Articles

Feds seize $2.3 million in cryptocurrency wallet reportedly used…

The successful seizure could encourage other victims to better cooperate with federal agencies and cause ransomware gangs to rethink their operations.

The Justice Department announced yesterday that it had seized 63.7 bitcoins currently valued at approximately $2.3 million that allegedly represents some portion of a May 8 payment by the Colonial Pipeline company to DarkSide ransomware attackers. Colonial Pipeline admitted paying the cybercriminals a total ransom of around $4.4 million in bitcoin to restore full functionality to its systems following the crippling ransomware attack announced by the company on May 7.

The Special Prosecutions Section and Asset Forfeiture Unit of the US Attorney’s Office for the Northern District of California seized the bitcoin wallet after a magistrate judge for the Northern District of California authorized a seizure warrant. News of the wallet seizure came as little surprise given that the DarkSide attackers themselves foreshadowed it when they announced in mid-May that the group lost control over some of its servers, including a payment server, and was shutting down due to “pressure” from the United States. At that time, DarkSide also stated that some of its funds had been withdrawn to an unknown account.

This article appeared in CSO Online. To read the rest of the article please visit here.

 

Articles

Data security risks threaten approval of Chinese undersea cable…

lead centered=”no”The US government’s “Team Telecom” wants to partially deny a proposed undersea cable connection between the US and Hong Kong over surveillance, data theft concerns./lead

On June 17, the intergovernmental group known as Team Telecom filed on behalf of the Executive Branch a recommendation to the Federal Communications Commission (FCC) to partially deny an undersea cable system application by a Chinese company called Pacific Light Cable Network (PLCN). Team Telecom (recently renamed as the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector) consists of the Department of Homeland Security )DOH) and the Department of Defense (DOD) led by the Department of Justice’s National Security Division, Foreign Investment Review Section. In its filing Team Telecom specifically urged the commission to reject that part of the application that involves a direct connection between the US and Hong Kong.

The rationale for the recommended rejection echoes similar recent moves by the Trump Administration to push Chinese technology out of the US telecommunications system and power grid supply chains. The White House, along with Team Telecom, has stepped up its arguments that China poses a digital and technology security threat, a contention that is occurring against a backdrop of soured trade negotiations and a politically deteriorating relationship between the US and China.

This article appeared in CSO Online. To read the rest of the article please visit here.

Articles

Revised DOJ compliance guidance offers risk-management lessons for cybersecurity…

lead centered=”no”
Prosecutors use this guidance to assess criminal liability in a compliance breach, so it behooves business and security leaders to understand the expectations.
/lead

In February 2017, the Criminal Division of the US Justice Department (DOJ) issued its first-ever guidance for prosecutors of white-collar crime to use when assessing whether a company complied with its own risk management program. The document urged prosecutors to consider whether a company’s compliance program is appropriately “designed to detect the particular types of misconduct most likely to occur in a particular corporation’s line of business” and “complex regulatory environment.” That guidance was updated in April 2019 into a formal document called “The Evaluation of Corporate Compliance Programs.”

Both documents aim to give prosecutors criteria to consider when bringing criminal charges. The three fundamental questions prosecutors are urged to answer when assessing whether the compliance programs are helping to “promote corporate behaviors that benefit the American public” are:

  1. Is the program well-designed?
  2. Is the program effectively implemented?
  3. Does the compliance program work in practice?

On June 1, the DOJ issued yet another update to its compliance guidance, this time weaving in new language to make sure compliance programs aren’t merely one-and-done snapshots, but are instead dynamic programs that get updated to fit changing circumstances. The new guidance also asks prosecutors to make sure compliance programs are adequately resourced within organizations.

This article appeared in CSO Online. To read the rest of the article please visit here.

Articles

Twitter spy scandal a wake-up call for companies to…

lead centered=”no”
Two Twitter employees accessed user data on behalf of the Saudi government. Neither should have had access, and this is a sign of a bigger problem at all companies.
/lead

A tremor rippled across the information security community last week when the Justice Department announced criminal charges against two Twitter employees, Ahmad Abouammo and Ali Alzabarah, for acting as foreign agents under the direction and control of the Kingdom of Saudi Arabia. The complaint alleges that the two men used their ability to access user data to provide the Saudi rulers with private information on more than 6,000 Twitter users.

Abouammo, who was a media partnerships manager at Twitter, is a US citizen. Alzabarah, who was a site reliability engineer at the social media giant, is a Saudi citizen, while a third person who was an intermediary in the theft of some of the data and who did not work at Twitter, Ahmed Almutairi, is also a Saudi citizen.

Both former Twitter workers had access to a proprietary and confidential information for Twitter users, including the email addresses, birthdates, phone numbers and IP addresses. Alzabarah, who pulled data on four specific users at the request of the Saudis, also had access to users’ biographical information, logs that contained the users’ browser information, and a log of all of a particular user’s interactions at any given point in time, the complaint says.

This article appeared in CSO Online. To read the rest of the article please visit here.