The strongest evidence yet that UAE is trying to meddle in U.S. politics

Comment

Welcome to Cybersecurity 202! I found myself in Baltimore on Saturday for the Notre Dame-Navy football game, which turned into a thriller after initially feeling like a blowout. A first highlight: this, uh, I don’t know what to call it – a hug?

Below: The FBI explored the use of NSO Group spyware and cryptocurrency exchange FTX is investigating a potential hack. First:

US Spy Report Recalls Abu Dhabi Cyber ​​Registration

US intelligence officials have concluded that the UAE has meddled in the US political system, including hacking into US computers, my colleague John Hudson revealed over the weekend.

Three people who read a classified report and spoke on condition of anonymity to discuss classified information “said that the activities attributed to the UAE in the report go far beyond mere influence peddling,” writes John.

“One of the most brazen exploits involved the hiring of three former US intelligence and military officials to help the UAE monitor dissidents, politicians, journalists and American businesses. In public legal documents , US prosecutors said the men helped the UAE break into computers in the US and other countries,” he wrote.

The report amounted to a ‘unique’ intelligence review of a ‘friendly power’, said Bruce Ridela senior researcher at the Brookings Institution who once served on the National Intelligence Council, which compiled the report and generally writes such adversary reports.

But it is also a reminder that the UAE has sought to become a force in cyberspace and has made questionable use of cyber weaponsincluding by diverting former US officials into surveillance activities against the United States itself.

Here is a reaction on Twitter from Ruth Ben Ghiatprofessor of history at New York University:

Three former officials accused of providing hacking aid to the UAE – Marc Baier, Ryan Adams and Daniel Gericke – have admitted the charges. They were part of a clandestine United Arab Emirates program called Project Raven, who ReutersChris Bing and Joel Schectman first reported in 2019.

Under Project Raven, former US government hackers helped foreign intelligence services monitor journalists, human rights activists, rival governments and dissidents. This included targeting Americans.

And the pipeline continues. Last month, my colleagues Craig Whitlock and Nate Jones reported that over the past seven years nearly 300 retired military personnel have applied for federal permission to work for the United Arab Emirates.

  • This includes cybersecurity advisors. While the CIA’s counterintelligence chief last year warned retired operatives not to sell their skills to foreign powers, US troops with experience in cyber warfare have encountered no such limitations.

The UAE has been repeatedly linked to the use of spyware known as Pegasus, a product of the NSO group.

There is evidence that the UAE was involved in the targeting of Hanan Elatrwife of murdered Washington Post reporter jamal khashoggimy colleague Dana Priest reported last year.

While she was being interrogated in Dubai, someone broke into her confiscated phone and connected it to a website set up by NSO for a client in the United Arab Emirates, according to forensic analysis.

“NSO Group conducted a review which determined that Pegasus was not being used to eavesdrop, monitor, track or collect information about Ms. Elatr,” NSO’s attorney said. Thomas Clare said. “The Post’s continued efforts to falsely link the NSO Group to the heinous murder of Mr. Khashoggi are baffling.”

A “Pegasus operator” linked to the United Arab Emirates has also been linked to the infection of the British Prime Minister’s office, according to a report published in April by the Citizen Lab at the University of Toronto.

The UAE had denied some allegations about its cyber activities in the past and on other occasions declined to comment.

The UAE has cultivated cybersecurity research and development and hosted security conferences as part of its aspirations to become a hub for these technologies, Agnès Helou reported for breaking defense Last week.

“We must consider the UAE’s approach to cyber technology as exceptional in the Arab world, as the UAE understood early on the importance of resilience in the cyber domain, not only from a defensive point of view, but potentially also from an offensive point of view,” said Andreas KriegLecturer at King’s College London and CEO of MENA Analytica, a strategic risk consultancy focused on the Middle East.

  • “While most Arab states have taken tactical or operational approaches to the cyber domain, the UAE has taken a comprehensive comprehensive approach to strengthening its national cyber domain in one of the most connected economies in the world,” according to Krieg.

The UAE’s reported attempt to influence the American system puts it in the company not only of American adversaries like Russia, but also of more friendly nations like Israel or Taiwan, as Hudson mentioned in his article.

The FBI explored the use of NSO spyware for investigations before abandoning the plan

FBI officials have been working on plans to brief FBI leadership on NSO Group tools and have developed guidelines on how federal prosecutors should disclose spyware use in criminal proceedings, the New York Timesreport by Mark Mazzetti and Ronen Bergman.

According to a court filing, the FBI decided to “cease all efforts regarding the potential use of the NSO product” on July 22, 2021. A few days earlier, on July 18, The Post and 16 media partners began publishing stories about how NSO clients were using Pegasus spyware to target human rights activists, journalists and executives. The US government blacklisted NSO last November.

The FBI is under pressure from the senator. Ron Wyden (D-Ore.), who told the New York Times that “it is totally unacceptable for the FBI Director to provide misleading testimony about the bureau’s acquisition of powerful hacking tools and then wait months to tell the whole story to Congress and the American people. .” Wyden said the FBI “also owes the Americans a clear explanation as to whether future operational use of NSO tools is still on the table.”

The FBI denied that the director Christopher A. Wray provided inaccurate information, with a spokeswoman telling the New York Times that “the director’s testimony was accurate when given and remains true today – there was no operational use of the NSO product to support an FBI investigation.

FTX investigates potential hack after filing for bankruptcy

About $477 million appeared to disappear from the bankrupt cryptocurrency exchange in “apparently unauthorized transactions” after it filed for bankruptcy, report Lauren Kaori Gurley, Steven Zeitchik and Joseph Menn. The head of security at cryptocurrency exchange Kraken said a verified account on its platform was used in the hack, leading to speculation from outside security experts that an insider was behind the hack or that a victim had their credentials stolen.

FTX did not respond to The Post’s request for comment, but FTX’s general counsel Ryne Miller tweeted a statement on behalf of the company’s new chief executive, John J. Ray III, that executives “continue to make every effort to secure all assets, wherever located,” and that the company has been “in contact and coordinating with relevant law enforcement and regulators.

Six prominent Holocaust deniers have lost key elections

Voters in six battleground states where donald trump attempted to reverse its 2020 election defeat, rejected election-unwilling candidates who sought to control their states’ electoral systems, report Amy Gardner, Reis Thebault and Robert Klemko. The defeats represent a “resounding signal that Americans have grown weary of the former president’s baseless allegations of widespread fraud,” my colleagues write.

“Election administrators and suffrage advocates said the rebuke of deniers seeking state-level office was a refreshing course correction from American voters, whose choice of candidates more seasoned and less extreme reflected a desire for stability and a belief that national elections were largely secure,” they write.

Had the candidates won, they could have refused to sign election results they didn’t like, The Cybersecurity 202 previously reported. insider cybersecurity threats.

Australia plans to ban ransom payments to cybercriminals (Reuters)

White House cyber official calls for a more agile NATO to deal with digital threats (CyberScoop)

Ukraine claims Russian hacktivists are using ‘Somnia’ (Bleeping Computer) ransomware

The hunt for FTX thieves has begun (WIRED)

Russian software disguised as American finds its way into US military, CDC apps (Reuters)

Crypto.com sent $400 million to wrong recipient but got it back this time (The Verge)

  • representing John Katko (RN.Y.) and officials from the Cybersecurity and Infrastructure Security Agency, Environmental Protection Agency, Energy Department and FBI speak at WaterISAC’s H2OSecCon security conference Tuesday through Thursday.
  • DHS Secretary Alexander Mayorkasdirector of the FBI Christopher A. Wray and Director of the National Counterterrorism Center Christine Abizaid testify at a House Homeland Security Committee hearing on global threats Tuesday at 9:30 a.m.
  • Top U.S. cybersecurity officials speak at the Aspen Institute’s annual Aspen Cyber ​​Summit on Wednesday.
  • The Senate Judiciary Committee is holding a hearing on the Department of Homeland Security’s oversight Wednesday at 10 a.m.
  • The Senate Homeland Security Committee holds its hearing on global threats Thursday at 10:15 a.m.
  • Google Cloud Information Security Manager Phil Venables and Founder and Chief Scientist of Elliptic Tom Robinson speak at a Washington Post Live event Thursday at 10:30 a.m.
  • representing Jim Himes (D-Conn.) Discusses spyware at a Center for a New American Security event Thursday at noon.

Thanks for reading. Until tomorrow.

Leave a Comment