Skip to main content

Teecht. Assistant Attorney Full General For National Safety Privy C. Demers Delivers Remarks At Fedscoop’S Fifth Annual Fireeye Regime Forum On Cyber Threat Intelligence


Good afternoon, together with give thank y'all you for inviting me hither to portion a few words on the importance of collaboration inwards confronting the national safety cyber threat.

Protecting the field from national safety threats is the mission of the National Security Division.  Although NSD was created inwards response to the September 11th terrorist attacks, its mission goes good beyond terrorism.  In the past times years it has come upward increasingly to include a focus on cyber every bit component of the threat posed past times for sure unusual nations.  And every bit nosotros make with honor to terrorism, NSD drives collaboration with prosecutors, police enforcement officials, tidings attorneys together with the Intelligence Community to ensure that nosotros approach the national safety cyber threat using every tool together with resources available to the federal government.

Some of y'all inwards this room come upward from the private sector — companies both large together with small.  Companies that consult together with render advice, together with companies that industry products.  Others come upward from federal, province together with local governments — or from other countries.  Your go may endure diverse, but y'all all appreciate 1 thing.  You know that at that spot are countries inwards this globe that desire what nosotros have.  They desire our sensitive information, our technology, our intellectual property.  And they desire to destroy whatever competitive payoff nosotros enjoy.  Around the globe at that spot are people who wake upward every forenoon thinking close how they’re going to destroy it.  And they larn to bed at night, much also often, thinking close a labor good done.   One affair they’re non spending much fourth dimension thinking close is our laws together with international cyber norms.

You don’t take away maintain to endure a defense forcefulness contractor to endure worried close this.  Recently, nosotros prosecuted cases involving the thefts of grains of rice together with kernels of corn.  No 1 is immune.  If you’re inwards business, if you’re inwards government, if you’re inwards medicine or academic research, y'all take away maintain something of value to someone else.  And to larn it, unusual countries volition utilisation all means, including estimator intrusions.

You are non going to halt these countries on your own.  No private companionship or establishment has the resources of a determined field state.  Nor is whatever 1 component of the federal authorities going to halt these adversaries on its own.  We’ll only succeed inwards defending the nation’s firepower together with the fruits of its encephalon mightiness if we’re partnered together.

In recent years, NSD has furthered the government’s efforts to deter together with disrupt malicious national safety cyber threats past times charging hackers acting on behalf of China, Russia, Islamic Republic of Iran together with Islamic State of Republic of Iraq together with al-Sham (ISIS).  But non every cyber disruption needs to endure a prosecution.  In fact, precisely in conclusion week, the Department announced it obtained a courtroom lodge to disrupt a global botnet known every bit the “VPNfilter” that had infected hundreds of thousands of domicile together with purpose routers controlled past times the Sofacy Group, a well-known malicious cyber-hacking organization.  The botnet provided the Sofacy Group mightiness to undertake all mode of malicious cyber activity, from unlawful surveillance to theft of valuable information to disruptive attacks.  The Department could non take away maintain begun to neutralize this threat alone.  We worked closely with the private sector, including private safety researchers, together with other authorities partners, such every bit the Department of Homeland Security.  If nosotros proceed to go together, nosotros volition make much, much more.

Let me render 2 other illustrations of the skillful that tin privy go on when the private sector together with the authorities go together.

Let’s accept the instance of Yahoo.  Yahoo was the victim of a breach inwards 2013, only to observe iii years afterward that it had been plain of study to a second, massive breach inwards 2014.  When this information came to light, Yahoo notified the authorities together with provided valuable assistance to the FBI, fully cooperating at every phase of the investigation.

As a termination of this effective collaboration, Yahoo together with the FBI determined that hackers, working both for fiscal gain together with on behalf of Russian tidings officers, had stolen information from at to the lowest degree 500 1000000 Yahoo accounts, together with used that stolen information to obtain access to the contents of accounts hosted past times Yahoo, Google together with other providers.  Russian journalists, U.S. together with Russian authorities officials, together with private-sector employees of financial, shipping together with other companies had all been targeted.

Thanks to the unopen cooperation of Yahoo, Google together with others, DOJ prosecutors together with the FBI were able to position together with expose the hackers without farther compromising the privacy of the trace of piece of work concern human relationship holders.  Three of the defendants were Russian nationals residing inwards Russian Federation — 2 Federal Security Service or “FSB” agents together with a known Russian hacker, an FBI “Most Wanted Cyber Criminal,” Alexsey Belan.

The quaternary accused was a 22-year-old hacker named Karim Baratov, who resided inwards Canada.  Following the U.S. indictment, Canada captured together with arrested Baratov.  He was brought to the U.S. together with pleaded guilty to viii criminal counts, including conspiracy to commit estimator fraud together with abuse together with aggravated identity theft.  Earlier this week, he was sentenced to 5 years inwards jail.

The minute instance demonstrates that cooperating with the government, together with benefiting from its noesis together with tools, tin privy assist a companionship that has been hacked, consider things for what they actually are.

Influenza A virus subtype H5N1 few years ago, a Midwestern consumer goods companionship was the victim of what appeared to endure a “run of the mill” intrusion.  An intruder had obtained unauthorized access to their client database together with had obtained personally identifiable information for their customers.  The company’s information technology personnel worked diligently to eject the hacker from their network, but he kept coming back.  Eventually, the hacker threatened to expose the company’s client information unless he was paid a ransom.

Around that time, the companionship connected with the FBI.

The FBI determined that Ardit Ferizi, a Kosovo citizen studying estimator scientific discipline inwards Malaysia, was 1 of the hackers who had gained unauthorized access to the victim company’s PII. 

Although the hacker had a fiscal motive inwards demanding a ransom from the company, the client PII Ferizi stole was non destined for the dark market; that information was of involvement because, with the tens of thousands of client names together with electronic mail accounts he stole, at that spot were to a greater extent than than a M electronic mail addresses that ended inwards “.gov” or “.mil.”

Ultimately, Ferizi used that information to make a listing of PII for precisely about 1,300 U.S. authorities civilian employees together with U.S. military machine personnel.

He provided this information to a Syrian-based ISIS fellow member named Junaid Hussain.

Influenza A virus subtype H5N1 few months earlier, Hussain, acting inwards the advert of the Islamic State Hacking Division, had posted a “kill list” that purported to include the names together with addresses of 100 members of the U.S. military.  Ferizi wanted to assist him create together with disseminate a minute kill list.

And inwards fact, shortly after he received the information from Ferizi, Hussain used Twitter to give away the PII of all 1,300 U.S. authorities together with military machine customers of the company.  In his tweet, he threatened “the Crusaders” who were conducting a “bombing movement against the Muslims.”

The Department of Justice charged Ferizi with violations of the Computer Fraud together with Abuse Act, together with with conspiring to render cloth back upward to ISIS.  We were successful inwards obtaining his extradition from Malaysia to the United States, together with he ultimately pleadded guilty.

In September 2016, Ferizi was sentenced to xx years inwards prison.  He was also ordered to pay $50,000 inwards restitution to the company.

Even though the prosecution of Ferizi was public, the advert of the companionship was never revealed.  

We are oftentimes asked why nosotros would convey a instance against unusual nationals located exterior the U.S.  Well for one, every bit the Yahoo together with Ferizi cases prove, nosotros may good larn 1 or to a greater extent than of them.  The U.S. authorities has extradition agreements with to a greater extent than than 100 countries, together with thus it is non plenty for these defendants to forego a view to Disney World.  For the balance of their lives they volition endure unable to move to to a greater extent than than one-half the countries inwards the globe without fearfulness of arrest together with extradition to the U.S.

Second, the investigation together with charges tin privy assist other parts of the Government inwards bringing their authorities to bear.  For instance, Treasury’s Office of Foreign Assets Control tin privy designate the charged individuals or entities nether an Executive Order that authorizes blocking the belongings of persons engaging inwards pregnant malicious cyber-enabled activities — ensuring that the perpetrators volition endure financially isolated from the world.  When nosotros brought charges against the founders together with employees of the Iranian Mabna Institute that hacked to a greater extent than than 300 American together with unusual universities, together with authorities agencies together with institutions about the world, Treasury also designated the Institute together with 10 Iranian individuals.

Third, charges enhance awareness, both by together with large together with specifically, to this threat.  In some cases at that spot may endure additional victims that don’t know they’ve been hacked.  To assist the private sector position malicious activity together with improve protect itself, the FBI together with DHS volition oftentimes free technical details to the public. FBI did that precisely in conclusion week, when it released a Public Service Announcement close VPNFilter, advising y'all to reboot your router together with including signatures of the botnet’s malware, together with thus network defenders tin privy position its presence inwards their network.

And finally, nosotros pursue these cases to strip these hackers of anonymity together with telephone holler upward them out.  This prevents field province actors from hiding behind ritualized denials together with feigned ignorance.  The recent indictment of Mabna Institute members together with the prior indictment of the Chinese People’s Liberation Army are cases inwards point.

So that’s what’s inwards it for the country.  What’s inwards it for you?  What are the benefits of working with police enforcement — before, during together with after a estimator intrusion or attack?

    We tin privy assist y'all sympathise what happened when your organisation has a cyber-incident.

    We tin privy portion context together with information close related incidents or malware.

    We tin privy ensure proper investigation together with preservation of evidence for eventual. prosecution.

    We tin privy assist y'all inwards dealing with regulators.

At the cease of the day, the Government precisely has many to a greater extent than tools at its disposal to bargain with the work of national safety cyber intrusions.  Tools that, working together, nosotros tin privy utilisation to response to intrusions together with deter hereafter ones.  Although nosotros volition ever consider criminal charges, pursuing prosecution may non endure the best response inwards all cases.  Accordingly, NSD attorneys go with their interagency partners to create upward one's take away heed whether our investigative information may endure used to back upward sanctions, merchandise pressure, technical alerts, diplomatic options or other responses instead of, or inwards add-on to, prosecution.  All of these tools tin privy impose existent costs on malicious activity, depriving hackers together with their sponsors of the make goodness of their crimes together with deterring hereafter misbehavior.

Let me unopen on this note.  Everyone inwards this audience understands that nosotros are inwards this together, together with nosotros take away maintain an obligation to assist 1 another.  The organisation that reports a cyber intrusion doesn’t precisely assist itself, it also helps other targeted companies that may non fifty-fifty know they’ve been victims of a hack, together with it helps the country.  It helps other organizations past times raising their awareness together with sparking a banking enterprise check on their component for like compromises.  It also enables the authorities to go to disrupt together with deter intrusions of those other organizations. And it helps the Blue Planet past times allowing the Government to slice together together with response to the intentions together with actions of antagonistic nations to improve defend our nation’s economical together with military machine security.

It is the National Security Division’s labor to disrupt together with deter national safety cyber threats.  We volition proceed to go with other agencies to utilisation all elements of national mightiness to run into this ever-changing together with growing challenge.  And to adequately protect our shared national cyber safety against persistent attack, nosotros volition demand your assist every bit well.

I await frontward to working with you.
Labels:

Comments

Post a Comment

Popular posts from this blog

Learning Ally Well Update Includes Background Well Support

Learning Ally , a provider of good books for the blind too dyslexic , lately updated their iOS app. The complimentary apps allows Learning Ally members to heed to their good books spell on the go. The novel update brings a valuable  new characteristic to the app. Now, the app allows users to heed to their good books spell using other apps at the same time, a characteristic unremarkably called background audio. The update provides a to a greater extent than consistent sense for users who attain got come upwards to await background good back upwards inward all apps. With the update users tin post away heed to an good mass spell looking upwards data on the internet, reading a complaint page, or fifty-fifty responding to an occasional text message. Along amongst background good back upwards comes the mightiness to command playback using command centre or a headphones amongst a remote. The update is available for complimentary too is compatible amongst iPhone , iPad, too iPod Touch . T
Post a Comment
Read more

Reveiw: Celluon Epic Light Amplification By Stimulated Emission Of Radiation Keyboard

The Celluon Epic is a Bluetooth Light Amplification by Stimulated Emission of Radiation keyboard. The compact device projects a QWERTY keyboard onto almost apartment surfaces. (Glass tabletops beingness the exception) You tin flame connect the Epic to vertically whatever device that supports Bluetooth keyboards including devices running iOS , Android , Windows Phone, as well as Blackberry 10. On the dorsum of the device in that place is a charging port as well as pairing button. Once you lot pick out the Epic paired alongside your device it acts the same equally whatever other keyboard. For whatever keyboard the almost of import consideration is the typing sense that it provides. The virtual keyboard brightness is adjustable as well as is slow to come across inward almost lighting conditions. Unfortunately the brightness does non automatically accommodate based on ambient light. With each keystroke a beeping audio is played which tin flame endure turned down. The typing sense
Post a Comment
Read more

Learning Ally Adds Text To Pick Out Audiobooks

Learning Ally is an well mass library for people amongst impress disabilities. The well books amongst intergrated text download in addition to opparate simply similar whatsoever other Learning Ally audiobook. If y'all prefer to simply head to the mass in addition to non read along y'all tin plough over notice create so. The mass is read aloud amongst human narration in addition to each paragraph is highlighted every bit it is beingness read. The text in addition to highlighting assistance users follow the words as the text is beingness read which tin plough over notice assistance amongst comprehension. Some people might find it easier to follow the text if it highlighted give-and-take by-word or line- by-line instead of  paragraph-by-paragraph, but including text is a non bad novel feature. The app on the iPhone , iPad , in addition to iPod Touch all the same does non permit for background download or reading which way that when y'all unopen the app the audiobook v
Post a Comment
Read more