and FBI violated the Privacy Act by sharing nearly 400 text messages with reporters on the night of Dec. 12, 2017, to alleviate pressure on the department by Trump and his allies in Congress. That night, the department summoned reporters to its D.C. headquarters after hours and let the media view a tranche of 375 text messages, barring them from making copies or removing the messages and from disclosing the source of the materials. In a tweet announcing the lawsuit, Page expressed dismay over having to sue her former employers. "I take little joy in having done so, but what they did in leaking my messages to the press was not only wrong, it was illegal," she wrote. A DOJ spokesperson declined comment on the suit. Page accuses DOJ of sharing the trove of messages at a curious time: Deputy Attorney General Rod Rosenstein was set to testify the next morning before the House Judiciary Committee. He was expected to be grilled over a lack of response to oversight requests by Republicans who were assailing DOJ "for failing to vigorously pursue what the members viewed as evidence of a ‘witch hunt’ against President Trump,” the lawsuit claims. The department had already been subject to an onslaught of verbal attacks from Trump, who’d fired FBI Director James Comey earlier that year and was constantly berating Attorney General Jeff Sessions for recusing himself for the Russia probe. Page alleges that by sharing the messages with reporters, DOJ aimed “to influence the public reception” of Rosenstein’s testimony the next day as well as “ingratiate” Sessions and his department with the president. Moreover, the suit claims, the texts would “dominate coverage of the hearing, which otherwise could be unfavorable for the Department. And the Department could achieve all of this at the relatively low cost (in the Department’s view) of the privacy of two FBI employees: Ms. Page, a longtime DOJ and FBI attorney, and Mr. Strzok, a career FBI agent.” Page also points out that the 375 messages, turned over as part of the first inspector general report, had been preliminarily flagged as political in nature but that only a quarter of them were eventually deemed relevant to the June 2018 report that cleared Page of letting her political opinions impact her work. “In the two years since the December 12 disclosure, the President has targeted Ms. Page by name in more than 40 tweets and dozens of interviews, press conferences, and statements from the White House,” the suit states, “fueling unwanted media attention that has radically altered her day-to-day life.” Page's lawsuit ticks off a litany of insults leveled at her by the president over the last two years, including labeling her as “incompetent,” “corrupt,” “pathetic,” “stupid,” a “dirty cop,” a “loser,” a “clown,” “bad people,” “sick people,” a “lover,” a “great lover,” a “wonderful lover,” a “stupid lover,” and “lovely.” She resigned from the FBI in 2018, prior to the release of the IG report on the Clinton email investigation, and has remained under the radar since, aside from appearing behind closed doors before Congress and sitting for interviews for the Russia inspector general's report. Strzok was fired from the FBI several months later, and sued DOJ and FBI over his dismissal back in August. Another subject of Trump's frequent attacks on law enforcement officials, former FBI Deputy Director Andrew McCabe, has also sued the department for improper dismissal. Page broke her two-year silence earlier this month, in a lengthy interview with The Daily Beast, declaring that after Trump engaged in a crude impression of her relationship with Strzok that it was "time to take my power back." She used the occasion of Monday's inspector general report to claim vindication, despite watchdog Michael Horowitz faulting the FBI with significant missteps while ultimately being on solid footing in opening the Russia probe. "The sum total of findings by IG Horowitz that my personal opinions had any bearing on the course of either the Clinton or Russia investigations? Zero and Zero," she wrote in a tweet. Source
  14. There can be no accountability if there is no transparency. Many of us wear masks on Halloween for fun. But what about a world in which we have to wear a mask every single day to protect our privacy from the government’s oppressive eye? Face recognition surveillance technology has already made that frightening world a reality in Hong Kong, and it’s quickly becoming a scary possibility in the United States. The FBI is currently collecting data about our faces, irises, walking patterns, and voices, permitting the government to pervasively identify, track, and monitor us. The agency can match or request a match of our faces against at least 640 million images of adults living in the U.S. And it is reportedly piloting Amazon’s flawed face recognition surveillance technology. Face and other biometric surveillance technologies can enable undetectable, persistent, and suspicionless surveillance on an unprecedented scale. When placed in the hands of the FBI — an unaccountable, deregulated, secretive intelligence agency with an unresolved history of anti-Black racism — there is even more reason for alarm. And when that agency stonewalls our requests for information about how its agents are tracking and monitoring our faces, we should all be concerned. That’s why today we’re asking a federal court to intervene and order the FBI and related agencies to turn over all records concerning their use of face recognition technology. The FBI’s troubling political policing practices underscore the urgent need for transparency. Under the leadership of the agency’s patriarch — the disgraced J. Edgar Hoover — the FBI obsessively spied on left-wing, Indigenous rights, anti-war, and Black power activists across the country. Hoover infamously tried to blackmail Martin Luther King, Jr., encouraging the civil rights leader to kill himself to avoid the shame Hoover’s leaks to journalists would bring to him and his family. The FBI was also involved in the 1969 killing of Fred Hampton, a brilliant Chicago leader in the Black Panther Party who was assassinated by Chicago Police while he lay asleep in his bed next to his pregnant girlfriend. While Hoover’s reign may be history, the FBI’s campaign against domestic dissent is not. Since at least 2010, the FBI has monitored civil society groups, including racial justice movements, Occupy Wall Street, environmentalists, Palestinian solidarity activists, Abolish ICE protesters, and Cuba and Iran normalization proponents. In recent years, the FBI has wasted considerable resources to spy on Black activists, who the agency labeled “Black Identity Extremists” to justify even more surveillance of the Black Lives Matter movement and other fights for racial justice. The agency has also investigated climate justice activists including 350.org and the Standing Rock water protectors under the banner of protecting national security. Because of the FBI’s secrecy, little is known about how the agency is supercharging its surveillance activities with face recognition technology. But what little is known from public reporting, the FBI’s own admissions to Congress, and independent tests of the technology gives ample reason to be concerned. For instance, the FBI recently claimed to Congress that the agency does not need to demonstrate probable cause of criminal activity before using its face surveillance technology on us. FBI witnesses at a recent hearing also could not confirm whether the agency is meeting its constitutional obligations to inform criminal defendants when the agency has used the tech to identify them. The failure to inform people when face recognition technology is used against them in a criminal case, or the failure to turn over robust information about the technology’s error rates, source code, and algorithmic training data, robs defendants of their due process rights to a fair trial. This lack of transparency would be frightening enough if the technology worked. But it doesn’t: Numerous studies have shown face surveillance technology is prone to significant racial and gender bias. One peer-reviewed study from MIT found that face recognition technology can misclassify the faces of dark skinned women up to 35 percent of the time. Another study found that so-called “emotion recognition” software identified Black men as more angry and contemptuous than their white peers. Other researchers have found that face surveillance algorithms discriminate against transgender and gender nonconforming people. When our freedoms and rights are on the line, one false match is too many. Of course, even in the highly unlikely event that face recognition technology were to become 100 percent accurate, the technology’s threat to our privacy rights and civil liberties remains extraordinary. This dystopian surveillance technology threatens to fundamentally alter our free society into one where we’re treated as suspects to be tracked and monitored by the government 24/7. That’s why a number of cities and states are taking action to prevent the spread of ubiquitous face surveillance, and why law enforcement agencies, at minimum, must come clean about when, where, and how they are using face recognition technology. There can be no accountability if there is no transparency. Source : ACLU
  15. DOJ sues US telecom providers for connecting Indian robocall scammers One provider connected 720 million calls in 23 days. Enlarge Luis Alvarez / Getty Images The US Department of Justice has filed lawsuits (PDF and PDF) against two small telecommunications providers that have allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents. The feds want a New York federal judge to cut off the companies' access to the US telephone network. The government says a judge has already issued a restraining order against one of the defendants. Fraudulent robocalls are a serious problem in the United States—and the Justice Department says two US companies contributed significantly to the problem. Over a 23-day period in May and June of last year, for example, defendant TollFreeDeals connected 720 million calls to US numbers. According to the Justice Department, 425 million of the calls lasted for one second or less—suggesting that many were unwanted. The feds say that during those two months, TollFreeDeals connected 182 million calls from a single India-based call center. Of these calls, more than 90 percent appeared to come from one of 1,000 source numbers. And of those numbers, more than 80 percent have been associated with fraudulent robocalls. Foreigners seeking to scam American consumers need access to the US telephone network. The two US companies sued by the Justice Department served as VOIP-based gateways between foreign call centers and the US telephone network. They were tiny operations; according to the government, each company did business from the home of its owner. The companies' overseas clients engaged in a number of scams that might sound familiar to anyone who owns a phone in the US. In one popular scam, fraudsters pretend to work for the Social Security Administration and inform victims that their Social Security number has been "suspended." Other scam callers impersonated the IRS, Microsoft, or other large American organizations. In all cases, the suggested remedy was the same: send the scammers money to help clear up the problem. In one case, the feds say, a man was told that officials were about to seize the contents of his bank account. The caller claimed to be from the US Marshals Service and told the man to wire his savings—$9,800—to the scammer for safekeeping. The man did so. By the time he realized he'd been scammed, his bank said the money was gone. The feds don't allege that US telecom providers directly executed these frauds. However, they say, the providers turned a blind eye to rampant criminal activity occurring on their networks. Over a period of years, the companies received numerous warnings from other telecom providers that their services were being used for fraud. Federal officials say they did as little as they could to stop the activity while the scammers continued to operate. The lawsuit is just the latest front in the federal government's ongoing war against robocalls and other fraudulent use of the telephone system. With some prodding by the FCC, telephone providers have been implementing a system called SHAKEN/STIR to authenticate caller information. Congress also recently passed legislation mandating the use of the SHAKEN/STIR technology—albeit with a rather lenient deadline of 18 months. "The Department of Justice will pursue to the fullest extent of the law individuals in the United States who knowingly facilitate imposter fraud calls, using both criminal and civil tools where appropriate," Assistant Attorney General Jody Hunt said in a statement. Source: DOJ sues US telecom providers for connecting Indian robocall scammers (Ars Technica)
  16. from the the-first-amendment-matters dept Back in the spring of 2013, just a month or so before Ed Snowden started revealing all sorts of surveillance shenanigans, there was another important revelation: the Obama DOJ had gone way overboard in spying on journalists, including grabbing the phone records of some AP reporters (without letting them know) and, even worse, telling a court that a Fox News reporter was a "co-conspirator" with a leaker in order to get his phone and email records. The Obama administration's war on the press has been well documented on this site, with many in the press highlighting how he was the most secretive -- not to mention the most aggressive in abusing the Espionage Act to target leakers and journalists more times than every other President combined prior to him. Once those two stories above came out, the DOJ initially promised to create new guidelines, though, when those guidelines came out, they seemed pretty limited and left a lot of avenues open for the government to spy on journalists, including using National Security Letters -- the meaningless "letters" the FBI/DOJ often hands out like post-it notes, demanding all sorts of info with zero due process, and frequently with an indefinite gag order. Back in 2015, we noted that the Freedom of the Press Foundation was suing the DOJ demanding the details of the rules used around those national security letters, given that the DOJ didn't want to release them. Earlier this week, the Freedom of the Press Foundation stated that (thanks to the lawsuit), the DOJ has now revealed its rules for seeking FISA Court orders spying on journalists, which are different than its rules for collecting general information from journalists (and different than the rules for the FBI to use NSLs, which is still secret). As Trevor Timm, Freedom of the Press's executive director, points out, the rules revealed here are "much less stringent" than the (already not that stringent) rules the DOJ came out with in 2015. Basically, the rules state that if the DOJ wants to get a FISC order on a journalist... it has to get approval from the Attorney General or Deputy Attorney General. That's much less than the regular DOJ guidelines that involve a multi-part test to make sure that surveillance of the journalist is actually critical to the investigation and not simply a shortcut to info (or, worse, a way to harm journalistic sources). If you can't read that, it just says: And some may argue that having to escalate such FISA applications to the tippy-top of the DOJ represents some level of oversight, that oversight only goes as far as you can trust the Attorney General. And when's the last time we had an Attorney General anyone actually trusted (I can't ever remember having such an AG...). Indeed, our current AG, Jeff Sessions has publicly stated that he wants to prosecute more journalists and has suggested that he's even less interested in balancing the careful interests and rights of journalists than his predecessors. And, of course, we still have no idea what rules the FBI uses for its NSLs. However, as Timm points out, it's pretty ridiculous that the FISC rules have now been declassified but the FBI's NSL rules remain secret: Source
  17. from the with-an-eye-on-undermining-all-encrypted-messaging-services dept The DOJ's war on encryption continues, this time in a secret court battle involving Facebook. The case is under seal so no documents are available, but Reuters has obtained details suggesting the government is trying to compel the production of encryption-breaking software. The request seeks Facebook's assistance in tapping calls placed through its Messenger service. Facebook has refused, stating it simply cannot do this without stripping the protection it offers to all of its Messenger users. The government disagrees and has asked the court for contempt charges. Underneath it all, this is a wiretap order -- one obtained in an MS-13 investigation. This might mean the government hasn't used an All Writs Acts request, but is rather seeking to have the court declare Messenger calls to be similar to VoIP calls. If so, it can try to compel the production of software under older laws and rulings governing assistance of law enforcement by telcos. Calls via Messenger are still in a gray area. Facebook claims calls are end-to-end encrypted so it cannot -- without completely altering the underlying software -- assist with an interception. Regular messages via Facebook's services can still be decrypted by the company but voice calls appear to be out of its reach. Obviously, the government would very much like a favorable ruling from a federal judge. An order to alter this service to allow interception or collection could then be used against a number of other services offering end-to-end encryption. It's unknown what legal options Facebook has pursued, but it does have a First Amendment argument to deploy, if nothing else. If code is speech -- an idea that does have legal precedent -- the burden falls on the government to explain why it so badly needs to violate a Constitutional right with its interception request. This is a case worth watching. However, unlike the DOJ's very public battle with Apple in the San Bernardino case, there's nothing to see. I'm sure Facebook has filed motions to have court documents unsealed -- if only to draw more attention to this case -- but the Reuters article says there are currently no visible documents on the docket. (The docket may be sealed as well.) There is clearly public interest in this case, so the presumption of openness should apply. So far, that hasn't worked out too well for the public. And if the DOJ gets what it wants, that's not going to work out too well for the public either. Source
  18. Attorney General Jeff Sessions has scheduled a meeting with state attorneys general in September to discuss a “growing concern” that tech companies may be “intentionally stifling” the free flow of ideas on their platforms. In a statement issued right after executives from Facebook and Twitter finished testifying before the Senate Intelligence Committee, the Department of Justice (DOJ) also suggested that the platforms were running afoul of antitrust laws. “The Attorney General has convened a meeting with a number of state attorneys general this month to discuss a growing concern that these companies may be hurting competition and intentionally stifling the free exchange of ideas on their platforms,” DOJ spokesman Devin O’Malley said in a statement issued near the end of the congressional hearing. President Trump and conservative House Republicans have repeatedly aired complaints about bias against conservatives on Facebook, Twitter, Google and other social media platforms. Those companies though have denied censoring conservative speech. Twitter CEO Jack Dorsey and Facebook Chief Operating Officer Sheryl Sandberg testified before the Senate Intelligence Committee on Wednesday morning on efforts to combat foreign influence operations on their platforms. Dorsey will face a second grilling later Wednesday from lawmakers in the House Energy and Commerce Committee, where he is expected to face questions on the allegations of conservative censorship. The DOJ's move is the first sign of the administration taking concrete action to address alleged bias following President Trump's public accusations against tech companies last week. It also comes at a time of tension between the president and his top law enforcement officer. Trump has repeatedly chastised Sessions over his decision to recuse himself from the investigation into Russian interference in the 2016 election, faulting the attorney general in August for not taking control of what he sees as "corruption" at the Justice Department. And on Monday, Trump blasted Sessions on Twitter over recent indictments against two Republican congressmen. The announcement also signals that the Justice Department is paying attention to the growing movement to challenge Facebook's and Google's market power. Last week, Trump said the companies might have antitrust problems but declined to discuss whether they should be broken up. Google has been dogged by massive antitrust fines in Europe, where regulators have accused the company of using its dominance in internet search, mobile operating systems and online advertising to suppress competition. Facebook is also facing antitrust scrutiny in the EU. But the U.S. has yet to take any action against the internet giants over their market power. Spokespeople for Google, Facebook and Twitter did not immediately respond when asked for comment. Source
  19. Department of Justice report highlights several problems with the FBI's automated breach notifications. The Federal Bureau of Investigations does a poor job at notifying victims of a cyber-attack, a US government report released earlier this week concluded. FBI notifications arrive either too late or contain insufficient information for victims to take action, a report from the Department of Justice's Office of the Inspector General (DOJ-OIG) has concluded. The report analyzed Cyber Guardian, an FBI application for storing information about tips and ongoing investigations. The system also allows agents to enter details about suspected victims, which Cyber Guardian can later notify via automated messages. But the DOJ-OIG report said FBI agents are not using the system as it is intended. FBI agents not using the system as designed For example, interviews with 31 agents revealed that 29 entered victim information in a lead category called "Action," rather than the standard "Victim Notification." Action-labeled leads are treated as active investigations and don't necessarily trigger immediate breach notification emails, as standard entries in the Victim Notification category would do. By the time agents finish an Action-labelled investigation, victims lose crucial time during which they could have learned of the breach and taken protecting actions. Furthermore, the DOJ-OIG audit also found that FBI agents often made mistakes when filling in victim information. Investigators found typos, incorrect dates, and errors in classifying the incident's severity. Breach notifications varied in quality The report also revealed that victims notifications also varied in quality, which investigators attributed to the FBI agent entering the data. Some agents were very descriptive about the incidents they logged in Cyber Guardian, leading to victims receiving useful notifications containing IP addresses linked to the malicious activity, date ranges, and instructions to deal with the attack's aftermath. On the other hand, some agents provided very few details. According to the DOJ-OIG report, many of these incomplete notifications were created by the same agents, an aspect that investigators said could be corrected through better training. Auditors also found that the breach notification process, overall, could also be improved if the FBI cooperated with other agencies and allowed these agencies to enter data in Cyber Guardian as well, which should help enrich the quality of some notifications. As a last observation, the DOJ-OIG also found that the FBI also failed to notify victims of their rights under the Attorney General Guidelines for Victim and Witness Assistance, a document about the rights and legal recourse victims are entitled to. "The FBI is developing a new system called CyNERGY to replace Cyber Guardian and, although we were unable to test the system," the DOJ-OIG said. "We believe that if CyNERGY operates as intended, it could provide improvements to the current system." Source
  20. There’s a story in the Washington Post “Cybersecurity 202” newsletter that confirms that the Department of Justice is capitalizing on the techlash in order to build up congressional support for the DOJ’s long-desired goal of legislation that will restrict your freedom to encrypt your data and communications. The Post reports that, according to assistant attorney general for national security John Demers, the DOJ has given up hope that tech companies will “voluntarily” backdoor their own encryption, as the agency had been pressing them to do since around 2016. Instead, the DOJ is now “focusing on getting legislation that forces companies to cooperate – and is hoping encryption-limiting laws in Australia and the United Kingdom will ease the path for a similar law in the United States.” Why now? What’s changed since 2016, when we had the great Apple vs. FBI showdown? According to Demers, two things: (1) the “techlash” by Congress and the public “in the wake of myriad privacy scandals” and the 2016 election; and (2) Australia’s 2018 passage of the Assistance and Access Act, which followed on the heels of similar legislation in the United Kingdom in 2016. Demers “hopes these laws will create a model for how lawmakers in the United States might limit encryption.” These two factors lay out, straight from the horse’s mouth, what I’ve been saying for a while. It comes as something of a relief for a high-ranking DOJ official to finally acknowledge publicly the playbook I could see they were running to try to get Congress to finally ban strong encryption. That doesn’t mean I’m happy about it. I explained last month that the techlash has now gained enough momentum that law enforcement may have a fighting chance of getting its anti-encryption wish, under the guise of protecting children, in the form of a terrible bill called the EARN IT Act. That bill doesn’t look much like Australia’s Assistance and Access Act or the UK’s IP Act -- in fact it doesn’t mention the word “encryption” at all -- but right now it’s the lead contender for the DOJ to get an “encryption-limiting law” passed in the U.S. Exploiting the techlash is a strategy I’ve been calling law enforcement out for since October 2017. It’s incredibly frustrating for me to see that this obvious ploy is working so well. AAG Demers admitted that the DOJ thinks it can persuade congressmembers to be angry at tech companies over encryption because they’re already mad at those companies for violating users’ privacy. But this, let’s call it, transitive rage contradicts itself. Why? Because encryption protects user privacy. It doesn’t just do that; indeed, information security experts have had to push back for years against the overly simplistic “security versus privacy” framing to emphasize that the encryption debate is primarily a question of “security versus security.” Nevertheless, privacy certainly is one of the main interests that encryption protects. And it doesn’t just shield your data and conversations from criminals and snoops: it can even shield them from the eyes of the entity that provided the encryption. For example, when you use a chat app such as WhatsApp that end-to-end encrypts your conversations by default, not even the app provider (Facebook, in the case of WhatsApp) can read your messages or listen in on your calls. So, if you’re mad at Facebook for invading your privacy, you should be glad that they use encryption that prevents them from snooping on your WhatsApp conversations, and that they’re planning the same for their other messaging services too. Thus, the DOJ’s strategy is obviously just trying to sow confusion among the public and Congress by mixing up the issues: conflating tech companies’ privacy violations with tech companies’ privacy-protective encryption, as I pointed out in a recent press article. Even Senator Graham, the author of the EARN IT Act bill, admitted in that very same article that this doesn’t make any sense: “When asked whether he saw any tension between Capitol Hill’s ongoing effort to pass privacy legislation and its burgeoning push to mandate encryption backdoors,” Graham admitted he saw “‘a lot.’” So, if even Senator Graham can see through the DOJ’s ploy to elicit what I’m calling transitive rage, why is it working? The answer might be: children. Per the Post today (and me last fall), “Justice officials have also shifted their messaging on encryption, talking less about the danger of terrorists recruiting and planning operations outside law enforcement's view and more about the threat of a surge in child predators sharing illicit images or luring children on social media.” Congress seems receptive to this child-safety messaging. Legislators expect Big Tech to protect the privacy of users, including children. Encryption shields users’ privacy. Simultaneously, they also expect Big Tech to be able to detect the bad guys on their services, including those who are hurting children. But encryption shields the bad guys too. How to resolve this dilemma? Previously, the answer from Congress was “do nothing,” both on passing an anti-encryption law -- something for which Congress has heretofore shown no appetite -- and on passing comprehensive federal privacy legislation. But the tide has shifted, the Hill is awash in the techlash, and the DOJ has succeeded in equating being pro-encryption with being anti-child safety. If pedophiles benefit from strong encryption built in by default to popular software and devices, then, according to Senator Graham, nobody should get that benefit anymore. (Never mind that it won’t work out the way he thinks.) In a Congress already dithering over passing a federal privacy law, the child safety rationale may prevail, at the expense of the many interests that encryption protects -- privacy not least among them. Maybe Graham, in acknowledging the dilemma of demanding both privacy and encryption backdoors simultaneously, was really just tacitly admitting that when 327 million Americans’ privacy is pitted against the rhetorical power of “think of the children,” privacy loses. Overall, the attitude from Congress in 2020 seems to be, to paraphrase Michael Pollan: “Protect users. Not too much. Mostly kids.” It is likewise unsurprising yet disappointing that DOJ views Australia’s stupid law as clearing the way to make anti-encryption legislation palatable to the U.S. Congress. In October 2018, I warned that the passage of the Australian law (then a pending bill) would likely have a domino effect on other Five Eyes countries, including the U.S. By passing the bill in December 2018, “Australia set an example of a Western democracy passing legislation that undermined encryption, making it look like that’s normal and OK,” I said last summer. It’s not OK, even if it becomes normal. Of the DOJ officials currently rejoicing over the opening Australia and the UK have given them to finally shove anti-encryption legislation through Congress, how many have ever said to their children, “And if all your friends jumped off a bridge, would you jump too?” The DOJ wants the U.S. to take a blinkered view of how governments should handle the topic of encryption. In July 2018, I had predicted that the DOJ would place itself in an echo chamber where it would listen to “only other countries whose governments have adopted anti-encryption stances,” specifically Australia and the UK, while ignoring countries that have come out more strongly in favor of encryption, such as Germany. That seems to be what’s happening now: the DOJ wants America to imitate Australia, when Germany’s federal Office of Information Security just today issued a set of proposed requirements for smartphones that require full-disk encryption. This shows that another way is possible than the path chosen by the UK and Australia. The German approach may have much to teach the U.S. It is dangerous for DOJ to urge Congress to stick its head in the sand and refuse to listen. Yet here we are. With the disastrous EARN IT Act bill about to drop, the DOJ is openly and pointedly taking the gloves off in the encryption fight. But make no mistake: once the DOJ throws its knock-out punch, it’ll be your privacy and security that hit the floor. Source
  21. In new guidance, the Department of Justice says security researchers and organizations run real risks when gathering threat intelligence or dealing with criminals in underground online marketplaces. Organizations that collect threat intelligence from Dark Web forums and other criminal online sources where cybercrimes are planned and stolen data is traded are walking into a legal minefield. Even small mistakes in how data is collected from these venues or how it is handled can end up landing them in deep legal trouble, according to newly released guidance from the US Department of Justice. The DoJ's report, "Legal Considerations When Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources," highlights several issues that security researchers and threat intelligence firms need to be cognizant about when pursuing criminals on online forums. It considers practices that security practitioners and researchers commonly use to gather adversary intelligence, retrieve stolen data, or obtain new vulnerability and malware information. The document is designed to help organizations engaged in these activities to identify potential legal issues. "[But] it does not — and cannot — comprehensively address all the legal issues that practitioners may face in every circumstance, particularly because minor changes in facts can substantially alter the legal analysis," the DoJ said. One of the key takeaways from the report is that threat intelligence gatherers can relatively easily fall afoul of US federal criminal law if they are not careful. For example, there's little legal risk in passively collecting information from a Dark Web site or other online criminal forum by lurking quietly on it and not communicating with others or responding to any communications. But actively asking questions and soliciting intelligence on a forum about illegal activities could draw unwanted attention if law enforcement also happens to be on the same site. Such activity is an indication that a crime may be occurring on the site. "Exchanges with others on the forum that appear to involve discussions of criminal conduct could implicate the practitioner in a criminal investigation of the forum or its members," the DoJ guidance noted. Similarly, while it's legally OK to use a fake identity or a pseudonym for accessing an illicit forum and communicating with others, it is not all right to use stolen credentials or someone else's actual identity without explicit permission. Legal consequences — both civil and criminal — can result, depending on the actual person that is being impersonated and the actions that were taken under that identity, the DoJ said. Numerous Pitfalls There are many other potential pitfalls. Security researchers and threat intelligence gatherers often try to establish their credibility and trust in underground forums. To prove their bona fides, they might be asked to offer specific information, tools, or services. Providing such information — especially if it can be potentially used to commit a crime — can put such individuals at risk of being viewed as aiding and abetting a federal crime. Even in situations when providing such information on a forum may not be illegal, security researchers might run the risk of breaching federal criminal conspiracy statutes. Even organizations that assume it's OK to negotiate with criminals to retrieve their own stolen data need to be careful. While there might be little legal risk in purchasing one's own data from a criminal entity, potential complications can arise if the seller accidentally includes other stolen data along with it — especially data such as stolen intellectual property. If the stolen data includes credit card numbers or intellectual property, the transfer of such information might be prohibited. Also, if the criminal entity happens to be labeled as a terrorist outfit or is classified under export control regulations, any organization that negotiates with it — even to get their own data back — could potentially find themselves being investigated. The two rules that organizations and researchers need to follow when engaging in such activities is to avoid becoming an unintentional perpetrator or a victim, the DoJ said. It's always a good idea to get professional legal counsel before embarking on a private threat intelligence mission. Where possible, stakeholders should cultivate relationships with the local FBI and US Secret Service field offices and keep them apprised of any operations that might involve contact with online criminal forums and actors, the DoJ said. Organizations should have clearly crafted rules of engagement that spell out legal responsibilities and protocols that clearly articulate what constitutes acceptable and unacceptable behavior when engaged in threat intelligence gathering. Documented rules can also be useful in situations where an organization might face civil, criminal, or regulatory action. Security researchers and the organizations they work for should also be aware of and understand that some of their legitimate threat intelligence gathering activity could receive investigative scrutiny from investigators unable to immediately distinguish between criminal and legitimate parties, the DoJ said. "There are very high stakes for getting these rules of engagement wrong," threat intelligence firm Recorded Future said in response to the new guidance. "It is worth highlighting that not only can individuals be liable for large criminal fines but may also be imprisoned for up to 20 years," under relevant federal statutes, Recorded Future said. Source
  22. Among the QQAAZZ group's clients were famous malware groups like Dridex, Trickbot, and GozNym. The US Department of Justice has unsealed today charges against 14 members of an international money laundering group known as QQAAZZ. US authorities said the group has been active since 2016 and operated by advertising its services on Russian-speaking hacker forums. There, the group established connections with some of today's largest malware operations, including the likes of operators of malware botnets like Dridex, Trickbot, and GozNym. According to the DOJ, QQAAZZ members operated a large network of bank accounts and money mules that allowed malware gangs to funnel money from hacked accounts to new, clean destinations. QQAAZZ members were organized on a business-like hierarchy. Leaders would handle customer communications, mid-level managers recruited money mules, and money mules opened bank accounts and picked up money from ATMs, when needed. US officials said the group managed a huge network of bank accounts around the world using fake identities and shell companies. These accounts would serve as landing spots for funds received from hacks, malware infections, and other cybercrime operations. The money would travel through the QQAAZZ accounts and get converted into cryptocurrency. In a digital form, the cryptocurrency would then be passed through a "tumbling" service to anonymize transactions even more, and then the funds would be returned back to the cybercrime groups, with QQAAZZ operators retaining a cut varying from 40% to 50% for their efforts. 20 arrests made in a transnational operation Besides the 14 suspects charged today [indictment PDF], the DOJ said it also charged five others in October 2019 [indictment PDF]. US authorities said that while charges were filed in the US, this was an international crackdown against the QQAAZZ group, and other criminal prosecutions were initiated in other countries, such as Portugal, Spain, and the US. Sixteen countries were involved in an international operation against QQAAZZ, which Europol named "Operation 2BaGoldMule." As part of this crackdown, Europol said participant countries carried out more than 40 house searches across Latvia, Bulgaria, the United Kingdom, Spain and Italy, and made 20 arrests. Source
  • Create New...