Security News

The Washington Post is reporting that the US Customs and Border Protection agency is seizing and copying cell phone, tablet, and computer data from "As many as" 10,000 phones per year, including an unspecified number of American citizens. This is done without a warrant, because "Courts have long granted an exception to border authorities, allowing them to search people's devices without a warrant or suspicion of a crime."

The Biden-nominated chief of space operations for the USA's Space Force rates China his greatest challenge, as the Middle Kingdom has developed technologies to destroy space assets. "The most immediate threat, in my opinion, is the pace with which our strategic challengers - first and foremost the Chinese - are aggressively pursuing capabilities that can disrupt, degrade and ultimately even destroy our satellite capabilities and disrupt our ground infrastructure," Space Force Lieutenant General B. Chance Saltzman said during a nomination hearing before the Senate Armed Services Committee earlier this week.

The Office of Management and Budget has issued a memo requiring US federal government agencies to use software that has been built according to secure software development practices and whose developers follow practices for software supply chain security, as specified by the National Institute of Standards and Technology. "Agencies are required to obtain a self-attestation from the software producer before using the software," the memo says, and "If the software producer cannot attest to one or more practices from the NIST Guidance identified in the standard self-attestation form, the requesting agency shall require the software producer to identify those practices to which they cannot attest, document practices they have in place to mitigate those risks, and require a Plan of Action & Milestones to be developed."

The Treasury Department's Office of Foreign Assets Control announced sanctions today against ten individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps for their involvement in ransomware attacks. Throughout the last two years, these threat actors have been linked to ransomware incidents where they compromised networks belonging to organizations in the United States and worldwide.

The U.S. Treasury Department announced sanctions today against Iran's Ministry of Intelligence and Security and its Minister of Intelligence for their role in the July cyberattack against the government of Albania, a U.S. ally and a NATO member state. MOIS is the Iranian government's leading intelligence agency, tasked with coordinating intelligence and counterintelligence efforts, as well as covert actions supporting the Islamic regime's goals beyond the country's borders.

The US Commerce Department's Bureau of Industry and Security has relaxed restrictions that barred export of some encryption technologies to Huawei, in the name of ensuring the United States is in a better position to negotiate global standards. A Thursday announcement [PDF] explains the decision was taken because American businesses have told the Biden administration they're confused about whether they need to seek a license before bringing some tech to standards talks.

Mandiant is "Highly confident" that foreign cyberspies will target US election infrastructure, organizations, and individuals in the run-up to the November midterm elections. "We have tracked activity from groups associated with Russia, China, Iran, North Korea, and other nations targeting organizations and individuals related to elections in the US and/or other nations with apparent goals ranging from information collection and establishing footholds or stealing data for later activity to one known case of a destructive attack against critical election infrastructure," the Mandiant team said in research published today.

With the help of blockchain analysts and FBI agents, the U.S. government seized $30 million worth of cryptocurrency stolen by the North Korean threat group 'Lazarus' from the token-based 'play-to-earn' game Axie Infinity earlier in the year. "Chainalysis Crypto Incident Response team played a role in these seizures, utilizing advanced tracing techniques to follow stolen funds to cash out points and liaising with law enforcement and industry players to quickly freeze funds," the company reports.

The Vice Society threat group is ramping up ransomware attacks on US school districts just as students around the country return to the classroom, the FBI and other federal agencies are warning. The FBI, Cybersecurity and Infrastructure Agency, and Multi-State Information Sharing and Analysis Center said in a joint advisory this week that the Vice Society, which first appeared in the summer of 2021, recently began to disproportionately target the US education sector with ransomware attacks and they expect such attacks to increase as the school year rolls on.

China has accused the United States of a savage cyber-attack on a university famed for conducting aerospace research and linked to China's military. The National Computer Virus Emergency Response Centre made its accusation on September 5th, claiming that the Office of Tailored Access Operation at the USA's National Security Agency has unleashed over 10,000 attacks in China, some using zero-day exploits, and lifted 140GB of "High value data".