The U.S. will impose new economic sanctions on two-dozen Russian individuals and entities for cyberattacks in the U.S. and meddling in the 2016 election, senior national security officials said Thursday. The Treasury Department will target five entities and 19 individuals from Russia for actions ranging from the “destabilizing efforts” in the 2016 presidential election to the “NotPetya” malware attack, the costliest and most disruptive in history.
Last year was another banner year for cyber hackers and bad actors. A recent report found that the number of data breaches reached 1,202 in 2017—a 50 percent increase since 2015. Breaches on both public- and private-sector networks resulted in millions of Americans having their personal and financial data compromised.
The Securing Energy Infrastructure Act, cosponsored by Sens. Angus King, I-Maine, and Jim Risch, R-Idaho, advanced out of the Senate Committee on Energy and Natural Resources on a voice vote.
"I am absolutely convinced that, differently from the great battles of the past, which opened with a barrage of artillery or aerial bombardment, the next war will begin with a massive cyber attack to destroy military capacity... and paralyse basic infrastructure such as the electric networks."
On Tuesday, network security researchers FireEye put out a report revealing a new hacker group called Reaper or APT37. Calling them “the overlooked North Korean actor,” the report says “the group’s operations are expanding in scope and sophistication, with a toolset that includes access to zero-day vulnerabilities and wiper malware.”
The report, titled "The Malicious Use of Artificial Intelligence," cautioned against various security threats posed by the misuse of AI.
"We're vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea — no one in the U.S. cybersecurity services believed the North Koreans could actually do that," Bremmer described, naming the ransomware virus that crippled more than 200,000 computer systems across 150 countries in May of 2017.
The Energy Department (DOE) is creating a new office to "bolster" its cybersecurity and energy security efforts. The new Office of Cybersecurity, Energy Security and Emergency Response, announced Wednesday, would support the department's "expanded" national security responsibilities. The White House budget released Monday proposes $96 million for funding.
Russian cyberspies pursuing the secrets of military drones and other sensitive U.S. defense technology tricked key contract workers into exposing their email to theft, an Associated Press investigation has found. What ultimately may have been stolen is uncertain, but the hackers clearly exploited a national vulnerability in cybersecurity: poorly protected email and barely any direct notification to victims.
The hackers known as Fancy Bear, who also intruded in the U.S. election, went after at least 87 people working on militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities, the AP found. Employees at both small companies and defense giants like Lockheed Martin Corp., Raytheon Co., Boeing Co., Airbus Group and General Atomics were targeted by the hackers.