Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

7/20/2018
10:40 AM
Scott Ferguson
Scott Ferguson
News Analysis-Security Now
50%
50%

DOJ Will Now Alert US Public to Foreign Interference, Attacks

This week, the Justice Department released a new report on cyber attacks targeting US companies and institutions, and officials now plan to issue alerts to the American public.

In the wake of indictments earlier this month that charged a dozen Russian nationals with trying to interfere with the US election process, the Justice Department is now planning to alert the American public and institutions to cyber threats from outside the country.

At the Aspen Security Forum on July 19, Deputy Attorney General Rod Rosenstein announced the updated policy while unveiling a report commissioned by the DOJ on the threats that cyber attacks pose to US citizens and institutions.

The report was developed by the DOJ's Cyber-Digital Task Force.

In the report, officials describe six different types of cyber attacks that represent the greatest threats to the US. These include:

  • Direct threats to computer systems and networks, including Distributed Denial of Service Attacks (DDoS) and ransomware
  • Data theft, including stealing personal identification and intellectual property
  • Cyber-enabled fraud schemes
  • Threats to personal privacy, including blackmail and harassment
  • Attacks on critical infrastructure, such as nuclear power plants and the nation's electrical grid
  • Finally, what the task force refers to as "malign foreign influence operations"

"Elections provide an attractive opportunity for foreign influence campaigns to undermine our political processes," Rosenstein said on Thursday. "According to the intelligence community assessment, foreign interference in the 2016 election 'demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations.'"

The report and Rosenstein's remarks follow a week of announcements surrounding what appears to be Russia's desire to interfere in and influence the 2016 presidential election.

On July 13, the DOJ announced the indictment of 12 Russian nationals, charging them with hacking into the Hillary Clinton campaign, as well as the Democratic National Committee, and stealing information that was later made public. (See 12 Russian Nationals Indicted in 2016 Hacking of DNC, Clinton Campaign.)

The topic of Russian interference and hacking was part of the talks between President Donald Trump and Vladimir Putin in Finland. When Trump was first asked whether Russian interfered, he appeared to say it was unlikely that it happened. He then appeared to agree with assessments from US intelligence agencies that Russian spies did play a part.


Boost your understanding of new cybersecurity approaches at Light Reading's Automating Seamless Security event on October 17 in Chicago! Service providers and enterprise receive FREE passes. All others can save 20% off passes using the code LR20 today!

Finally, the DOJ arrested and indicted a woman who is accused of working for Russian intelligence and trying to influence groups such as the National Rifle Association.

With this as the backdrop, the DOJ now plans to better notify individual citizens, US institutions, as well as enterprises, if a foreign government is targeting them as part of a cyber attack. The Justice Department is also considering whether to implement new statutes to help prosecute the people behind the attacks.

"The policy reflects an effort to articulate neutral principles so that when the issue the government confronted in 2016 arises again -- as it surely will -- there will be a framework to address it," Rosenstein said.

Related posts:

— Scott Ferguson is the managing editor of Light Reading and the editor of Security Now. Follow him on Twitter @sferguson_LR.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Exactly
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7734
PUBLISHED: 2020-09-22
All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column.
CVE-2020-6564
PUBLISHED: 2020-09-21
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
CVE-2020-6565
PUBLISHED: 2020-09-21
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6566
PUBLISHED: 2020-09-21
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6567
PUBLISHED: 2020-09-21
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.