9:02 AM 10/7/2017 – Trump News Review: Russian Intelligence services and organized crime – Google News: Russian Hackers Pilfered Data from NSA Contractor’s Home Computer: Report – Dark Reading

Share this article
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Russian Hackers Pilfered Data from NSA Contractor’s …

1 Share
Classified information and hacking tools from the US National Security Agency landed in the hands of Russian cyberspies, according to a Wall Street Journal report.Turns out the National Security Agency (NSA) may have suffered yet another data breach: in 2015, Russian state hackers stole classified cyberattack and defense tools and information off of the home computer of an NSA contractor, according to a Wall Street Journal report today.

The hack reportedly occurred via Kaspersky Lab antivirus software on the contractor’s home computer, where the AV flagged the NSA cyberspying tools and code. The breach wasn’t detected until the spring of 2016, and wasn’t known publicly until the WSJ report published today.

Just how the NSA contractor’s Kaspersky Lab software was apparently abused and exploited — or not — is under debate by experts; it could be a case of the application’s detection of the tools on the contractor’s system inadvertently landing in the wrong hands, they say, or the software could have been hijacked and hacked by the attackers during a software update, for instance, or a more nefarious scenario.

Sponsor video, mouseover for sound

The WSJ report meanwhile appears to shed light on what ultimately may have led to the US government’s recent ban of the Russian security vendor’s software. The Trump administration ordered all federal agencies to remove Kaspersky Lab’s products and services from their systems, citing concerns of a link between the company and the Russian government, which is already under fire for its role in meddling with the 2016 US presidential election.

The unnamed NSA contractor reportedly moved the data to his home to work after-hours, even though he was aware that removing classified information without approval is against NSA policy and potentially a criminal offense, the report said. The case is under investigation by the federal government. NSA employees and contractors have always been prohibited from using Kaspersky Lab software at work, and the NSA prior to this incident had recommended they not use it at home, either, the report said.

This marks the third case of an NSA contractor exposing or leaking classified information: the first being, of course, Edward Snowden, whose infamous theft and leak to journalists of NSA files in 2013 served as a wakeup call for the insider threat; and the second, the recent arrest of contractor Harold Martin, who had hoarded more than 50 terabytes of NSA documents for 20 years in his home and the trunk of his car.

Whether this latest NSA contractor leak leads directly to the mysterious Shadow Brokers group that since 2016 has been leaking and later offering for sale online a trove of NSA hacking tools and exploits is unclear at this point, but some security experts say this could be the long-awaited link to Shadow Brokers. “It seems to point in that direction,” John Bambenek, threat systems manager at Fidelis Cybersecurity, says of today’s report.

Meantime, just how Kaspersky Lab’s AV software fits into the case is unclear from the report. According to the WSJ, the software may have detected some of the NSA files as suspicious code, somehow cluing Russian hackers into the machine full of NSA classified information. According to the report, “But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programmed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.”

Antivirus and other security software routinely vet newly detected, suspicious-looking samples to their malware databases and other threat intelligence resources, so the Russian threat actors may have either intercepted that traffic or even spotted it in another intelligence-sharing forum, security experts told Dark Reading. “The reality is they [antivirus programs] all do that,” Bambenek says.

He says he’s even seen classified documents posted on VirusTotal, the online malware-checking tool used by researchers and even victim organizations to crowdsource malware discoveries. And threat intel-sharing is common practice among security researchers as well, he says.

“Malware systems that make use of the cloud often send your documents upstream for analysis,” explains Gary McGraw, vice president of security technology at Synopsys.

Kaspersky Lab researchers have worked closely with Interpol on cybercrime investigations, and the firm has outed multiple Russian advanced persistent threat actors, or nation-state groups, which confounds security experts analyzing the feds’ suspicions of Russian state involvement with Kaspersky Lab.

“I’ve worked with Kaspersky Lab for a long time, fighting antivirus back in the day, and they’ve always been stand-up guys who want to fight the good fight against malware actors,” says Joe Stewart, formerly the director of malware research at Secureworks and now a security researcher with Cymmetria.

Thwarting DDoS AttacksNeustar’s Barrett Lyons discusses the company’s investment in a “scrubbing service” and Web application firewalls to protect organizations against DDoS attacks.

One possible explanation for the NSA contractor’s machine compromise, Stewart notes, is a hack of the AV software. “Any time you’ve got a situation where software running on a machine has an update process, it can be compromised,” Stewart says.

Several major AV products, including Kaspersky Lab’s, have been outed with security vulnerabilities by researchers over the past few years.

Fidelis’ Bambenek says there’s always a chance a mole resides in any security software firm or organization. “That’s how espionage is done,” he says. He says he has no firsthand knowledge of that being the case at Kaspersky Lab, and the argument of collusion between the firm and the Russian government so far remains as “weak tea,” he says.

Other security experts see subterfuge. Dan Guido, co-founder and CEO of red-team and security research firm Trail of Bits, said via Twitter: “There are only 2 good answers: Either the Russian gov rides on KAV infrastructure globally or Kaspersky helps them do it one at a time.”

Kaspersky Lab denies any wrongdoing and shot down the WSJ report: “Kaspersky Lab has not been provided any evidence substantiating the company’s involvement in the alleged incident reported by the Wall Street Journal on October 5, 2017, and it is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company. As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight,” the company said in a statement.

“The company actively detects and mitigates malware infections, regardless of the source,” and “Kaspersky Lab products adhere to the cybersecurity industry’s strict standards and have similar levels of access and privileges to the systems they protect as any other popular security vendor in the U.S. and around the world,” the company said.

Insider Problems
Bambenek says the NSA contractor moving classified agency data onto his home laptop or computer should never have happened in the first place. “The problem is the NSA is not following its own rules,” he says. “Shouldn’t there be technical controls controlling [and detecting] when top-secret stuff goes out of the NSA building? This just keeps happening there. I’m more concerned about a spy agency consistently have a problem keeping its secrets.”

There’s a fine line of what constitutes legitimate and acceptable cyber espionage. Nations spy on other nations: that’s a given. And sometimes, security software firms find themselves inadvertently in the crosshairs, experts point out. And it’s likely the NSA could be using antivirus software similarly to spy on other nations, they argue.

Even so, the US federal government’s ban on Kaspersky Lab products comes amid a backdrop of renewed distrust in the Russian government in the wake of the intelligence community’s findings of election-meddling, as well as investigations into possible collusion between the Trump campaign and Russian operatives.

Jim Christy, former director of futures exploration at the federal government’s Defense Cyber Crime Center (DC3), notes that the feds are traditionally “risk-averse,” so the ban of Kaspersky Lab software should come as no surprise.

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

Related Content:

Kelly Jackson Higgins is Executive Editor at <a href=”http://DarkReading.com” rel=”nofollow”>DarkReading.com</a>. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise … View Full Bio

From attacks on CEOs to “mom phishing,” social engineering attacks are getting more targeted and sophisticated. KnowBe4’s CEO Stu Sjouwerman explains how online security awareness training and phishing exercises can help educate and train employees to protect corporate data.

More Insights

Read the whole story
· · · · · · ·

6:29 PM 10/6/2017 – Trump News Review 

1 Share
Trump Investigations Report | Latest Posts Trump Investigations Report from mikenova (5 sites) Trump Investigations Report: 3:22 PM 10/6/2017 Trump News Review Trump Investigations Report | Latest Posts Trump Investigations Report from mikenova (5 sites) Trump Investigations Report: 7:06 PM 10/5/2017 Russia-Trump campaign collusion an open issue: US Senate panel chiefs Reuters Saved Stories 1. Trump Russia-Trump campaign collusion … Continue reading “6:29 PM 10/6/2017 – Trump News Review”

Those Russian political ads on Facebook? Yep, they ran on Instagram, too – USA TODAY

1 Share

USA TODAY
Those Russian political ads on Facebook? Yep, they ran on Instagram, too
USA TODAY
They also are looking into possible collusion between the Trump campaign and Russian officials. The U.S. intelligence community, in a report released in January, concluded that Russia was trying to sway the election in favor of Trump and against 
Russiagate Is More Fiction Than FactThe Nation.

all 214 news articles »

Russia co-opted ‘black lives matter’ messaging on social media – Mashable

1 Share

Mashable
Russia co-opted ‘black lives matter’ messaging on social media
Mashable
The ‘Blacktivist’ accounts have now been suspended, and Facebook delivered information about them to U.S. investigators and lawmakers as part of the government investigation on Russianmeddling in the 2016 election. Facebook’s documents included …
Exclusive: Russian-linked group sold merchandise onlineCNNMoney
Here’s what fake Russian Facebook posts during the election looked likePhilly.com

all 9 news articles »

The Russian Gangster Who Loved Trump’s Taj Mahal

1 Share
vyacheslav-ivankov

Vyacheslav Ivankov

Remember Vyacheslav Ivankov, the Russian gangster?

He was perhaps the most feared of the Vory v Zakone, a member of the “thieves-in-law,” the highest criminal echelon in Russia.”Yaponchik” (Little Japanese), as he was known, came to New York in March 1992 to organize the Russian Mob.

Despite Ivankov’s flagrant, multinational criminal activities, during his first years in America, the FBI had a hard time even locating him.

They eventually found him in Trump Tower. A copy of Ivankov’s personal phone book, which was obtained by author Robert I. Friedman, included a working number for the Trump Organization’s Trump Tower Residence, and a Trump Organization office fax machine.

Ivankov vanished again and then turned up at the Taj Mahal in Atlantic City, the Trump-owned casino that Trump liked to call the “eighth wonder of the world.”

I’ve come across some FBI documents that add a bit more to this story:

Screen Shot 2017-10-05 at 9.39.19 AMAnd this: Screen Shot 2017-10-05 at 9.40.55 AM

The Taj Mahal had become the Russian mob’s favorite East Coast destination. As with other high rollers, scores of Russian hoodlums received “comps” for up to $100,000 a visit for free food, rooms, champagne, cartons of cigarettes, entertainment, and transportation in stretch limos and helicopters.

The Taj Mahal was just treating Ivankov as a good customer, right?

Filed under: Donald TrumpRussian mafia Tagged: Taj MahalVyacheslav Ivankov       

Read the whole story
· · · ·

Donald Trump humiliates himself during meeting with military Generals 

1 Share
Donald Trump humiliates himself during meeting with military Generals

Donald Trump humiliates himself during meeting with military Generals

Trump can’t even get his distractions right

Trump News Review
Donald Trump: Cher Taunts Donald Trump Who ‘Doesnt Have 2 Brain Cells To Rub Together’
trump psychological profile – Google News: TMZ’s Harvey Levin might have the most important new show on Fox News – Washington Post
Do mass shootings increase trump election chances? – Google News: Week in review: 58 killed in Las Vegas shooting, music world mourns Tom Petty – Bloomington Pantagraph
Do mass shootings increase trump election chances? – Google News: Week in review: 58 killed in Las Vegas shooting, music world mourns Tom Petty – Mason City Globe Gazette
Trump – Google News: Trump Is the Star of These Bizarre Victorian Novels – Politico
Donald Trump: Tom Gauld’s Deceptively Simple Comics Hold A Mirror To Human Hypocrisies
donald trump russia – Google News: This week in Donald Trump’s conflicts of interest: Javanka’s private email scandal – Salon
Elections 2016 Investigation – Google News: The investigation must continue: Senate owes it to Americans to complete probe of Russian election interference – The Keene Sentinel
Donald Trump – Google News: Calling foul on Donald Trump – Salon

 

Trump News Review
Russian Intelligence services and organized crime – Google News: Russian Hackers Pilfered Data from NSA Contractor’s Home Computer: Report – Dark Reading
Sat, 07 Oct 2017 08:12:54 -0400

Russian Hackers Pilfered Data from NSA Contractor’s Home Computer: Report
Dark Reading
Turns out the National Security Agency (NSA) may have suffered yet another data breach: in 2015, Russian state hackers stole classified cyberattack and defense tools and information off of the home computer of an NSA contractor, according to a Wall and more »

Russian Intelligence services and organized crime – Google News

Donald Trump: Cher Taunts Donald Trump Who ‘Doesnt Have 2 Brain Cells To Rub Together’
Sat, 07 Oct 2017 08:03:41 -0400
“Sometimes we need wisdom from older people, unless they are the president of the United States.”

Donald Trump

trump psychological profile – Google News: TMZ’s Harvey Levin might have the most important new show on Fox News – Washington Post
Sat, 07 Oct 2017 08:02:19 -0400


Washington Post
TMZ’s Harvey Levin might have the most important new show on Fox News
Washington Post
Fox News is rolling out a lot of new programming these days. Laura Ingraham, Shannon Bream, Harris Faulkner and Dana Perino recently landed solo weekday shows. Fox & Friends First will add a second hour, beginning Monday. But the most important … 

trump psychological profile – Google News

Do mass shootings increase trump election chances? – Google News: Week in review: 58 killed in Las Vegas shooting, music world mourns Tom Petty – Bloomington Pantagraph
Sat, 07 Oct 2017 07:09:26 -0400


Bloomington Pantagraph
Week in review: 58 killed in Las Vegas shooting, music world mourns Tom Petty
Bloomington Pantagraph
Manuela Barela passes crosses set up to honor those killed during the mass shooting Friday, Oct. 6, 2017, in Las Vegas. … The governor of Puerto Rico said late Tuesday that the official death toll has been increased to 34 from 16. +7 …. President and more »

Do mass shootings increase trump election chances? – Google News

Do mass shootings increase trump election chances? – Google News: Week in review: 58 killed in Las Vegas shooting, music world mourns Tom Petty – Mason City Globe Gazette
Sat, 07 Oct 2017 07:07:38 -0400


Mason City Globe Gazette
Week in review: 58 killed in Las Vegas shooting, music world mourns Tom Petty
Mason City Globe Gazette
Manuela Barela passes crosses set up to honor those killed during the mass shooting Friday, Oct. 6, 2017, in Las Vegas. … The governor of Puerto Rico said late Tuesday that the official death toll has been increased to 34 from 16. +7 …. President and more »

Do mass shootings increase trump election chances? – Google News

Trump – Google News: Trump Is the Star of These Bizarre Victorian Novels – Politico
Sat, 07 Oct 2017 07:04:06 -0400


Politico
Trump Is the Star of These Bizarre Victorian Novels
Politico
The first thing to know about Baron Trump is that he can’t stop talking about his brain. While meeting with the Russian government, he talks about his glorious gray matter. As foreign women fall for him, he mentions his superior intelligence beforeand more »

Trump – Google News

Donald Trump: Tom Gauld’s Deceptively Simple Comics Hold A Mirror To Human Hypocrisies
Sat, 07 Oct 2017 07:01:14 -0400
Politics, classic literature  nothing is safe.

Donald Trump

donald trump russia – Google News: This week in Donald Trump’s conflicts of interest: Javanka’s private email scandal – Salon
Sat, 07 Oct 2017 06:34:23 -0400


Salon
This week in Donald Trump’s conflicts of interest: Javanka’s private email scandal
Salon
This week has seen the thickening of proverbial plots involving Trump administration officials and Trump businesses alike. Let’s dive in! Two previously unreported contacts between Russians and Trump’s attorneys and business associates have been …and more »

donald trump russia – Google News

Elections 2016 Investigation – Google News: The investigation must continue: Senate owes it to Americans to complete probe of Russian election interference – The Keene Sentinel
Sat, 07 Oct 2017 06:08:09 -0400


Gears Of Biz
The investigation must continue: Senate owes it to Americans to complete probe of Russian electioninterference
The Keene Sentinel
Nevertheless, Burr and Warner’s investigation remains the most serious effort besides that of special counsel Robert Mueller 3rd to get to the bottom of just what happened during the 2016 election. Their news conference is an encouraging sign that the …
Senate Intelligence Committee Gives Update On Russian Interference InvestigationNPR
Russian election meddling probe will show media ran untrue stories head of US investigationGears Of Bizall 13 news articles »

Elections 2016 Investigation – Google News

Donald Trump – Google News: Calling foul on Donald Trump – Salon
Sat, 07 Oct 2017 06:01:35 -0400


Salon
Calling foul on Donald Trump
Salon
A post-surgical convalescence has held me captive to the 24/7 news cycle more than usual so I’ve been far too immersed than is healthy in the concurrent sagas of Donald Trump versus the National Football League and the United States Commonwealth of … 

Donald Trump – Google News

 

Share this article

Share this article
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •